To enhance DNS Server, we need to analyze logs we collected. On my case, there are lots of non-existent DNS queries based on my monitoring
Further checking on the logs, using this CLI command, it was found that some of these domains were non-existent domain and still queried by many endpoint clients
grep "query" /var/named/log/query-errors.2 | cut -d ' ' -f 8 | sort | uniq -c | sort -nr | head
Those domains can be handled using sinkhole DNS imlementation in BIND
No comments:
Post a Comment