Why DNS monitoring matters (and what PRTG can do for you)
Originally published on September 03, 2020 by Greg Campion
Last updated on September 30, 2020 • 4 minute read
The Domain Name System (DNS) plays a vital role in many company networks. Therefore, it is highly important that your DNS infrastructure is as stable as possible while making sure that none of your records have been compromised.
With the new DNS v2 sensor, it's now possible to not only monitor your DNS servers or public DNS servers while getting comprehensive statistics on them. It's also possible to monitor your records that are hosted on them.
By monitoring your DNS servers with PRTG, you will be constantly informed of their availability and performance. In the event of downtime or lengthy response times, you can quickly intervene before errors and bottlenecks arise in your local network.
Additionally, it’s important to monitor the records, especially on public DNS servers to make sure that DNS spoofing or DNS cache poisoning hasn’t happened to you. For example, in Brazil in 2011 there were massive DNS spoofing attacks that caused havoc and installed malware on people’s computers when they were trying to access sites like Google and Facebook. Monitoring these records is also useful to make sure that you or someone else in the company hasn’t made a configuration mistake.
For example, if someone were to mistakenly change one of your MX records, your entire company's email would cease to work. Depending on how long the Time to live (TTL) is set to, this mistake can cause a long outage if it’s allowed to replicate to all the public DNS records. However, if you are monitoring the DNS servers where your records are hosted and a change is made when it’s not required, PRTG can be set up to alert you immediately.
Here's how you set up the sensor
To monitor this, you would set up a device in PRTG with the IP address or hostname of the DNS server that hosts your public records.
Once that is set up, you can then create your DNS v2 sensor with the DNS record that you want to monitor. In this example, I'm using an MX record for the top-level domain of Paessler. You then create a filter for the sensor and if the name changes, the sensor will immediately go into the down status and you can set up notifications to alert you about the change.
This new sensor allows you to check all sorts of different record types and you can do the checks against any DNS server that’s important to your business. Since this sensor also checks response time, you can also set up alerts for your internal and external DNS servers to make sure that they aren’t being attacked.
We hope that you can use this new sensor to make sure your business is reachable for your customers and let us know if there’s anything else you’d like to see in it.
To find more information and a tutorial on how to set up this sensor, check out the page DNS Monitoring with PRTG Network Monitor.