Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.



DNS Capture in GUI.

[ Edited ]
Posts: 8
6648     0

I'm trying to do a packet capture to prove that DNS lookup requests are not making it to my DNS server when a certain setting is enabled. So I am doing two captures, one with the setting enabled and one with it disabled.


None of my captures appear to capture my DNS queries as my workstation IP does not show in the packet captures.


I have been trying to do these captures via the GUI. I know that there is a way to do it via CLI, but the GUI seemed like it would accomodate my needs.


So I guess I need to know:


Is it possible to capture this type of DNS query in the packet capture?

Is there anything specific I need to setup in order to do it (any kind of settings on the DNS servers, etc...)?

Should a typical capture via the GUI on the DNS server in question capture this by default?



Re: DNS Capture in GUI.

Posts: 63
6648     0

Make you to select ALL interfaces when doing a capture.  Depending on the configuration, the query could come in the HA interface, or LAN2 or LAN2...  or even MGMT.

Re: DNS Capture in GUI.

Posts: 8
6649     0


Are you selecting the correct grid member?

As already stated, select all the interfaces and use the filter in wireshark to specify the result.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You