Q. How do I turn on DNS server logging so that I can see all the queries on my CentOS 4.0 server?
A. You can use rndc command which controls the operation of a name server. It supersedes the ndc utility that was provided in old BIND releases. If rndc is invoked with no command line options or arguments, it prints a short summary of the supported commands and the available options and their arguments.
rndc communicates with the name server over a TCP connection, sending commands authenticated with digital signatures. In the current versions of rndc and named named the only supported authentication algorithm is HMAC-MD5, which uses a shared secret on each end of the connection. This provides TSIG-style authentication for the command request and the name server\u2019s response. All commands sent over the channel must be signed by a key_id known to the server.
Task: Turn on logging
Type the following command as root to toggle query logging:
# rndc querylog
Task: View bind sever query log
Once this is done, you can view all logged queries usimg /var/log/messages file. To view those queries, type:
# tail -f /var/log/messages
Task: Turn off logging
Type the following command as root to toggle query logging:
# rndc querylog
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- Linux: 20 Iptables Examples For New SysAdmins
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
Facebook it - Tweet it - Print it -
{ 1 comment… read it below or add one }
Perfect! Thanks!