Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

DNS Capture in GUI.

[ Edited ]
Techie
Posts: 8
6351     0

I'm trying to do a packet capture to prove that DNS lookup requests are not making it to my DNS server when a certain setting is enabled. So I am doing two captures, one with the setting enabled and one with it disabled.

 

None of my captures appear to capture my DNS queries as my workstation IP does not show in the packet captures.

 

I have been trying to do these captures via the GUI. I know that there is a way to do it via CLI, but the GUI seemed like it would accomodate my needs.

 

So I guess I need to know:

 

Is it possible to capture this type of DNS query in the packet capture?

Is there anything specific I need to setup in order to do it (any kind of settings on the DNS servers, etc...)?

Should a typical capture via the GUI on the DNS server in question capture this by default?

 

Thanks.

Re: DNS Capture in GUI.

Adviser
Posts: 63
6351     0

Make you to select ALL interfaces when doing a capture.  Depending on the configuration, the query could come in the HA interface, or LAN2 or LAN2...  or even MGMT.

Re: DNS Capture in GUI.

Authority
Posts: 8
6351     0

Hi,

Are you selecting the correct grid member?

As already stated, select all the interfaces and use the filter in wireshark to specify the result.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You