DNS Interrogation

DNS Record Types (http://en.wikipedia.org/wiki/List_of_DNS_record_types)

• A: IPv4 Address record
• CNAME: Canonical Name (alias)
• MX: Mail Exchange record (mail servers for domain)
• NS: Name Server record (authoritative name server)
• PTR: Pointer for inverse lookups record (reverse record)
• SOA: Start of Authority record (server authoritative for zone)
• TXT: Text record (arbitrary text string - often used vs. spam)
• HINFO: Host Information record (formerly system type) - rarely used
• RP: Responsible Person record (info of human) - rarely used
• SRV: Service Locator record (host/port info - used for newer protocols instead of creating proto-specific records like MX) - rarely used

nslookup (+interactive mode)

• server
• set
• - type=any
• - [no]recurse
• ls -d [> filename]
• view

DNS Cache Snooping - Luis Grangia (http://www.sysvalue.com/ResourcesUser/docs/dns_cache_snooping.pdf)

dig [@global-server [domain] [type]

• dig @ -t AXFR (All zone transfer)
• dig @ -t IXFR= (Incremental zone transfer, retrieving records since SOA serial number was N)
• +[no]recursive (recursive searches default)
• Dig for Windows (http://www.nscan.org/dig.html)
  

DNSstuff.com & DNS Query Websites

• http://member.dnsstuff.com/pages/tools.php
• DNS Report (Improved, lots of info – but only trial free now)
• Whois/IPWhois Lookup
• IP Information (City, Country, etc.)
• URL Deobfuscator
• Traceroute