Bug#950796: ITP: passivedns -- network sniffer that logs all DNS server replies

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#950796: ITP: passivedns -- network sniffer that logs all DNS server replies
From: Axel Beckert <abe@debian.org>
Date: Thu, 06 Feb 2020 18:01:10 +0100
Message-id: <[🔎] 87sgjnabvt.fsf@c6.deuxchevaux.org>
Reply-to: Axel Beckert <abe@debian.org>, 950796@bugs.debian.org

Package: wnpp
Owner: Axel Beckert <abe@debian.org>
Severity: wishlist

* Package name    : passivedns
  Version         : 1.2.1
  Upstream Author : Edward Bjarte Fjellskål <edward.fjellskaal@gmail.com>
* URL             : https://github.com/gamelinux/passivedns
* License         : GPL-2+
  Programming Lang: C
  Description     : network sniffer that logs all DNS server replies for use in a passive DNS setup

A tool to collect DNS records passively to aid Incident handling, Network
Security Monitoring (NSM) and general digital forensics.

PassiveDNS sniffs traffic from an interface or reads a pcap-file and outputs
the DNS-server answers to a log file. PassiveDNS can cache/aggregate duplicate
DNS answers in-memory, limiting the amount of data in the logfile without
losing the essense in the DNS answer.

PassiveDNS works on IPv4 and IPv6 traffic and parse DNS traffic over TCP and
UDP.

---------------------------------------------------------------------------

I will maintain the package together with Sascha Steinbiss
(X-Debbugs-CC'ed).

Reply to:

Prev by Date: Re: Heads up: persistent journal has been enabled in systemd
Next by Date: Re: Heads up: persistent journal has been enabled in systemd
Previous by thread: Re: Kernel parameters protecting fifos and regular files
Next by thread: Bug#950797: ITP: ruby-jaro-winkler -- Implementation of Jaro-Winkler distance algorithm
Index(es):
- Date
- Thread