When you install a name server on the box where Squid is and
change /etc/resolv.conf you can see all queries of Squid
(provided that no other software runs on the box).
-Marcus
Thomas Raef wrote:
Hello,
I wonder is there a way to log all DNS requests that go out of our
network
with Squid.
Since I noticed that we had a Trojan Horse on our Company Network.
And well it didnt send it self the data out.
It did send DNS Querys to there DNS Server..
And a Firewall doesnt detect that.
Is there a way to Log the DNS Querys with Squid so I can Monitor that
myself?
[Tom replied with:]
Squid doesn't ever see DNS queries from your network.
Answer is no.
Thomas J. Raef
e-Based Security, LLC
www.ebasedsecurity.com
1-866-838-6108
"You're either hardened, or you're hacked!"
