Find all authoritative domains for a nameserver?

Novosielski, Ryan novosirj at umdnj.edu
Tue Dec 4 00:00:31 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/03/2012 06:52 PM, Dan Mahoney wrote:
>> Hi all,
>> 
>> I don't know if there's an easy, or even moderately easy way to
>> do this, but can one somehow figure out/get a list of all domains
>> for which the nameserver is set to a given IP/server name? For
>> reasons I won't get into, the people who register the domains are
>> not the same as the people who run the DNS servers (me) and
>> occasionally the domains I have zones defined for in my
>> nameservers do not match the WHOIS records. Normally, that
>> problem becomes pretty obvious because nothing works right, but
>> it does generate a lot of logging for failed queries to the
>> nameservers. I guess that would be one way to tell when someone
>> has made us authoritative for a domain but not had us create a
>> zone file, but is there a way to get a list somehow?
> 
> Back in the old netsol days, a name server admin could get a list
> of domains for which was responsible by request.  There's also a
> feature in very very old versions of bind called Inverse DNS,
> implemented against an optional part of one of the DNS spec, that
> comes close to this.  Nowadays, verisign and a few others WILL let
> you download the COM zone via FTP once a day, with special signed
> agreements (mainly for research purposes, not to solve your
> problem).
> 
> Your best answer comes in either your logs (with some simple grep
> and perl to do the dig +trace, could make a nice useful report), or
> some other tool like TCPDUMP, or in a passive DNS provider, but
> the reality is, all these methods require someone to be querying
> it. Thankfully, spambots seem to do this quite a lot, and manage to
> find "new" domains at an alarming pace.

Thanks, that's about what I'd expected to hear. Luckily what you've
said is true (I get hundreds of queries for umdnj.org for example) and
the problem isn't actually a serious one unless someone expects the
site to be working (in which case, I'd hear about it anyway).

- -- 
- ---- _  _ _  _ ___  _  _  _
|Y#| |  | |\/| |  \ |\ |  | |Ryan Novosielski - Sr. Systems Programmer
|$&| |__| |  | |__/ | \| _| |novosirj at umdnj.edu - 973/972.0922 (2-0922)
\__/ Univ. of Med. and Dent.|IST/EI-Academic Svcs. - ADMC 450, Newark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlC9PSAACgkQmb+gadEcsb4LQACeLIfbwp6jyeqUejJ8hn6clNO0
CzgAn26KxMSAp5g8zxm3HzHj+MNsv/sI
=BrTx
-----END PGP SIGNATURE-----




More information about the bind-users mailing list