When you install a name server on the box where Squid is and
change /etc/resolv.conf you can see all queries of Squid
(provided that no other software runs on the box).
-Marcus
Thomas Raef wrote:
>> Hello,
>> I wonder is there a way to log all DNS requests that go out of our
> network
>> with Squid.
>> Since I noticed that we had a Trojan Horse on our Company Network.
>> And well it didnt send it self the data out.
>> It did send DNS Querys to there DNS Server..
>> And a Firewall doesnt detect that.
>> Is there a way to Log the DNS Querys with Squid so I can Monitor that
>> myself?
>>
>
> [Tom replied with:]
>
> Squid doesn't ever see DNS queries from your network.
>
> Answer is no.
>
> Thomas J. Raef
> e-Based Security, LLC
> www.ebasedsecurity.com
> 1-866-838-6108
> "You're either hardened, or you're hacked!"
>
>
Received on Thu Nov 01 2007 - 05:19:43 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:01 MST