HPE Community
Operating System - HP-UX
1823121 Members
3387 Online
109646 Solutions
New Discussion юеВ

is there any command like 'snoop' in solaris to check the dns requests in HP-UX.

 
SOLVED
Go to solution
VINU
Frequent Advisor

тАО04-29-2004 01:54 AM

тАО04-29-2004 01:54 AM

is there any command like 'snoop' in solaris to check the dns requests in HP-UX.

hello friends,

is there any command like 'snoop' in solaris to check the dns requests in HP-UX.

regds
vinu
0 Kudos
Reply
7 REPLIES 7
Robert-Jan Goossens
Honored Contributor

тАО04-29-2004 01:59 AM

тАО04-29-2004 01:59 AM

Re: is there any command like 'snoop' in solaris to check the dns requests in HP-UX.

Hi Vinu,

Try ethereal.

http://hpux.connect.org.uk/hppd/hpux/Gtk/Applications/ethereal-0.9.15/

Regards,
Robert-Jan
0 Kudos
Reply
Jeff Schussele
Honored Contributor

тАО04-29-2004 02:25 AM

тАО04-29-2004 02:25 AM

Re: is there any command like 'snoop' in solaris to check the dns requests in HP-UX.

Hi Vinu,

Not sure I understand your question fully, but if all you're looking for is packet sniffer software. etherreal is a fine product but it's a 3rd party product.
HP-UX has a built in command called nettl
man nettl for details. Not real difficult to use but can produce a *large* amount of output in a short time period.

Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Nicolas Dumeige
Esteemed Contributor

тАО04-29-2004 03:06 AM

тАО04-29-2004 03:06 AM

Re: is there any command like 'snoop' in solaris to check the dns requests in HP-UX.

Vinu,

You might also consider tcpdump.
It comes with a lot a frontend and interpretation tools.

Cheers

Nicolas
All different, all Unix
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО04-29-2004 03:11 AM

тАО04-29-2004 03:11 AM

Re: is there any command like 'snoop' in solaris to check the dns requests in HP-UX.

If all you are looking for are the DNS requests coming into your server, you can signal named to start logging it's activities. The signal is SIGUSR1 (SIGUSR2 to turn off logging). SIGUSR1 will increment the details of DNS logging each time you send it:

kill -SIGUSR1 $(cat /var/run/named.pid)

If you have a very busy nameserver (named is consuming a lot of time), then the logfile /var/tmp/named.run will grow vary rapidly. Usually only a few seconds are needed to find boxes that are slamming your nameserver. Often you'll find commercial backup programs will generate thousands of queries, once for every file). The fix is easy: change the boxes that are running the backup software to look at /etc/hosts first and put the common machine names in that file. Then change /eetc/nsswitch.conf to look at files, then dns and both your DNS server and the backup programs will be much happier.


Bill Hassell, sysadmin
0 Kudos
Reply
Sanjay_6
Honored Contributor

тАО04-29-2004 03:23 AM

тАО04-29-2004 03:23 AM

Re: is there any command like 'snoop' in solaris to check the dns requests in HP-UX.

Hi,

Try nettl,

http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B2355-90681/B2355-90681_top.html&con=/hpux/onlinedocs/B2355-90681/00/02/217-con.html&toc=/hpux/onlinedocs/B2355-90681/00/02/217-toc.html&searchterms=nettl&queryid=20040429-092211

Hope this helps.

Regds
0 Kudos
Reply
rick jones
Honored Contributor

тАО04-30-2004 05:15 AM

тАО04-30-2004 05:15 AM

Solution

Re: is there any command like 'snoop' in solaris to check the dns requests in HP-UX.

as mentioned, nettl is the network tracing tool installed by default on HP-UX.

other tools include ethereal and tcpdump - tcpdump is available from www.tcpdump.org, or you can install it from the "HP Internet Express" software from software.hp.com.

further, if you know the PID of the process issuing DNS requests, you could get some idea of what it was doing by running tusc (ftp.cup.hp.com:/dist/networking/tools/) in verbose mode and looking at the system calls. that will also show you if it is say reading /etc/hosts or perhaps even if it is trying NIS or whatnot.
there is no rest for the wicked yet the virtuous have no pillows
Reply
VINU
Frequent Advisor

тАО04-30-2004 05:17 AM

тАО04-30-2004 05:17 AM

Re: is there any command like 'snoop' in solaris to check the dns requests in HP-UX.

thanks for ur inputs
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.