authority for domains: how to verify from program?
Peter Dambier
peter at peter-dambier.de
Mon Dec 26 09:16:09 UTC 2005
Roman Mashak wrote:
> Hello Peter,
>
> when you mentioned about 'dump' you meant mysqldump or something else?
> Might be you met that kind of tool before?
Hi Roman,
you can use the rndc programme to force bind to dump its complete data,
authoritative data and cache data. Looking for SOA records you can look
for its own zones.
I dont know if sql is a good idea. I have seen in the sql database they
do store the complete zone into a single record.
I have seen an authoritative only server, I believe it is Power DNS who
stores every single RR in its own record and every zone in its own table.
I came upon sql when my IASON exploded. It was not even ".com" that
exhausted all my memory. I knew from the beginning one day I would need
a database. I want to query all data from a DNS server. There is expected
way to do this. Even when the DNS server allows "dig axfr" you have to
know the zones that are on the server.
You could "dig '.' axfr @server.name" to get everything from the root
zone but the server could still support zones that are not referenced
in the root or maybe it does not even have a "." zone because it is
not authoritative for the root.
Yet another way is reading the log. After processing the system log with
IASON I get:
named_start("Nov-29","12:10:56","BIND 9.1.3 -u named").
named_complained("the default for the 'auth-nxdomain' option is now 'no'","Nov-29","12:10:56").
named_complained("no IPv6 interfaces found","Nov-29","12:10:56").
named_listening("Nov-29","12:10:56","127.0.0.1").
named_listening("Nov-29","12:10:56","192.168.55.2").
named_running("Nov-29","12:10:57").
named_axfr_in("Nov-29","12:10:58","192.33.4.12","arpa'").
named_axfr_in("Nov-29","12:11:01","192.33.4.12","in-addr.arpa'").
named_lame("Nov-29","15:33:11","209.48.2.29","'namespace.org'").
The raw system log has even more information but it more difficult reading.
The problem is you must have a login and be allowed to read the system log
I am thinking of hacking Bind to use an sql database in place of its internal
memory. Browsers and spiders could make bind fill its database. I could later
use sql to find the information hidden from normal DNS queries.
Maybe IASON will get you some ideas
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
I am moving the sources to sourceforge because the new french copyright
law is too difficult for me to understand. The music industry might
suggest IASON is illegal in france - then I would need a lawer :)
If you have any questions about IASON - fell free to ask privately.
Documentation? Will improve.
Cheers
Peter and Karin
>
> 2005/12/23, Peter Dambier <peter at peter-dambier.de>:
>
>>Roman Mashak wrote:
>>
>>>Hello,
>>>
>>>I'd like to use bind API in my program to obtain a list of zones the
>>>server is authorative for (let is be the server where program is
>>>running).
>>>Are there any functions (bind8 preferable)?
>>>
>>>--
>>>Roman
>>>
>>>
>>
>>Not very Bind:
>>
>>try to SQL your Bind (mySQL) and query the SQL database.
>>
>>Maybe a dump could do with a normal Bind.
>>
>
>
>
> --
> Roman
>
>
--
Peter and Karin Dambier
The Public-Root Consortium
Graeffstrasse 14
D-64646 Heppenheim
+49(6252)671-788 (Telekom)
+49(179)108-3978 (O2 Genion)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
mail: peter at echnaton.serveftp.com
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
More information about the bind-users
mailing list