slackbuilds/network/dnsflood
Menno E. Duursma 99d411267f network/dnsflood: Updated for version 1.12 2010-05-13 00:36:12 +02:00
..
README network/dnsflood: Added to 12.1 repository 2010-05-11 22:54:43 +02:00
dns_flood_detector.1 network/dnsflood: Added to 12.1 repository 2010-05-11 22:54:43 +02:00
dnsflood.SlackBuild network/dnsflood: Updated for version 1.12 2010-05-13 00:36:12 +02:00
dnsflood.info network/dnsflood: Updated for version 1.12 2010-05-13 00:36:12 +02:00
doinst.sh network/dnsflood: Updated for version 1.12 2010-05-13 00:36:12 +02:00
rc.dnsflood network/dnsflood: Added to 12.1 repository 2010-05-11 22:54:43 +02:00
slack-desc network/dnsflood: Added to 12.1 repository 2010-05-11 22:54:43 +02:00

README

DNS Flood Detector was developed to detect abusive usage levels on high traffic 
nameservers and to enable quick response in halting the use of one's nameserver 
to facilitate spam.

DNS Flood Detector uses libpcap (in non-promiscuous mode) to monitor incoming
dns queries to a nameserver. The tool may be run in one of two modes, either
daemon mode or "bindsnap" mode. In daemon mode, the tool will alarm via syslog.
In bindsnap mode, the user is able to get near-real-time stats on usage to aid
in more detailed troubleshooting.

A /etc/rc.d/rc.dnsflood daemon control script is aditionally included.