Without a DNS server #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

bortzmeyer wants to merge 1 commit into NorthwaveSecurity:main from bortzmeyer:tcpdump

Open

README.md

-Original file line number
+Diff line change
@@ Expand Up @@
     log4jdnsreq 3600 IN  NS log4jchecker.northwave.nl.
     ```
+    [Note that installing a server is not stricly necessary, see "Without a DNS server".]
     We now set up a BIND DNS server on a Debian system using `apt install bind9` and add the following to the `/etc/bind/named.conf.options` file:
     ```
@@ Expand All / @@ -59,6 +61,16 @@ logging { @@
     ```
     Don't forget to restart BIND using `systemctl restart bind9`. Check if the logging works by performing a DNS query for `xyz.log4jdnsreq.northwave.nl`. One or more queries should show up in `/var/log/named/query.log`.
+    ### Without a DNS server
+    You can also do without a DNS server. Just run `tcpdump` on the machine where the domain name is delegated. An example on the machine of IP address `2001:db8::beef`:
+    ```
+    tcpdump -n dst host 2001:db8::beef and dst port 53
+    ```
+    `tcpdump` will display the DNS requests received.
     ## Running the script
     Install any Python dependencies using `pip install -r requirements.txt`. Edit the script to change the following line to the DNS zone you configured:
@@ Expand Down @@

Provide feedback