dns-flood-detector

detect abusive usage levels on high traffic nameservers

Install

All systems
curl cmd.cat/dns-flood-detector.sh
Debian Debian
apt-get install dns-flood-detector
Ubuntu
apt-get install dns-flood-detector
image/svg+xml Kali Linux
apt-get install dns-flood-detector
Windows (WSL2)
sudo apt-get update sudo apt-get install dns-flood-detector
Raspbian
apt-get install dns-flood-detector

dns-flood-detector

detect abusive usage levels on high traffic nameservers

This package provides the dns-flood-detector daemon. It was developed to detect abusive usage levels on high traffic nameservers and to enable quick response in halting the use of one's nameserver to facilitate spam. It uses libpcap (in non-promiscuous mode) to monitor incoming dns queries to a nameserver. The tool may be run in one of two modes, either daemon mode or "bindsnap" mode. In daemon mode, the tool will alarm via syslog. In bindsnap mode, the user is able to get near-real-time stats on usage to aid in more detailed troubleshooting.