Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Logging the content of DNS queries to the external network

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Logging and Reporting >> Logging the content of DNS queries to the external network Page: [1]
Login
Message << Older Topic   Newer Topic >>
Logging the content of DNS queries to the external network - 21.Jun.2007 8:21:13 AM   
Smig

 

Posts: 19
Joined: 11.Jun.2007
Status: offline 		Is there a way of monitoring the content of each DNS query performed by my internal DNS servers to the external forwarders?
 
I've checked each column on ISA's life log but couln't find that information anywhere. I need to know what lookups are they doing exactly.
Post #: 1
RE: Logging the content of DNS queries to the external ... - 22.Jun.2007 5:27:05 AM   
ITEngineer

 

Posts: 256
Joined: 3.Feb.2006
Status: offline 		what do you want to log ? websites accessed by users ?

(in reply to Smig)
Post #: 2
RE: Logging the content of DNS queries to the external ... - 22.Jun.2007 6:04:03 AM   
Smig

 

Posts: 19
Joined: 11.Jun.2007
Status: offline 		No, I want to log the queries done by my internal DNS servers to the forwarders outside. I can monitor those queries but I can't access the query content itself.

(in reply to ITEngineer)
Post #: 3
RE: Logging the content of DNS queries to the external ... - 22.Jun.2007 7:40:01 AM   
ITEngineer

 

Posts: 256
Joined: 3.Feb.2006
Status: offline 		create a new log filter and set it to log the DNS Protocol connections from your DNS Server to External

(in reply to Smig)
Post #: 4
RE: Logging the content of DNS queries to the external ... - 22.Jun.2007 8:05:12 AM   
Smig

 

Posts: 19
Joined: 11.Jun.2007
Status: offline 		My point is that the logging feature of ISA doesn't give me the content of the DNS queries. The question is if I can know what was queried by our servers, I've added all relevant collumns to the ISA log filter results pane and I couldn't find that information.
 
I'll give you an example:
 
I want to know if the query is for the www "A" record of the google.com domain or for hotmail.com's MX record.
 
Is this possible?

(in reply to ITEngineer)
Post #: 5
RE: Logging the content of DNS queries to the external ... - 22.Jun.2007 12:53:00 PM   
spouseele

 

Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline 		Hi Smig,

that level of logging is not possible!

What are you trying to accomplish with that much info?

HTH,
Stefaan

< Message edited by spouseele -- 22.Jun.2007 12:55:19 PM >

(in reply to Smig)
Post #: 6

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Logging and Reporting >> Logging the content of DNS queries to the external network Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts