- dotTech - http://dottech.org -

[Windows] DNSQuerySniffer allows you to monitor outgoing connection information

Posted By Briley Kenney On June 13, 2013 @ 10:48 AM In Windows | No Comments

DNSQuerySniffer UI [1]Security will always be a relevant issue, because no matter what people are doing they want to be safe, for the most part anyway (we’re not discussing thrill seekers here). Internet security is a whole different topic altogether. There are many ways to remain secure on the internet, but one of the age old methods involves monitoring your incoming and outgoing traffic. One particularly useful way to do that is to keep an eye on DNS and IP connections that are communicating with your system. DNSQuerySniffer is a free application for Windows, that allows you to track any DNS queries that have been sent from your home system to remote servers (aka outbound connections).

What is it and what does it do

Main Functionality

DNSQuerySniffer is a portable application that will allow you to monitor any DNS queries being sent by your system to outside sources. In layman’s terms, that means you can see the connected IP addressed for websites/servers your computer is connected to. There are many reasons why this would be useful, from both a security aspect and a maintenance aspect. Network administrators can use the tool to keep an eye out for DNS propagation, which basically occurs when a website transfers between two servers. In another case, it can be used by web administrators to monitor visited websites.

DNSQuerySniffer view menu [2]Pros

  • Very simple UI and easy to read
  • Expansive list of details on outgoing DNS connections
  • Hotkeys for most frequented functions
  • The application is portable and can be run from external drives
  • Extremely light on system resources (2,000KB of RAM)

Cons

  • Requires admin access for Windows 7 and higher

Discussion

DNSQuerySniffer Choose Adapter [3]DNSQuerySniffer is a portable application which means it comes packaged as a compressed zip archive. In order to access the application, the archive needs to be unzipped with a tool like WinZip, WinRar or 7zip. After the file has been unzipped, you can run the application straight from the install folder by clicking on the executable. It can be run from any directory within Windows, and it can even be installed and run from an external drive or USB thumb drive.

When you first startup the application you’ll be asked to choose the default network adapter. Just choose whichever adapter it is you use to connect to the internet. Also, in Windows 7 and higher the application must be run with administrator access otherwise it will not be able to collect the proper data.

The interface for the application is pretty simple, and all of the queried stats are cleanly displayed and easy to read. That’s important, especially when you need to monitor a pretty extensive list of DNS queries.

The application with display DNS results in realtime. As soon as a site has been visited, the related information will appear within the list box. The displayed information includes the following:

  • Host Name
  • Port Number
  • Query ID
  • Request Type (A, AAAA, NS, MX, and so on)
  • Request Time
  • Response Time
  • Duration
  • Response Code
  • Number of Records
  • Returned DNS Records (content)

Each DNS entry will also have a corresponding icon depending on the response code, and it shifts between the colors green and yellow.

DNSQuerySniffer options menu [4]There are hotkeys for using the app which call upon many of the settings quickly. For example, pressing F5 or F6 will stop and resume DNS monitoring respectively. You can also option the options window at any time by pressing F9. The resulting DNS query list can be cleared entirely by pressing the Ctrl+x keys.

If you want to save any of the DNS results, the entire list can be exported to CSV, XML or HTML files. In addition, you can also save individual entries in the list to the clipboard, which is useful if you don’t want to export the entire log. The copied clipboard content can then be pasted into numerous applications like Excel or Word. Obviously, spreadsheet software like Excel is pretty useful for tracking related information.

DNSQuerySniffer is remarkably light on resources as it only uses about 2,000KB of RAM while running.

Conclusion and download link

DNSQuerySniffer about [5]For those times where you would like to keep track of any outgoing connections, DNSQuerySniffer is great for that. Best of all, it’s a portable application and it works on all versions of Windows including 32 and 64 bit systems (there are separate versions). There are a whole bevy of hotkeys for the app, which offer quick access to commonly used settings like starting and stopping DNS query captures. Furthermore, the capture log can be exported through several file types like CSV or XML, and you can even copy individual entries to the clipboard. If you’re a network admin and you need a tool like this, check it out. Heck, even if you aren’t a network admin and if you just want to monitor outgoing DNS at home it’s great for that too.

Price: Free

Version reviewed: 1.05

Supported OS: Windows (XP, Vista, Seven, Eight, 32 and 64 bit)

Download size: 67.5KB (zipped), 132KB (unzipped)

VirusTotal malware scan results: 0/47 [6]

Is it portable? Yes

DNSQuerySniffer homepage [7]


Article printed from dotTech: http://dottech.org

URL to article: http://dottech.org/112273/windows-review-dnsquerysniffer/

URLs in this post:

[1] Image: http://dottech.org/wp-content/uploads/2013/06/DNSQuerySniffer-UI.png

[2] Image: http://dottech.org/wp-content/uploads/2013/06/DNSQuerySniffer-view-menu.jpg

[3] Image: http://dottech.org/wp-content/uploads/2013/06/DNSQuerySniffer-Choose-Adapter.png

[4] Image: http://dottech.org/wp-content/uploads/2013/06/DNSQuerySniffer-options-menu.jpg

[5] Image: http://dottech.org/wp-content/uploads/2013/06/DNSQuerySniffer-about.png

[6] 0/47: https://www.virustotal.com/en/file/36556a404a3c36db7d689ff8b0590030a2c362b48410ce032bdf2fe11a5e6f5f/analysis/

[7] DNSQuerySniffer homepage: http://www.nirsoft.net/utils/dns_query_sniffer.html

© 2008-2012 dotTech.org | All content is the property of its rightful owner.