Note: This project is currently in maintainance mode. No new updates are currently planned except to fix bugs.
AnalyzerThe DNS Analyzer is a tool to analyze DNS traffic from tcpdump/libpcap trace files. The purpose of the DNS Analyzer is to analyze DNS trace files from the DNS root servers to find traffic that is unnecessary.
The DNS Analyzer can also be used to convert trace files into R data files. R can be used to perform fine-grained statistical analysis of the data. Some sample R functions are provided in the R/dns.R file that can be found in the source distribution.
The manual page describes how the DNS Analyzer is used.
In the future the DNS Analyzer should be able to detect suspicious or unnecessary traffic in real-time. This information can then be used to interface with a DNS server to handle this traffic specially.
The current DNS Analyzer is version 0.3.0. The software has been compiled and run on Linux, FreeBSD, and Solaris 8. An ISO C++ compiler (such as GCC 3.2 or higher) and the libpcap library is required to build the software.
Please mail if you would like to comment on this software.