How to get IP addresses resolved to names

  • 1
  • Question
  • Updated 8 years ago
  • Answered
Resolve database how does it get populated
We seem to have very little Information since a recent upgrade of IP addresses to names
If we sniff a more active (internal Network ) with a second sensor will the IP addresses names populate accross to the reports of the first sensor ?
Photo of Jon Smith

Jon Smith, Champion

  • 1 Post
  • 0 Reply Likes

Posted 8 years ago

  • 1
Photo of Michael Finn

Michael Finn

  • 35 Posts
  • 5 Reply Likes
The LANGuardian resolves IP addresses to names by analyzing the DNS requests it sees in the network traffic. Using the information seen in the DNS requests it will populate the resolve database.

If a sensor is detecting a lot of the DNS requests the IP address/name resolutions will be used across all sensors.