Difference between revisions of "Denied DNS Requests"
From James Dooley's Wiki
(→Get all denied domains) |
|||
| Line 2: | Line 2: | ||
==Overview== | ==Overview== | ||
Find denied queries against DNS, good for finding sites that are no longer hosted or do not have valid DNS records. | Find denied queries against DNS, good for finding sites that are no longer hosted or do not have valid DNS records. | ||
| + | |||
| + | ==Get top denied domains== | ||
| + | <code>[bash,n] | ||
| + | cat /var/log/messages | grep named | grep denied | cut -d "'" -f2 | cut -d "/" -f1 | sort | uniq -ci | sort -nr | head | ||
| + | </code> | ||
==Get all denied domains== | ==Get all denied domains== | ||
Revision as of 21:05, 22 February 2012
Contents
Overview
Find denied queries against DNS, good for finding sites that are no longer hosted or do not have valid DNS records.
Get top denied domains
[bash,n]
cat /var/log/messages | grep named | grep denied | cut -d "'" -f2 | cut -d "/" -f1 | sort | uniq -ci | sort -nr | head
Get all denied domains
[bash,n]
cat /var/log/messages | grep named | grep denied | cut -d "'" -f2 | cut -d "/" -f1 | sort | uniq -ci | sort -nr > /root/denied_dns.txt
Create dummy zone for top 10 domains
This will create a zone file using cPanels add_dns script and point it to 127.0.0.1 for the top 10 domains.
[bash,n]
cp -r /var/named /var/named.bak
for domain in $(head /root/denied_dns.txt | awk '{print $2}' | sed 's/www\.//'); do echo "Adding $domain"; /scripts/add_dns --domain $domain --ip 127.0.0.1; done
