How to identify which systems are using a specific DNS IP

dns

We have a DNS server on win server 2008 and want to discontinue it but this is a very old server that's why too many servers are still using this server. Please suggest the way/script to identify which domain-joined systems/network cards still using that DNS IP.

I've tried many websites and scripts but nothing worked for me. Need your expert opinion,


First option is to look at the logs, if any. You might be able to increase the log level to get the required information.

Second is to install Wireshark on it and set a filter for all the packets that come to port 53 (most will be UDP, but some might be TCP). That will give you a good overview.

If installing additional software on the server is not an option, and if your switching infra supports it, you can use a SPAN/copy/monitoring port and use a system with Wireshark on that port to do exactly the same.

Again, depending on your network, you might use netflow on the routers. This is a more elaborate solution.

And you could also prepare a new DNS server, copy the information to it, and just replace the old one using the same IP address. If you want to continue providing the DNS service, that is perhaps the easiest solution.

Related

How to show "To" field in Outlook 365 as plain text not with the "object" view
How to use IIS on windows 10?
how to check for returning customers in Excel 2013?
Can I use floppy drive pins on any motherboard as GPIO pins?
Powerpoint: Is it possible to record audio on each slide separately and then make it into a video?
The Silicon Lottery
How can I recover data from a website after shutdown?
SSH Using YubiKey 5 and ED25519 Algorithm
WPF: Detect when Window loses focus
Minimum screen resolution for Android devices
In Python, how do I check the size of a StringIO object?
Anonymous IComparer implementation