[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040723203246.GA26952@h8000.serverkompetenz.net>
From: nils at druecke.strg-alt-entf.org (Nils Ketelsen)
Subject: Question for DNS pros
On Fri, Jul 23, 2004 at 12:32:28PM -0500, Paul Schmehl wrote:
> Can this be done?
>
> Conditions:
> 1) You know an IP address that is running a DNS server. (IOW, it responds
> to digs.)
> 2) You do not know the hostname or domain of the host.
> 3) The DNS server does not allow zone transfers.
>
> You want to find out *all* the domains that that DNS server is
> authoritative for. (Essentially you're trying to find out what's in the
> named.conf file rather than zone file info.)
Florian Weimer has an interesting project for exactly that. By analyzing all
request and replies to a resolver and writing the results into a database he
gets a system to allow this kind of inverse-queries (I avoid using the term
reverse queries because of the confusion this might cause with reverse
lookups).
Basically this allows you to say "for what hosts did I get replies from the
nameser xyz?". This does not give you all zones of the nameserver, but only
those which at least were requested once by the resolver you are looking at.
Given enough resolvers gathering this data this might allow a fairly big
overview though.
I do not know wether is tool is available to the public yet, though. Maybe
he can say something about it (Florian is also reading here). I have not yet
figured out, what I might use this tool for, but I think it will allow for
interesting things regarding filtering solutions. And it is a nice hack.
Nils
--
Gibt's eigentlich auch schon emacs-Einbauk?chen?
[nico.hoffmann@...sik.tu-chemnitz.de (Nico Hoffmann)
zum Thema "vi-Tassen" in de.alt.arnooo]
Powered by blists - more mailing lists