Domain Name System (DNS) Request Logging allows IT personnel (e.g., administrator) to locate a workstation or server, which is accessing malicious URL's or displaying Botnet (zombie) commands and control activity. These logs are captured and reported by our SecureSurf® network-level filtering feature.
DNS Request Logging is applicable for the following Windows Servers:
2003, 2003 R2, 2008, 2008 R2, 2012, & 2012 R2
Procedure:
1. Open the Domain Name System Microsoft Management Console (DNS MMC) snap-in by going to Start, Programs, Administrative Tools, and then DNS Manager.
2. From the DNS Server, right-click the server and select the Properties submenu.
3. The Properties pop-window will appear on your screen.
4. Select the Debug Logging tab and the Log packets debugging check box, respectively.
5. Ensure that the Incoming, UDP, Queries/Transfers, and Request check boxes are selected. (NOTE: To ensure that the server's drive does not exceed capacity, it is recommended that the file be placed on a drive with enough space with a max file size between 500MB and 1GB.)
6. Click the OK button.
Key Words: CTN & Critical Threat Notification
Article ID: 669, Created: October 17, 2011 at 9:52 AM, Modified: August 20 at 1:15 PM