Vous êtes sur la page 1sur 1

Ver as requises que esto retornando com falha:

snoop -r port 53 | egrep 'Server Fail'

Pegar o IP ofensor e ver quais as requisies dele:

snoop -r port 53 | grep 191.190.220.10

Verificar se outros IPs esto requisitando o mesmo endereo:

snoop -r port 53 | grep dragonlogistic888.com

Bloquear o MAC.

cat /tmp/log_dns | awk -F- '{print $1}' | sort -n | uniq -c | sort -rn | head -n 10
| grep -v 179.232.0.31

cat /tmp/log_dns | awk -F- '{print $1}' | sort -n | uniq -c | sort -rn | head -n 10