Pr0grammer
02-23-2011, 08:43 PM
DNS Flood Detector 1.10
Usage: ./dns_flood_detector [OPTION]
-i IFNAME specify interface to listen on
-t N alarm at >N queries per second
-a N reset alarm after N seconds
-w N calculate stats every N seconds
-x N create N buckets
-m N mark total stats every N seconds
-b run in foreground in bindsnap mode
-d run in background in daemon mode
-v verbose output - use again for more verbosity
-h display this usage information
Sample Output:
dopacki:~$ sudo ./dns_flood_detector -v -v -b -t10
[15:14:56] source [192.168.1.45] - 0 qps tcp : 24 qps udp [8 qps A] [16 qps PTR]
[15:14:56] source [10.0.24.2] - 0 qps tcp : 15 qps udp [15 qps A]
[15:15:06] source [192.168.1.45] - 0 qps tcp : 24 qps udp [8 qps A] [16 qps PTR]
[15:15:06] source [10.0.24.2] - 0 qps tcp : 15 qps udp [14 qps A]
[15:15:16] source [192.168.1.45] - 0 qps tcp : 23 qps udp [7 qps A] [15 qps PTR]
Usage: ./dns_flood_detector [OPTION]
-i IFNAME specify interface to listen on
-t N alarm at >N queries per second
-a N reset alarm after N seconds
-w N calculate stats every N seconds
-x N create N buckets
-m N mark total stats every N seconds
-b run in foreground in bindsnap mode
-d run in background in daemon mode
-v verbose output - use again for more verbosity
-h display this usage information
Sample Output:
dopacki:~$ sudo ./dns_flood_detector -v -v -b -t10
[15:14:56] source [192.168.1.45] - 0 qps tcp : 24 qps udp [8 qps A] [16 qps PTR]
[15:14:56] source [10.0.24.2] - 0 qps tcp : 15 qps udp [15 qps A]
[15:15:06] source [192.168.1.45] - 0 qps tcp : 24 qps udp [8 qps A] [16 qps PTR]
[15:15:06] source [10.0.24.2] - 0 qps tcp : 15 qps udp [14 qps A]
[15:15:16] source [192.168.1.45] - 0 qps tcp : 23 qps udp [7 qps A] [15 qps PTR]