Welcome to my site. Please CLICK HERE to give your opinions regarding this new look of "PCTipsbyAnu". Thanks for visiting.

Friday, October 15, 2010

Browse » Home » , , , , , , » LINUX : Advance ways of DNS querying with 'dig'

LINUX : Advance ways of DNS querying with 'dig'

Friday, October 15, 2010 Anu

For a system administrator, havingready access to all kinds of information for troubleshooting or configurationof computers and networks is important. When diagnosing connectivity issues, orsetting up a new Web site or server, being able to accurately get informationfrom DNS can be critical; DNS provides a lot of information that can reallyhelp in this regard.

On Linux, the best tool for this jobis dig, part of the BIND collection of utilities. On Red Hat EnterpriseLinux, CentOS, and Fedora, dig is part of the bind-utils package; you don’tneed to actually have the BIND DNS server installed to make use of theutilities.
CODE: 
FULL DOWNLOAD

The dig command-line tool is used toquery DNS name servers for information. It can be the default DNS server asdefined for your system, or it can be any other DNS server you specify,including the root name servers. 



   







A typical invocation of dig would be asfollows:
$dig google.com
;<<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>>google.com
;;global options:  printcmd
;;Got answer:
;;->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29558
;;flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 13, ADDITIONAL: 2
;;QUESTION SECTION:
;google.com.                   IN      A
;;ANSWER SECTION:
google.com.            226     IN     A       74.125.19.99
google.com.            226     IN     A       74.125.19.103
google.com.            226     IN     A       74.125.19.104
google.com.            226     IN     A       74.125.19.147
;;AUTHORITY SECTION:
.                      55953   IN     NS      c.root-servers.net.
.                      55953   IN     NS      d.root-servers.net.
.                      55953   IN     NS      e.root-servers.net.
.                      55953   IN     NS      f.root-servers.net.
.                      55953   IN     NS      g.root-servers.net.
.                      55953   IN     NS      h.root-servers.net.
.                      55953   IN     NS      i.root-servers.net.
.                      55953   IN     NS      j.root-servers.net.
.                      55953   IN     NS      k.root-servers.net.
.                      55953   IN     NS      l.root-servers.net.
.                      55953   IN     NS      m.root-servers.net.
.                      55953  IN      NS     a.root-servers.net.
.                      55953   IN     NS      b.root-servers.net.
;;ADDITIONAL SECTION:
i.root-servers.net.    604759  IN     A       192.36.148.17
l.root-servers.net.    208308  IN      AAAA   2001:500:3::42
;;Query time: 58 msec
;;SERVER: 192.168.250.12#53(192.168.250.12)
;;WHEN: Wed May 12 18:06:50 2010
;;MSG SIZE  rcvd: 347

Dig is quite verbose, so there is alot of information here, and not all of it is useful. The important bits arethe A records pointing to google.com, and the server that was queried (in thiscase 192.168.250.12). The information can be trimmed by specifying certainflags:
$dig google.com +noauthority +noadditional
;<<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>>google.com +noauthority +noadditional
;;global options:  printcmd
;;Got answer:
;;->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55797
;;flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 13, ADDITIONAL: 2
;;QUESTION SECTION:
;google.com.                   IN     A
;;ANSWER SECTION:
google.com.            42      IN     A       74.125.19.104
google.com.            42      IN     A       74.125.19.147
google.com.            42      IN     A       74.125.19.99
google.com.            42      IN     A       74.125.19.103
;;Query time: 0 msec
;;SERVER: 192.168.250.12#53(192.168.250.12)
;;WHEN: Wed May 12 18:09:54 2010
;;MSG SIZE  rcvd: 347

Knowing the A record, orauthoritative IP address, is very useful information. But so is knowing whatDNS server is authoritative for that domain name, or knowing which mail serversaccept mail for that domain. This can be done by telling dig to get the NS orMX records; if you want all of them, use the ANY option:
$dig MX google.com +short
200google.com.s9a2.psmtp.com.
300google.com.s9b1.psmtp.com.
400google.com.s9b2.psmtp.com.
100google.com.s9a1.psmtp.com.
The +short option is veryuseful to just provide the answers; in this case, we have the names of the MXrecords with their priority.

Want to do a reverse lookup? 
This canbe done with the -x option and specifying an IP address instead of a domainname:
$dig -x 74.125.148.13 +short
s9b1.psmtp.com.
And if you want to see the resultsfrom a different DNS server, use the @ prefix with the DNS server to use:
$dig @ns.isp.com google.com
There is also the TXT record fordomains that can be useful, especially if you wan to look up SPF (Sender PolicyFramework, an email validation system) information. For instance:
$dig TXT google.com +short
"v=spf1include:_netblocks.google.com ip4:216.73.93.70/31 ip4:216.73.93.72/31~all"
The dig utility is very handy,especially when used with troubleshooting. It has a lot of options and a lot ofdifferent things it can do; take a look at the output of dig -h for anidea of the many options available.

CODE: 
FULL DOWNLOAD


Thanks...
Posted in , , , , , ,
You can leave a response, or trackback from your own site.

About 'Anu': My name is 'Anu' also Known as 'ANU 007 TIGER' .I'm administrator of 'PC Tips by Anu' blog .This blog was opened for sharing contents about hacking n cracking.
Thanks YAHOO OR GMAIL

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
Back to Top