May 26, 2018

Network sniffer that logs DNS replies for use in passive DNS setups

A tool to collect DNS records passively to aid Incident handling, Network Security Monitoring NSM and general digital forensics.

PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate DNS answers in-memory, limiting the amount of data in the logfile without losing the essense in the DNS answer.

WWW https//