Home page logo
/

pauldotcom logo PaulDotCom mailing list archives

DNS look up against a specific DNS provider
From: genesiswave at gmail.com (genesiswave at gmail.com)
Date: Fri, 26 Jun 2009 03:22:00 +0000

Adrian
You might look to webhosting.info for the reverse info you are looking for
Sent via BlackBerry from T-Mobile

-----Original Message-----
From: byte.bucket at 4a44.com

Date: Thu, 25 Jun 2009 16:53:54 
To: PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com>
Subject: Re: [Pauldotcom] DNS look up against a specific DNS provider


That actually seems like a reasonable response.  Dyndns probably isn't
authoritative for the reverse zone.  It is also likely that they don't
support recursive queries from external clients.  As a result, the IP you
are looking for is, in all likelihood, *not* in dyndns server's  cache.

-- 
byte_bucket

I've gave those a shot without luck. Here are the results I got(I change
my
IP to ip-obmitted  for this output):



C:\Users\adrian>nslookup -norecurse ip-obmitted ns1.dyndns.org
(root)  nameserver = H.ROOT-SERVERS.NET
(root)  nameserver = K.ROOT-SERVERS.NET
(root)  nameserver = M.ROOT-SERVERS.NET
(root)  nameserver = A.ROOT-SERVERS.NET
(root)  nameserver = D.ROOT-SERVERS.NET
(root)  nameserver = C.ROOT-SERVERS.NET
(root)  nameserver = E.ROOT-SERVERS.NET
(root)  nameserver = I.ROOT-SERVERS.NET
(root)  nameserver = J.ROOT-SERVERS.NET
(root)  nameserver = G.ROOT-SERVERS.NET
(root)  nameserver = F.ROOT-SERVERS.NET
(root)  nameserver = L.ROOT-SERVERS.NET
(root)  nameserver = B.ROOT-SERVERS.NET
Server:  UnKnown
Address:  204.13.248.75

(root)  nameserver = B.ROOT-SERVERS.NET
(root)  nameserver = C.ROOT-SERVERS.NET
(root)  nameserver = I.ROOT-SERVERS.NET
(root)  nameserver = J.ROOT-SERVERS.NET
(root)  nameserver = K.ROOT-SERVERS.NET
(root)  nameserver = G.ROOT-SERVERS.NET
(root)  nameserver = M.ROOT-SERVERS.NET
(root)  nameserver = F.ROOT-SERVERS.NET
(root)  nameserver = A.ROOT-SERVERS.NET
(root)  nameserver = E.ROOT-SERVERS.NET
(root)  nameserver = L.ROOT-SERVERS.NET
(root)  nameserver = H.ROOT-SERVERS.NET
(root)  nameserver = D.ROOT-SERVERS.NET
*** No internal type for both IPv4 and IPv6 Addresses (A+AAAA) records
available
 for ip-obmitted





dig @ns1.dyndns.org ip-obmitted

; <<>> DiG 9.2.4 <<>> @ns1.dyndns.org ip-obmitted
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15548
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0

;; QUESTION SECTION:
;ip-obmitted.                 IN      A

;; AUTHORITY SECTION:
.                       518400  IN      NS      H.ROOT-SERVERS.NET.
.                       518400  IN      NS      M.ROOT-SERVERS.NET.
.                       518400  IN      NS      K.ROOT-SERVERS.NET.
.                       518400  IN      NS      E.ROOT-SERVERS.NET.
.                       518400  IN      NS      I.ROOT-SERVERS.NET.
.                       518400  IN      NS      G.ROOT-SERVERS.NET.
.                       518400  IN      NS      F.ROOT-SERVERS.NET.
.                       518400  IN      NS      A.ROOT-SERVERS.NET.
.                       518400  IN      NS      L.ROOT-SERVERS.NET.
.                       518400  IN      NS      B.ROOT-SERVERS.NET.
.                       518400  IN      NS      J.ROOT-SERVERS.NET.
.                       518400  IN      NS      C.ROOT-SERVERS.NET.
.                       518400  IN      NS      D.ROOT-SERVERS.NET.

;; Query time: 93 msec
;; SERVER: 204.13.248.75#53(ns1.dyndns.org)
;; WHEN: Thu Jun 25 12:35:53 2009
;; MSG SIZE  rcvd: 242



On Thu, Jun 25, 2009 at 2:05 PM, Jonathan Moore
<supermegatron at gmail.com>wrote:

On Thu, Jun 25, 2009 at 12:32 PM, Adrian Crenshaw<irongeek at irongeek.com>
wrote:
Does anyone know a way to specify a reverse DNS look up against a
specific
DNS provider? I don't want to use the DNS that is authoritive for  the
given
IP range. For example, look up all of the IPs at my org to see if any
are
mapped to some host name at DYNDNS? Some bot nets use these services
for
naming, so I thought this might be useful.

I may be misunderstanding, but both nslookup and dig let you specify
the server to query.  Using dig, adding @server.example.org to the
command tells dig to query only that server (IIRC).

 dig @ns1.everydns.net yahoo.com

HTH

-jonathan
_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]