Ruse, Kevin KPSI on Mon, 14 Jul 2003 13:23:05 -0400


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

RE: [PLUG] dig returns "Transfer failed", what to do? 

The short answer is that you can't easily.

Determining NS and MX records for a domain is simple, but determining all
the A records, PTR records and CNAME records is incredibly difficuly if not
impossible. 

You solution was to query all the in-addr.arpa zone files to determine the
host name of each ip addres. Unfortunatly the reverse lookups and the direct
lookup are different zone files and can contain different information. Also
this will not include CNAMEs.

You can always recreate them from scratch given your knowledge of a network
and access to the machines on the network. Just start making files and
adding hosts.

Kevin Ruse
Kvaerner Philadelphia Shipyard

-----Original Message-----
From: kaze [mailto:kaze@voicenet.com]
Sent: Monday, July 14, 2003 11:49 AM
To: plug@lists.phillylinux.org
Subject: RE: [PLUG] dig returns "Transfer failed", what to do?


Hmmm. From your and gr's replies I see that I don't totally understand what
these tools do.

I have requested to be allowed zone transfers to my ip address for my
zones - so that will help if they do it.

If I may restate the question: How can you collect the data needed to create
zone files on an existing domain - other than simply doing a zone transfer
from it?

- Zake

--> -----Original Message-----
--> From: plug-admin@lists.phillylinux.org
--> [mailto:plug-admin@lists.phillylinux.org]On Behalf Of Ruse, Kevin KPSI
--> Sent: Monday, July 14, 2003 10:55 AM
--> To: 'plug@lists.phillylinux.org'
--> Subject: RE: [PLUG] dig returns "Transfer failed", what to do?
-->
-->
--> I'm not sure i understand your point. A zone-transfer tells you
--> everything
--> in the zone. If you knew everything in the zone you could query for that
--> information. dig -t MX google.com; dig -t NS google.com; dig
--> every-single-hostname-and-cname.google.com. As for your example
--> you are just
--> querying an individual record in the 100.53.239.216.in-addr.arpa zone.
-->
--> Kevin Ruse
--> Kvaerner Philadelphia Shipyard
-->
--> -----Original Message-----
--> From: kaze [mailto:kaze@voicenet.com]
--> Sent: Monday, July 14, 2003 10:41 AM
--> To: plug@lists.phillylinux.org
--> Subject: RE: [PLUG] dig returns "Transfer failed", what to do?
-->
-->
--> --> > Does anyone know, is there some software or web sites
--> that generate
--> --> > all the info that would be in a zone file (doesn't have to in the
--> --> > named zone format - I'll do that part), maybe from reverse lookups
--> --> > against all the IPs in the domain's range or something?
--> -->
--> --> That question doesn't make sense. There is NOT a one-to-one mapping
--> --> between IP addresses and hostnames, even if a given domain is
--> --> entirely contained within a given IP-number network. (Think CNAMEs,
--> --> MX records...)
--> -->
--> --> --
--> --> gabriel rosenkoetter
--> --> gr@eclipsed.net
-->
--> Thanks, I'm getting it. But look below, I can get multiple FQDN
--> from one IP
--> using host -v doing a reverse lookup. If I knew all the
--> Internet routable IP
--> addresses of a given domain name would doing "host -v <each
--> IP>" give me all
--> the same mappings, albeit backwards, as getting the zone transfer?
-->
--> - Zake
-->
--> [root@rh9 root]# host google.com
--> google.com has address 216.239.53.100
--> google.com has address 216.239.51.100
-->
--> [root@rh9 root]# host -v 216.239.53.100
--> Trying "100.53.239.216.in-addr.arpa"
--> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7139
--> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
-->
--> ;; QUESTION SECTION:
--> ;100.53.239.216.in-addr.arpa.   IN      PTR
-->
--> ;; ANSWER SECTION:
--> 100.53.239.216.in-addr.arpa. 6098 IN    PTR     www.google.com.
-->
--> ;; AUTHORITY SECTION:
--> 53.239.216.in-addr.arpa. 8262   IN      NS      ns1.google.com.
--> 53.239.216.in-addr.arpa. 8262   IN      NS      ns2.google.com.
--> 53.239.216.in-addr.arpa. 8262   IN      NS      ns3.google.com.
--> 53.239.216.in-addr.arpa. 8262   IN      NS      ns4.google.com.
-->
--> ;; ADDITIONAL SECTION:
--> ns1.google.com.         83890   IN      A       216.239.32.10
--> ns2.google.com.         74092   IN      A       216.239.34.10
--> ns3.google.com.         239626  IN      A       216.239.36.10
--> ns4.google.com.         71234   IN      A       216.239.38.10
-->
--> Received 209 bytes from 68.80.0.6#53 in 285 ms
-->
--> ________________________________________________________________
--> _________
--> Philadelphia Linux Users Group        --
http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion  --   http://lists.netisland.net/mailman/listinfo/plug
_________________________________________________________________________
Philadelphia Linux Users Group        --       http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion  --   http://lists.netisland.net/mailman/listinfo/plug


_________________________________________________________________________
Philadelphia Linux Users Group        --       http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion  --   http://lists.netisland.net/mailman/listinfo/plug
_________________________________________________________________________
Philadelphia Linux Users Group        --       http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion  --   http://lists.netisland.net/mailman/listinfo/plug