DNS tools
Sat 05 April 2014
[caption id="" align="alignright" width="350"] Where's the DN tree ? (Photo credit: Wikipedia)[/caption]
Here is a reminder for me and myself, that can be useful to every one (I hope as anything I write down here). It concerns some tools to retrieve DNS informations. Almost everything in this post is based on bind. Other post about DNS could be find here.
dig
First of all, I should put a link the the dig manpage and a short example of its use:
dig +trace AAAA www.example.com
note that the equivalent in Microsoft world is nslookup but I know almost nothing about.
When requesting whoami.akamai.net, the answer depends on the host making the request (useful to detect DNS proxy). Try comparing multiple servers responses:
dig @8.8.8.8 A whoami.akami.net dig @8.8.4.4 A whoami.akami.net
of course, more complicated stuff is possible:
#!/bin/sh opt="+dnssec +trace" outfile0=out0.txt outfile1=out1.txt rm -v $outfile0 $outfile1 #clean up for rec in any a aaaa mx ns txt # fetch some records do dig $opt $rec $1 sleep 1 # we don't flood servers done > $outfile0 while read fqdn ttl class type addr do if [[$type=="A" -o $type=="AAAA"]] # check ptr for addresses fetch then dig -x $opt $addr >> $outfile1 sleep 1 # we don't flood servers fi done < $(grep -v -e '^;' -e '^.' $outfile0 | grep IN ) # remove comment line and root zone related RR, keep only line containing IN class RR # show all results cat $outfile0 $outfile1
dns_tree
Some people think (with reason) that dig is a low level tool and some front-end should be written to ease information retrieval. Here comes dns_tree and its debian packaging.
Nevertheless, this tool seems to work based on transfer zone (AXFR) that should not be allowed. Thus it seems to fail quite easily.
Category: tools Tagged: BIND DNS Domain Name System Information retrieval