|
DNS Stands for "Domain Name System". Without
DNS, the internet would be nothing more than a muddle of IP addresses.
The DNS System allows users to type a name instead of an IP address.
The security implications of DNS are very broad. For a hacker, the DNS
setup for a network can reveal many security holes. It is for this reason
that we must be able to test and administer the system effectively.
For more information on DNS, DNS Health and DNS
Security visit Men and Mice.
Name Lookup
The DNS Tools included with Net
Tool Box can be used for almost any form of DNS interrogation. The most
simple of these is the "Name Resolver" tool. It basically
performs a dual lookup from either a name to an IP address or vica versa.
For example, if you put in the name "www.apple.com",
it will tell you the IP address associated with that name and also,
the reverse lookup host name. You might sometimes find that you will
get nothing back from a lookup under the "Root DNS" section.
This indicates that the IP address doesn't have a "PTR" record
that is used for mapping IPs back to names.
DNS Scanner
The next tool on the list, is the DNS Scanner.
This tool takes two consecutive IP addresses and looks up the DNS name
associated with each one respectively. You can either type in two IPs,
or you can have it look up the IPs for you, by just typing in the host
name. You must be careful with DNS Scanner, because it is easy to put
in a very large range, and because of the nature of the system, it can
get "frozen" quite easily. If you are wanting to look up a
whole IP segment (first one ending "0", last ending "255"),
first try a Zone Transfer using the "DNS Lookup" tool.
DNS Lookup
Next we have the most versatile of DNS tools.
This tool is quite open ended. You can perform any kind of DNS lookup
you want. Just type in the domain you are querying, choose a record
type and hit "Query". The resolver will retrieve any zone
records for that domain matching the specification of the Query Type.
For example if you want to see what name servers host "apple.com",
type it into the domain field and choose "NS" from the list.
It will then list all the DNS servers that hold records for "apple.com".
If you don't want it to show the additional "IN A" records
that accompany each lookup, tick the box labeled"Show IN A Records".
MX Lookup
The last DNS tool on the list is called "MX
Lookup". If you ever wondered how exactly your email knows where
to end up when you send it, using MX Lookup, you can easily find out.
The SMTP system used when sending emails relys on DNS to tell it where
to direct any mail for specific domain names. It finds this information
by looking up a domain's "MX Records" from the DNS server.
For example, if I wanted to see where any email to steve.jobs@apple.com
goes; I type in "apple.com" into the domain field. The resolver
will then lookup the MX records for "apple.com" and return
a list of mail servers that are allowed to receive mail on behalf of
Steve Jobs. It is assumed that these servers will place any email for
him in the correct location. The reason there are multiple servers,
is for redundancy (backups). If the primary server is unreachable, the
mail will be sent to the next one on the list and if that one is unreachable
it will go to the next one on the list, etc. The order of preference
is also specified alongside an MX record - this determines which server
to try first.
The only problems associated with the DNS Tools
that I know of is with DNS Lookup. It sometimes rejects queries for
AXFR and SOA. I'm in the process of creating an abstraction class for
the UNIX "dig" command. This will eventually replace the legacy
DNS resolver in Net Tool Box.
|
/internet/NetToolBox22b1/NetToolBox22b1.dmg/Documentation/images/9.gif){kind=small}
/internet/NetToolBox22b1/NetToolBox22b1.dmg/Documentation/images/X.gif){kind=small}