Difference between revisions of "Denied DNS Requests"
From James Dooley's Wiki
| (3 intermediate revisions by the same user not shown) | |||
| Line 2: | Line 2: | ||
==Overview== | ==Overview== | ||
Find denied queries against DNS, good for finding sites that are no longer hosted or do not have valid DNS records. | Find denied queries against DNS, good for finding sites that are no longer hosted or do not have valid DNS records. | ||
| + | |||
| + | ==Get top denied domains== | ||
| + | <syntaxhighlight lang='bash'> | ||
| + | cat /var/log/messages | grep named | grep denied | cut -d "'" -f2 | cut -d "/" -f1 | sort | uniq -ci | sort -nr | head | ||
| + | </syntaxhighlight> | ||
==Get all denied domains== | ==Get all denied domains== | ||
| − | < | + | <source lang='bash'> |
cat /var/log/messages | grep named | grep denied | cut -d "'" -f2 | cut -d "/" -f1 | sort | uniq -ci | sort -nr > /root/denied_dns.txt | cat /var/log/messages | grep named | grep denied | cut -d "'" -f2 | cut -d "/" -f1 | sort | uniq -ci | sort -nr > /root/denied_dns.txt | ||
| − | </ | + | </source> |
| + | |||
| + | ==Create dummy zone for a single domain== | ||
| + | <source lang='bash'> | ||
| + | /scripts/add_dns --domain $domain --ip 127.0.0.1 | ||
| + | </source> | ||
| − | ==Create dummy zone for top 10 domains== | + | ==Create dummy zone for the top 10 domains== |
This will create a zone file using cPanels add_dns script and point it to 127.0.0.1 for the top 10 domains. | This will create a zone file using cPanels add_dns script and point it to 127.0.0.1 for the top 10 domains. | ||
| − | < | + | <source lang='bash'> |
cp -r /var/named /var/named.bak | cp -r /var/named /var/named.bak | ||
for domain in $(head /root/denied_dns.txt | awk '{print $2}' | sed 's/www\.//'); do echo "Adding $domain"; /scripts/add_dns --domain $domain --ip 127.0.0.1; done | for domain in $(head /root/denied_dns.txt | awk '{print $2}' | sed 's/www\.//'); do echo "Adding $domain"; /scripts/add_dns --domain $domain --ip 127.0.0.1; done | ||
| − | </ | + | </source> |
Latest revision as of 13:06, 6 June 2017
Contents
Overview
Find denied queries against DNS, good for finding sites that are no longer hosted or do not have valid DNS records.
Get top denied domains
cat /var/log/messages | grep named | grep denied | cut -d "'" -f2 | cut -d "/" -f1 | sort | uniq -ci | sort -nr | head
Get all denied domains
cat /var/log/messages | grep named | grep denied | cut -d "'" -f2 | cut -d "/" -f1 | sort | uniq -ci | sort -nr > /root/denied_dns.txt
Create dummy zone for a single domain
/scripts/add_dns --domain $domain --ip 127.0.0.1
Create dummy zone for the top 10 domains
This will create a zone file using cPanels add_dns script and point it to 127.0.0.1 for the top 10 domains.
cp -r /var/named /var/named.bak
for domain in $(head /root/denied_dns.txt | awk '{print $2}' | sed 's/www\.//'); do echo "Adding $domain"; /scripts/add_dns --domain $domain --ip 127.0.0.1; done
