[ale] OT: DNS query (dig) question
Chris Ricker
kaboom at gatech.edu
Tue May 11 13:37:02 EDT 2004
On Tue, 11 May 2004, Fulton Green wrote:
> Back in the "nslookup" days, I could do a query on all the registered
> hostnames for a given domain, something akin to:
>
> nslookup> ls -d somedomain.com > somedomainhosts.txt
>
> Now that nslookup is deprecated, I was wondering if there was a similar
> way to perform this type of query, or if this type of query has since
> been deemed a security risk.
"ls -d" did a zone transfer, and as you thought, it is a security risk. Many
sites today restrict who can do a zone transfer, and the ones that don't
probably all should ;-)
If you can find a site which permits zone transfers, you can use dig to pull
the zone
$ dig @dns_server zone_to_pull axfr
later,
chris
More information about the Ale
mailing list