On 21/01/11 14:18, Phil Mayers wrote:
On 21/01/11 13:50, Barry Margolin wrote:
In article<mailman.1415.1295616325.555.bind-us...@lists.isc.org>,
Joseph S D Yao<j...@tux.org> wrote:
On Fri, Jan 21, 2011 at 02:19:45PM +0800, p...@mail.nsbeta.info wrote:
I'm jsut curious, how does "who.is" know the dns records in my domain
(nsbeta.info)?
The page shows some of my RRs exactly:
http://who.is/dns/nsbeta.info/
The title of the page is, "Nsbeta.info DNS Lookup | Nameserver Lookup -
Who.is - Who.is". They probably did just exactly that - DNS lookup.
Anything in DNS is public information.
But the nameservers for the domain don't allow public zone transfers.
So if you know the names in the zone you can look them up, but how did
the site list the names in his zone?
Most of the records are well-known (i.e. A/MX/NS/SOA on the zone apex,
or www.zone.name) or lookups of the RHS of a well-known. The site
appears to probe for "test.zone.name".
So it didn't "list" the zone. It looked up some well-known names and RRs
and got replies.
In case anyone is curious, I tried it with our zone and then looked in
the query logs; it looks for:
174.36.196.245#54513: view main: query: zone.name IN A +
174.36.196.245#33561: view main: query: zone.name IN MX +
174.36.196.245#34074: view main: query: zone.name IN NS +
174.36.196.245#44305: view main: query: zone.name IN SOA +
174.36.196.245#50109: view main: query: zone.name IN TXT +
174.36.196.245#52299: view main: query: blog.zone.name IN A +
174.36.196.245#59078: view main: query: forum.zone.name IN A +
174.36.196.245#51346: view main: query: help.zone.name IN A +
174.36.196.245#40281: view main: query: mail.zone.name IN A +
174.36.196.245#45344: view main: query: mail.zone.name IN MX +
174.36.196.245#34294: view main: query: test.zone.name IN A +
174.36.196.245#48627: view main: query: www.zone.name IN A +
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
