If you ever wondered what is going on at the DNS level on your computer (or network), tcpdump can be a useful tool for you.
TCPdump basics
Tcpdump is a tool that allows you to inspect any packet (TCP, UDP, etc) and its content as they pass through an interface through the libpcap module. The syntax is very simple, but the basics of the command require the network interface name, the protocol and the restrictions of what you are trying to inspect (more on that later):
Continue reading “Inspecting DNS traffic via tcpdump”