PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

DNS look up against a specific DNS provider

From: irongeek at irongeek.com (Adrian Crenshaw)
Date: Fri, 26 Jun 2009 09:28:36 -0400
Thanks, but that gives even less info: IP Details - N/A.

It does not even find the rDNS of my ISPs name for my box.

On Thu, Jun 25, 2009 at 11:22 PM, <genesiswave at gmail.com> wrote:


Adrian
You might look to webhosting.info for the reverse info you are looking for
Sent via BlackBerry from T-Mobile

-----Original Message-----
From: byte.bucket at 4a44.com

Date: Thu, 25 Jun 2009 16:53:54
To: PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com



Subject: Re: [Pauldotcom] DNS look up against a specific DNS provider


That actually seems like a reasonable response.  Dyndns probably isn't
authoritative for the reverse zone.  It is also likely that they don't
support recursive queries from external clients.  As a result, the IP you
are looking for is, in all likelihood, *not* in dyndns server's  cache.

--
byte_bucket


I've gave those a shot without luck. Here are the results I got(I change
my
IP to ip-obmitted  for this output):



C:\Users\adrian>nslookup -norecurse ip-obmitted ns1.dyndns.org
(root)  nameserver = H.ROOT-SERVERS.NET
(root)  nameserver = K.ROOT-SERVERS.NET
(root)  nameserver = M.ROOT-SERVERS.NET
(root)  nameserver = A.ROOT-SERVERS.NET
(root)  nameserver = D.ROOT-SERVERS.NET
(root)  nameserver = C.ROOT-SERVERS.NET
(root)  nameserver = E.ROOT-SERVERS.NET
(root)  nameserver = I.ROOT-SERVERS.NET
(root)  nameserver = J.ROOT-SERVERS.NET
(root)  nameserver = G.ROOT-SERVERS.NET
(root)  nameserver = F.ROOT-SERVERS.NET
(root)  nameserver = L.ROOT-SERVERS.NET
(root)  nameserver = B.ROOT-SERVERS.NET
Server:  UnKnown
Address:  204.13.248.75

(root)  nameserver = B.ROOT-SERVERS.NET
(root)  nameserver = C.ROOT-SERVERS.NET
(root)  nameserver = I.ROOT-SERVERS.NET
(root)  nameserver = J.ROOT-SERVERS.NET
(root)  nameserver = K.ROOT-SERVERS.NET
(root)  nameserver = G.ROOT-SERVERS.NET
(root)  nameserver = M.ROOT-SERVERS.NET
(root)  nameserver = F.ROOT-SERVERS.NET
(root)  nameserver = A.ROOT-SERVERS.NET
(root)  nameserver = E.ROOT-SERVERS.NET
(root)  nameserver = L.ROOT-SERVERS.NET
(root)  nameserver = H.ROOT-SERVERS.NET
(root)  nameserver = D.ROOT-SERVERS.NET
*** No internal type for both IPv4 and IPv6 Addresses (A+AAAA) records
available
 for ip-obmitted





dig @ns1.dyndns.org ip-obmitted

; <<>> DiG 9.2.4 <<>> @ns1.dyndns.org ip-obmitted
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15548
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0

;; QUESTION SECTION:
;ip-obmitted.                 IN      A

;; AUTHORITY SECTION:
.                       518400  IN      NS      H.ROOT-SERVERS.NET.
.                       518400  IN      NS      M.ROOT-SERVERS.NET.
.                       518400  IN      NS      K.ROOT-SERVERS.NET.
.                       518400  IN      NS      E.ROOT-SERVERS.NET.
.                       518400  IN      NS      I.ROOT-SERVERS.NET.
.                       518400  IN      NS      G.ROOT-SERVERS.NET.
.                       518400  IN      NS      F.ROOT-SERVERS.NET.
.                       518400  IN      NS      A.ROOT-SERVERS.NET.
.                       518400  IN      NS      L.ROOT-SERVERS.NET.
.                       518400  IN      NS      B.ROOT-SERVERS.NET.
.                       518400  IN      NS      J.ROOT-SERVERS.NET.
.                       518400  IN      NS      C.ROOT-SERVERS.NET.
.                       518400  IN      NS      D.ROOT-SERVERS.NET.

;; Query time: 93 msec
;; SERVER: 204.13.248.75#53(ns1.dyndns.org)
;; WHEN: Thu Jun 25 12:35:53 2009
;; MSG SIZE  rcvd: 242



On Thu, Jun 25, 2009 at 2:05 PM, Jonathan Moore
<supermegatron at gmail.com>wrote:


On Thu, Jun 25, 2009 at 12:32 PM, Adrian Crenshaw<irongeek at irongeek.com



wrote:

Does anyone know a way to specify a reverse DNS look up against a

specific

DNS provider? I don't want to use the DNS that is authoritive for  the

given

IP range. For example, look up all of the IPs at my org to see if any

are

mapped to some host name at DYNDNS? Some bot nets use these services

for

naming, so I thought this might be useful.


I may be misunderstanding, but both nslookup and dig let you specify
the server to query.  Using dig, adding @server.example.org to the
command tells dig to query only that server (IIRC).

 dig @ns1.everydns.net yahoo.com

HTH

-jonathan
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090626/8d212286/attachment.htm
Previous By Date Next
Previous By Thread Next

Current thread: