DNSQuerySniffer is a tiny (130KB, including a Help file) network sniffer which detects and displays DNS queries as they're sent on your system.
This has some security applications. Malware will often use DNS traffic to communicate with its operators, for instance, so taking a closer look at your own system might help to uncover an infection (look for odd or unusual domains, say, or a lot of failed lookups).
And more generally, DNSQuerySniffer helps to reveal which of your applications is trying to go online, and maybe what they're trying to do.
The data capture itself can be done via WinPcap and Microsoft Network Monitor. Or if you'd rather not install anything else, choose the "Raw Sockets" option and you may still get reasonable results (the documentation provided with DNSQuerySniffer explains more).
Any queries intercepted are displayed in full, with all the details you'd expect: Host Name, Port Number, Query ID, Request Type, Request Time, Response Time, Duration, Response Code, Records Count, and the returned records.
And as usual with NirSoft tools, everything is displayed in a sortable table, and your data can be exported as TXT, CSV, HTML and more.
- Version 1.10:
- Added 'Sort On Every Update' option.
- Version 1.08:
- Fixed bug: The 'Promiscuous Mode' check-box in the 'Capture Options' window was not saved to the configuration file.