开发者

how to monitor/sniff local DNS lookups to the windows local DNS? (on XP, Vista, Win7)

开发者 https://www.devze.com 2023-01-11 16:30 出处:网络
Is there a way in .NET (for a WPF application running on XP, Vista, or Windows 7) to monitor/sniff DNS lookups that the application is making to local DNS?

Is there a way in .NET (for a WPF application running on XP, Vista, or Windows 7) to monitor/sniff DNS lookups that the application is making to local DNS?

For example, is there a log file for a windows local DNS cache somewhere?

(Background - parsing network packets doesn't seem to work as a DNS l开发者_如何学编程ookup may not have to be issued outside of the PC if it is already cached in the Windows DNS)


FWIW, checking tcpview+perfmon /res, it appears that dnscache listens on 'localhost' (for both ipv4 and ipv6 on my win7) on UDP port 5355, and since netmon can capture localhost traffic (most sniffers can't AFAIK), you should be able to use the NMAPI (look at Microsoft Network Monitor 3\api\NetmonAPI.cs after you install it) to monitor that traffic.

  • NetMon: http://www.microsoft.com/downloads/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en

VRTA and NMExperts (IIRC) site on top of the managed interface if you want places to look for existing consumers for sample code:

  • VRTA: http://www.microsoft.com/downloads/details.aspx?FamilyID=119f3477-dced-41e3-a0e7-d8b5cae893a3&displaylang=en
  • NMExperts: http://nmexperts.codeplex.com/
0

精彩评论

暂无评论...
验证码 换一张
取 消