![]() ![]() ![]() If you are using Active Directory, there are two ways that you can view the source IP address and query contents: DNS Server Debug LogsĭNS Query Sniffer is a tool that prints DNS query/response information in a spreadsheet-style view, and allows easy exporting of the data. If the device is not known to you, you can block the MAC address or LAN IP address from sending DNS queries until the user makes themselves known to you. If the device is known to you, you can inspect the machine to find out which application is causing the issue. ![]() Identifying this endpoint and taking action is important for security, quality control, and billing accuracy purposes.īy locating the source IP address of the endpoint, you can match this IP to the Hostname and MAC address in your DHCP server. Sometimes an infected, frozen, or otherwise problematic endpoint is sending massive amounts of DNS queries, or continually sending DNS queries to malicious destinations. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |