모든 DNS 레코드를 어떻게 나열합니까?
도메인의 모든 DNS 레코드를 나열 할 수있는 방법이 있습니까?
나는 dig와 nslookup과 같은 것들에 대해 알고 있지만 그들은 지금까지만 갔다. 예를 들어 하위 도메인 A 레코드를
test A somedomain.co.uk
구체적으로 요청하지 않는 한, 예를 들어.
dig any test.somedomain.co.uk
나는 그것을 볼 수 없습니다.
모든 DNS 레코드가 무엇인지 정확히 볼 수있는 방법이 있습니까 (DNS 관리자로 이동하여 레코드를 보는 것 이외)?
ANY를 쿼리하면 해당 수준의 모든 레코드 목록이 표시되지만 아래에는 표시되지 않습니다.
# try this
dig google.com any
도메인 이름이 정확히 "google.com"인 경우 A 레코드, TXT 레코드, NS 레코드, MX 레코드 등을 반환 할 수 있습니다. 그러나 자녀 기록 (예 : www.google.com)은 반환하지 않습니다. 보다 정확하게는 이러한 레코드가 존재하는 경우 얻을 수 있습니다. 이름 서버는 응답하지 않기로 선택한 경우 (예 : 응답 크기 줄이기) 이러한 레코드를 반환하지 않아도됩니다.
AXFR은 영역 전송이며 원하는 것일 수 있습니다. 그러나 이러한 영역은 일반적으로 제한되며 영역을 제어하지 않으면 사용할 수 없습니다. 일반적으로 권한이있는 서버 (아래 @ ns1.google.com)와 게시되지 않을 수있는 이름 서버 (스텔스 이름 서버)에서 영역 전송을 수행합니다.
# This will return "Transfer failed"
dig @ns1.google.com google.com axfr
영역을 제어 할 수있는 경우 TSIG 키로 보호되는 전송을 받도록 영역을 설정할 수 있습니다. 이것은 클라이언트가 전송을 승인하기 위해 서버에 보낼 수있는 공유 비밀입니다.
Josh 의 답변을 개선했습니다 . 나는 것으로 나타났습니다 dig조회 된 네임 서버의 캐시에 이미 존재하는 유일한 쇼 항목, 그것은 더 나은 있도록 SOA에서 권위있는 네임 서버를 당겨 (대신 기본 네임 서버에 의존) 할 수 있습니다. 또한 일반적으로 설정의 정확성에 더 관심이 있기 때문에 와일드 카드 IP 필터링을 비활성화했습니다.
새로운 스크립트는 -x확장 된 출력에 대한 -s NS인수 와 특정 이름 서버를 선택하기 위한 인수를 사용합니다.dig -x example.com
#!/bin/bash
set -e; set -u
COMMON_SUBDOMAINS="www mail mx a.mx smtp pop imap blog en ftp ssh login"
EXTENDED=""
while :; do case "$1" in
--) shift; break ;;
-x) EXTENDED=y; shift ;;
-s) NS="$2"; shift 2 ;;
*) break ;;
esac; done
DOM="$1"; shift
TYPE="${1:-any}"
test "${NS:-}" || NS=$(dig +short SOA "$DOM" | awk '{print $1}')
test "$NS" && NS="@$NS"
if test "$EXTENDED"; then
dig +nocmd $NS "$DOM" +noall +answer "$TYPE"
wild_ips=$(dig +short "$NS" "*.$DOM" "$TYPE" | tr '\n' '|')
wild_ips="${wild_ips%|}"
for sub in $COMMON_SUBDOMAINS; do
dig +nocmd $NS "$sub.$DOM" +noall +answer "$TYPE"
done | cat #grep -vE "${wild_ips}"
dig +nocmd $NS "*.$DOM" +noall +answer "$TYPE"
else
dig +nocmd $NS "$DOM" +noall +answer "$TYPE"
fi
영역 전송 기능이 없으면이 작은 bash 스크립트를 작성했습니다 dg.
#!/bin/bash
COMMON_SUBDOMAINS=(www mail smtp pop imap blog en ftp ssh login)
if [[ "$2" == "x" ]]; then
dig +nocmd "$1" +noall +answer "${3:-any}"
wild_ips="$(dig +short "*.$1" "${3:-any}" | tr '\n' '|')"
wild_ips="${wild_ips%|}"
for sub in "${COMMON_SUBDOMAINS[@]}"; do
dig +nocmd "$sub.$1" +noall +answer "${3:-any}"
done | grep -vE "${wild_ips}"
dig +nocmd "*.$1" +noall +answer "${3:-any}"
else
dig +nocmd "$1" +noall +answer "${2:-any}"
fi
이제 dg example.comDNS 레코드를 깔끔하고 깔끔하게 정리하거나 dg example.com x인기있는 여러 하위 도메인을 포함시키는 데 사용합니다.
grep -vE "${wild_ips}" filters out records that could be the result of a wildcard DNS entry such as * 10800 IN A 1.38.216.82. Otherwise, a wildcard entry would make it appear as if there were records for each $COMMON_SUBDOMAN.
Note: This relies on ANY queries, which are blocked by some DNS providers such as CloudFlare.
A zone transfer is the only way to be sure you have all the subdomain records. If the DNS is correctly configured you should not normally be able to perform an external zone transfer.
The scans.io project has a database of DNS records that can be downloaded and searched for subdomains. This requires downloading the 87GB of DNS data, alternatively you can try the online search of the data at https://hackertarget.com/find-dns-host-records/
host -a works well, similar to dig any.
EG:
$ host -a google.com
Trying "google.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10403
;; flags: qr rd ra; QUERY: 1, ANSWER: 18, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN ANY
;; ANSWER SECTION:
google.com. 1165 IN TXT "v=spf1 include:_spf.google.com ip4:216.73.93.70/31 ip4:216.73.93.72/31 ~all"
google.com. 53965 IN SOA ns1.google.com. dns-admin.google.com. 2014112500 7200 1800 1209600 300
google.com. 231 IN A 173.194.115.73
google.com. 231 IN A 173.194.115.78
google.com. 231 IN A 173.194.115.64
google.com. 231 IN A 173.194.115.65
google.com. 231 IN A 173.194.115.66
google.com. 231 IN A 173.194.115.67
google.com. 231 IN A 173.194.115.68
google.com. 231 IN A 173.194.115.69
google.com. 231 IN A 173.194.115.70
google.com. 231 IN A 173.194.115.71
google.com. 231 IN A 173.194.115.72
google.com. 128 IN AAAA 2607:f8b0:4000:809::1001
google.com. 40766 IN NS ns3.google.com.
google.com. 40766 IN NS ns4.google.com.
google.com. 40766 IN NS ns1.google.com.
google.com. 40766 IN NS ns2.google.com.
What you want is called a zone transfer. You can request a zone transfer using dig -t axfr.
A zone is a domain and all of the domains below it that are not delegated to another server.
Note that zone transfers are not always supported. They're not used in normal lookup, only in replicating DNS data between servers; but there are other protocols that can be used for that (such as rsync over ssh), there may be a security risk from exposing names, and zone transfer responses cost more to generate and send than usual DNS lookups.
For Windows:
You may find the need to check the status of your domains DNS records, or check the Name Servers to see which records the servers are pulling.
Launch Windows Command Prompt by navigating to Start > Command Prompt or via Run > CMD.
Type NSLOOKUP and hit Enter. The default Server is set to your local DNS, the Address will be your local IP.
Set the DNS Record type you wish to lookup by typing
set type=##where ## is the record type, then hit Enter. You may use ANY, A, AAAA, A+AAAA, CNAME, MX, NS, PTR, SOA, or SRV as the record type.Now enter the domain name you wish to query then hit Enter.. In this example, we will use Managed.com.
NSLOOKUP will now return the record entries for the domain you entered.
You can also change the Name Servers which you are querying. This is useful if you are checking the records before DNS has fully propagated. To change the Name Server type server [name server]. Replace [name server] with the Name Servers you wish to use. In this example, we will set these as NSA.managed.com.
Once changed, change the query type (Step 3) if needed then enter new a new domain (Step 4.)
For Linux:
1) Check DNS Records Using Dig Command Dig stands for domain information groper is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
2) Check DNS Records Using NSlookup Command Nslookup is a program to query Internet domain name servers. Nslookup has two modes interactive and non-interactive.
Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain.
Non-interactive mode is used to print just the name and requested information for a host or domain. It’s network administration tool which will help them to check and troubleshoot DNS related issues.
3) Check DNS Records Using Host Command host is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa. When no arguments or options are given, host prints a short summary of its command line arguments and options.
There is no easy way to get all DNS records for a domain in one instance. You can only view certain records for example, if you wanna see an A record for a certain domain you can use the command: dig a(type of record) domain.com. This is the same for all the other type of records you wanna see for that domain.
If your not familiar with the command line interface, you can also use a site like mxtoolbox.com. Wich is very handy tool for getting records of a domain.
I hope this answers your question.
참고URL : https://stackoverflow.com/questions/19322962/how-can-i-list-all-dns-records
'programing tip' 카테고리의 다른 글
| 여백 상단이 범위 요소에서 작동하지 않습니까? (0) | 2020.05.31 |
|---|---|
| CompletableFuture, Future 및 RxJava의 Observable의 차이점 (0) | 2020.05.30 |
| 저장 프로 시저에서 "SET XACT_ABORT ON"을 사용하면 어떤 이점이 있습니까? (0) | 2020.05.30 |
| .build, .create 및 .create의 차이점! (0) | 2020.05.30 |
| "OR"을 사용하여 여러 조건을 결합하여 데이터 프레임의 하위 세트를 만드는 방법은 무엇입니까? (0) | 2020.05.30 |