RTFM dig(1), (1), (1) Sean Cody MUUG November 9, 2010 http://bit.ly/muug-dns

Monday, November 8, 2010 dig(1), host(1), nslookup(1)?

• Three tools that do almost the same thing. • Specifically DNS resolution.

Monday, November 8, 2010 DNS...

• Turns numbers into names (and vice versa) since… forever. • Before DNS there was /etc/hosts.

Monday, November 8, 2010 DNS example.

• www.muug.mb.ca is _really_ • lisa.muug.mb.ca… but what is that? • lisa.muug.mb.ca is _really_ • lisa.muug.mb.ca. which is • 130.179.31.46 • Without going too deep the name is read/parsed by the socket library as: • dot ca dot mb dot muug dot www

Monday, November 8, 2010 host(1)

• This is a simple tool to look up the IP address of a particular domain name. • In the simplest form takes a single parameter (a hostname) which it requests a resolution from the system’s forwarding DNS server. • hint… specified in /etc/resolv.conf

Monday, November 8, 2010 host(1) example.

• Notice this recurses and gives us the then resolves the alias to the final IP. • As well it gives us something extra… the MX record (aka mail server).

Monday, November 8, 2010 DNS Records

• A - Address record. • NS - record (binds DNS specific server(s) to particular domain(s)). • CNAME - Canonical name (a ‘named alias’). • TXT - A text record.. used for all kinds of stuff (such as SPF). • MX - Mail Exchanger (if I was sending mail to this host where should it go?). • Other records include NA, SOA, SRV AAAA etc.

Monday, November 8, 2010 host(1) options...

• There are a few options available...

Monday, November 8, 2010 host(1) options...

Monday, November 8, 2010 host(1) options...

Monday, November 8, 2010 host(1) full example.

Monday, November 8, 2010 host(1) fullMX example. Looku

Monday, November 8, 2010 host(1) full example. CNAM E

Monday, November 8, 2010 host(1) full example.

Full lookup with a specific DNS server.

Monday, November 8, 2010 host(1) full example.

Monday, November 8, 2010 host(1) full example. What We asked.

Monday, November 8, 2010 host(1) full example. What Server We response. asked.

Monday, November 8, 2010 host(1) full example. What Server We response. asked.

Who is ‘allowed’ to tell us.

Monday, November 8, 2010 dig(1)

• Sometimes referred to as ‘domain information groper.’ • A DNS lookup swiss army knife. • Ships as part of BIND, but usually included in most Linux/ BSD/etc distributions. • In Ubuntu you can install it via: • sudo apt-get install dnsutils

Monday, November 8, 2010 dig(1)

• Has all the features of host(1) but… • Is far verbose. • Has a billion more options. • Can be used for batch lookups.

Monday, November 8, 2010 dig(1) example…

Monday, November 8, 2010 dig(1) example…

• Adding +short makes the output far more manageable.

Monday, November 8, 2010 dig(1) example…

• Use the @ symbol to specify I specific server to query.

Monday, November 8, 2010 dig(1) batch example.

• Let’s compare the output by looking up the MUUG site from two different servers...

Monday, November 8, 2010 dig(1) batch example.

• Let’s compare the output by looking up the MUUG site from two different servers...

Monday, November 8, 2010 Querydig(1) batch example.

• Let’s compare the output by looking up the MUUG site from two different servers...

Monday, November 8, 2010 Querydig(1) batchQuery example.

• Let’s compare the output by looking up the MUUG site from two different servers...

Monday, November 8, 2010 Querydig(1) batchQuery example.Global

• Let’s compare the output by looking up the MUUG site from two different servers...

Monday, November 8, 2010 traceroute for DNS!

• You can specify an option for dig to trace the lookup of a host name from the root servers all they way to your immediate forwarding resolver/cache! • LOTS of output…

Monday, November 8, 2010 traceroute for DNS!

Monday, November 8, 2010 traceroute for DNS!

Monday, November 8, 2010 traceroute for DNS!

Monday, November 8, 2010 traceroute for DNS!

Monday, November 8, 2010 traceroute for DNS!

Monday, November 8, 2010 What actually happened...

Monday, November 8, 2010 What actually happened... Ask my resolver for the record of

Monday, November 8, 2010 What actually happened... Ask my resolver for 192.168.101.1 says the record of ‘ask the root

Monday, November 8, 2010 What actually happened... Ask my resolver for 192.168.101.1 says the record of ‘ask the root

Root Server E says ‘ask CIRA.’

Monday, November 8, 2010 What actually happened... Ask my resolver for 192.168.101.1 says the record of ‘ask the root

Root Server E says CIRA Server A says ‘ask CIRA.’ ‘ask UofM.’

Monday, November 8, 2010 What actually happened... Ask my resolver for 192.168.101.1 says the record of ‘ask the root

Root Server E says CIRA Server A says ‘ask CIRA.’ ‘ask UofM.’

UofM server says ‘I know them… here’s what I know!’

Monday, November 8, 2010 nslookup(1)

• Deprecated (for dig(1)) by the BIND group but is still found all over the place. • Like in Windows… • Similar to dig but is ‘interactive’ by default. • Very annoying.

Monday, November 8, 2010 nslookup(1) example.

Monday, November 8, 2010 nslookup(1) example.

Monday, November 8, 2010 nslookup(1) example.

Monday, November 8, 2010 nslookup(1) example.

Monday, November 8, 2010 When to use these..

• host(1) • Use it for simple lookups. • dig(1) • Use it for finer grained details or debugging. • nslookup(1) • Use it when neither host or dig is available.

Monday, November 8, 2010 Further Notes on DNS

• For a better description of DNS, DNS records and services watch HAK5 Episode 808 & 809. • http://revision3.com/hak5/dns-stoned-sms- penguin • http://revision3.com/hak5/hak5-809

Monday, November 8, 2010 That’s it...

Questions?

Monday, November 8, 2010