Taehyeong Lee | Software Engineer

Taehyeong Lee | Software Engineer

Monitoring DNS Queries using tshark

UpdatedApril 3, 2024

•1 min read

Monitoring DNS Queries using tshark

Overview

In the internet world, requests for external data start with DNS Queries for domains. In environments with firewalls installed, DNS Queries themselves may be blocked. To understand this, it is necessary to know the current DNS Queries being made. This document outlines how to monitor DNS queries using tshark.

Installing tshark

# Installing tshark on Ubuntu
$ sudo apt-get install tshark -y

# Installing tshark on macOS
$ brew install --cask wireshark

# Installing tshark on Windows
$ choco install wireshark -y

# Verifying installation
$ tshark -v
TShark (Wireshark) 3.6.2 (Git v3.6.2 packaged as 3.6.2-2)

Monitoring DNS Queries

# Running DNS query monitoring with tshark, then executing nslookup www.google.com
$ sudo tshark -f "port 53"
Capturing on 'eth0'
 ** (tshark:138272) 17:38:22.224025 [Main MESSAGE] -- Capture started.
    1 0.000000000 172.30.159.111 → 8.8.8.8      DNS 74 Standard query 0x5ba5 A www.google.com
    2 0.064698077      8.8.8.8 → 172.30.159.111 DNS 90 Standard query response 0x5ba5 A www.google.com A 142.250.66.100

References

Filtering a packet capture by DNS Query Name

More from this blog

Claude Opus 4.6: The Philosopher with a Sledgehammer

1M Context, Agent Teams, and Why Your CLAUDE.md Is Now Half the Battle

Feb 6, 202620 min read

Claude Opus 4.6: The Philosopher with a Sledgehammer

Source Grounding in the LLM Era: Why Claude Code's Power Users Choose Brave Search MCP

TL;DR Same engine, different controls: Claude Code's WebSearch and Brave Search MCP share the identical Brave Search backend—confirmed through BraveSearchParams discovery [TechCrunch] and 86.7% result correlation [TryProfound] The parameter gap: Bui...

Jan 28, 202616 min read

Source Grounding in the LLM Era: Why Claude Code's Power Users Choose Brave Search MCP

How to Build a 100% Uncensored Local LLM Environment on WSL2

Introduction Building a truly uncensored local LLM environment represents a breakthrough in information democracy. By combining Ollama's streamlined runtime with Gökdeniz Gülmez's JOSIEFIED-Qwen3:8b model—which uses both abliteration and fine-tuning...

Jan 3, 202611 min read

How to Build a 100% Uncensored Local LLM Environment on WSL2

NotebookLM: Google's Accidental Masterpiece Rewriting How We Learn

TL;DR NotebookLM uses "source grounding" philosophy—it only references documents you upload, dramatically reducing AI hallucinations Gemini 3 powers the platform as of December 2025, with 90.4% on GPQA Diamond and 81.2% on MMMU Pro Audio/Video Overv...

Jan 3, 202618 min read

NotebookLM: Google's Accidental Masterpiece Rewriting How We Learn

Gemini Gems: Building Your Personal AI Expert Army with Dynamic Knowledge Bases

TL;DR Gemini Gems combine system prompts + Knowledge Base (10 files × 100MB)—the killer feature is real-time sync with Google Docs/Sheets December 2025 breakthrough: Attach NotebookLM notebooks (300 sources) directly to Gems' Knowledge Base, and use...

Dec 27, 202527 min read

Gemini Gems: Building Your Personal AI Expert Army with Dynamic Knowledge Bases

T

Taehyeong Lee | Software Engineer

56 posts

I am Software Engineer with 15 years of experience, working at Gentle Monster. I specialize in developing high-load, large-scale processing APIs using Kotlin and Spring Boot. I live in Seoul, Korea.