Domain Name System (DNS) Request Logging allows IT personnel (e.g., administrator) to locate a workstation or server, which is accessing malicious URL's or displaying Botnet (zombie) commands and control activity. These logs are captured and reported by our SecureSurf® network-level filtering feature.
DNS Request Logging is applicable for:
- Windows Server 2003
- Windows Server 2003 R2
- Windows Server 2008
- Windows Server 2008 R2
- Windows Server 2012
- Windows Server 2012 R2
Procedure:
1. Open the Domain Name System Microsoft Management Console (DNS MMC) snap-in by going to Start, Programs, Administrative Tools, and then DNS Manager.
2. From the DNS Server, right-click the server and select the Properties submenu.
3. The Properties pop-window will appear on your screen.
4. Select the Debug Logging tab and the Log packets debugging check box, respectively.
5. Ensure that the Incoming, UDP, Queries/Transfers, and Request check boxes are selected.
NOTE: To ensure that the server's drive does not exceed capacity, it is recommended that the file be
placed on a drive with enough space with a max file size between 500MB and 1GB.
6. Click the OK button.
Key Words:
CTN
Critical Threat Notification
Article ID: 669, Created: October 17, 2011 at 9:52 AM, Modified: Yesterday at 2:52 PM