Ubuntu – How to monitor/check outgoing DNS lookup connections

dnsinternet connection

When using the various CLI network monitors like LSOF, Netstat, ifTop. I'd like to see what applications are doing DNS lookups (using port 53 over UDP). How do I configure so that these connections are shown in the Terminal? I'd like to see what IP Address is being connected to and what applications are requesting the DNS lookup.

I'm interested in any way to learn this information.

Best Answer

You must turn on bind / named logging:

$ sudo apt-get install bind9utils
$ rndc querylog

Then, you can see the log the service in the system log:

$ tail -f /var/log/messages

Once finished, you can turn off logging again:

$ rndc querylog

Related Solutions

Ubuntu – Very slow DNS lookup

The problem seems to be that there is a faulty DNS server in the file /etc/resolvconf/resolv.conf.d/head.

Edit the head file and delete the line that says nameserver 10.63.240.10 and you should have solved your problem.

Run sudo nano /etc/resolvconf/resolv.conf.d/head from the Terminal to edit the file and make sure that the only content of the file is:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

Hope this solves your problem.

Best Answer

Related Solutions

Ubuntu – Very slow DNS lookup

Related Question