DNS tools
Sat 05 April 2014
Where's the DN tree ? (Photo credit: Wikipedia)
Here is a reminder for me and myself, that can be useful to every one (I hope as anything I write down here). It concerns some tools to retrieve DNS informations. Almost everything in this post is based on bind. Other post about DNS could be find here.
dig
First of all, I should put a link the the dig manpage and a short example of its use:
dig +trace AAAA www.example.com
note that the equivalent in Microsoft world is nslookup but I know almost nothing about.
When requesting whoami.akamai.net, the answer depends on the host making the request (useful to detect DNS proxy). Try comparing multiple servers responses:
dig @8.8.8.8 A whoami.akami.net
dig @8.8.4.4 A whoami.akami.net
of course, more complicated stuff is possible:
#!/bin/sh
opt="+dnssec +trace"
outfile0=out0.txt
outfile1=out1.txt
rm -v $outfile0 $outfile1 #clean up
for rec in any a aaaa mx ns txt # fetch some records
do
dig $opt $rec $1
sleep 1 # we don't flood servers
done > $outfile0
while read fqdn ttl class type addr
do
if [[$type=="A" -o $type=="AAAA"]] # check ptr for addresses fetch
then dig -x $opt $addr >> $outfile1
sleep 1 # we don't flood servers
fi
done < $(grep -v -e '^;' -e '^.' $outfile0 | grep IN ) # remove comment line and root zone related RR, keep only line containing IN class RR
# show all results
cat $outfile0 $outfile1
dns_tree
Some people think (with reason) that dig is a low level tool and some front-end should be written to ease information retrieval. Here comes dns_tree and its debian packaging.
Nevertheless, this tool seems to work based on transfer zone (AXFR) that should not be allowed. Thus it seems to fail quite easily.
Category: tools Tagged: BIND DNS Domain Name System Information retrieval