The captured event ID is 3008, which contains the information about every DNS query handled by the DNS Client service of Windows. For every DNS query processed, the following information will be displayed: Host Name, Query Type (A, AAAA, and so on), Query Status (Error or succeeded), Query Result, Query Timestamp, ID, and name of the process that requested the DNS lookup.ĭNSLookupView works by utilizing the Windows event tracing with the 'Microsoft-Windows-DNS-Client' provider ( 1C95126E-7EEA-49A9-A3FE-A378B03DDB4D ).
The UI will be familiar if you have used this author's other products. This utility will be helpful for those that need to track down a potential attack or see if there is an issue with the DNS configuration causing connectivity issues on sites you are attempting to visit. DNSLookupView permits you to monitor the details of all DNS queries sent via the Windows DNS Client service. In order to start using it, simply run the executable file - DNSLookupView.exe After running DNSLookupView, the main window is displayed, and you can press the 'Start DNS Tracing' toolbar button (or simply press the F5 key) to start capturing the DNS queries on your system.
0 kommentar(er)
