get a domain's dns records
p.mayers at imperial.ac.uk
Fri Jan 21 14:23:35 UTC 2011
On 21/01/11 14:18, Phil Mayers wrote:
> On 21/01/11 13:50, Barry Margolin wrote:
>> In article<mailman.1415.1295616325.555.bind-users at lists.isc.org>,
>> Joseph S D Yao<jsdy at tux.org> wrote:
>>> On Fri, Jan 21, 2011 at 02:19:45PM +0800, pyh at mail.nsbeta.info wrote:
>>>> I'm jsut curious, how does "who.is" know the dns records in my domain
>>>> The page shows some of my RRs exactly:
>>> The title of the page is, "Nsbeta.info DNS Lookup | Nameserver Lookup -
>>> Who.is - Who.is". They probably did just exactly that - DNS lookup.
>>> Anything in DNS is public information.
>> But the nameservers for the domain don't allow public zone transfers.
>> So if you know the names in the zone you can look them up, but how did
>> the site list the names in his zone?
> Most of the records are well-known (i.e. A/MX/NS/SOA on the zone apex,
> or www.zone.name) or lookups of the RHS of a well-known. The site
> appears to probe for "test.zone.name".
> So it didn't "list" the zone. It looked up some well-known names and RRs
> and got replies.
In case anyone is curious, I tried it with our zone and then looked in
the query logs; it looks for:
188.8.131.52#54513: view main: query: zone.name IN A +
184.108.40.206#33561: view main: query: zone.name IN MX +
220.127.116.11#34074: view main: query: zone.name IN NS +
18.104.22.168#44305: view main: query: zone.name IN SOA +
22.214.171.124#50109: view main: query: zone.name IN TXT +
126.96.36.199#52299: view main: query: blog.zone.name IN A +
188.8.131.52#59078: view main: query: forum.zone.name IN A +
184.108.40.206#51346: view main: query: help.zone.name IN A +
220.127.116.11#40281: view main: query: mail.zone.name IN A +
18.104.22.168#45344: view main: query: mail.zone.name IN MX +
22.214.171.124#34294: view main: query: test.zone.name IN A +
126.96.36.199#48627: view main: query: www.zone.name IN A +
More information about the bind-users