get a domain's dns records
dave at knig.ht
Fri Jan 21 14:06:21 UTC 2011
On 2011-01-21, at 8:50 AM, Barry Margolin wrote:
> In article <mailman.1415.1295616325.555.bind-users at lists.isc.org>,
> Joseph S D Yao <jsdy at tux.org> wrote:
>> On Fri, Jan 21, 2011 at 02:19:45PM +0800, pyh at mail.nsbeta.info wrote:
>>> I'm jsut curious, how does "who.is" know the dns records in my domain
>>> The page shows some of my RRs exactly:
>> The title of the page is, "Nsbeta.info DNS Lookup | Nameserver Lookup -
>> Who.is - Who.is". They probably did just exactly that - DNS lookup.
>> Anything in DNS is public information.
> But the nameservers for the domain don't allow public zone transfers.
> So if you know the names in the zone you can look them up, but how did
> the site list the names in his zone?
I just tried this with one of mine "sanxion.org"
> sanxion.org MX 5 minutes 100 sb.sanxion.org
> sanxion.org NS 5 minutes ns-ext.isc.org
> sanxion.org NS 5 minutes borg.c-l-i.net
> sanxion.org NS 5 minutes ns.c-l-i.net
> sanxion.org SOA 5 minutes borg.c-l-i.net. dave.sanxion.org. 2011010900 3600 1800 604800 3600
The above might have been gotten either with separate queries for
or a single
> sb.sanxion.org A 5 minutes 18.104.22.168 (Gatineau, QC, CA)
> sb.sanxion.org AAAA 5 minutes 2001:4900:1:393:211:d8ff:fe9b:6b7c
these are returned in the additional section when doing the mx, or any query above
> www.sanxion.org A 5 minutes 22.214.171.124 (Amsterdam, 07, NL)
I guess the tool just always assumes that there's probably a www worthy asking about
More information about the bind-users