====== DNS ======
Quelques outils dns
apt install dnsutils
Ce paquet fournit divers programmes clients reliés à DNS, qui sont dérivés de l'arbre source de BIND.
* dig : effectue des requêtes DNS de différentes façons
* nslookup : ancienne façon de procéder
* nsupdate : fait des mises à jour dynamiques
dig google.fr
Google propose un site web comme interface avec dig => https://toolbox.googleapps.com/apps/dig
Commande de base, utilise votre config dns local
$ dig google.com
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47060
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 264 IN A 216.58.209.238
;; Query time: 7 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Tue Mar 10 16:44:40 CET 2020
;; MSG SIZE rcvd: 55
Questionner un autre serveur DNS
$ dig google.com @8.8.8.8
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> google.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26450
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 299 IN A 216.58.204.110
;; Query time: 24 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Mar 10 16:44:44 CET 2020
;; MSG SIZE rcvd: 55
Consulter les NS
$ dig NS google.com
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> NS google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25987
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;google.com. IN NS
;; ANSWER SECTION:
google.com. 14416 IN NS ns3.google.com.
google.com. 14416 IN NS ns4.google.com.
google.com. 14416 IN NS ns1.google.com.
google.com. 14416 IN NS ns2.google.com.
;; Query time: 117 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Tue Mar 10 16:45:00 CET 2020
;; MSG SIZE rcvd: 111
Renvoie le PTR
$ dig -x google.com
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> -x google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43376
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;com.google.in-addr.arpa. IN PTR
;; Query time: 170 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Tue Mar 10 16:45:07 CET 2020
;; MSG SIZE rcvd: 52
Renvoie tous les type de record enregistré dans le DNS
$ dig ANY google.com
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> ANY google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30603
;; flags: qr rd ra; QUERY: 1, ANSWER: 18, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;google.com. IN ANY
;; ANSWER SECTION:
google.com. 233 IN A 216.58.209.238
google.com. 14405 IN NS ns4.google.com.
google.com. 14405 IN NS ns1.google.com.
google.com. 14405 IN NS ns2.google.com.
google.com. 14405 IN NS ns3.google.com.
google.com. 59 IN SOA ns1.google.com. dns-admin.google.com. 299797304 900 900 1800 60
google.com. 599 IN MX 20 alt1.aspmx.l.google.com.
google.com. 599 IN MX 40 alt3.aspmx.l.google.com.
google.com. 599 IN MX 50 alt4.aspmx.l.google.com.
google.com. 599 IN MX 30 alt2.aspmx.l.google.com.
google.com. 599 IN MX 10 aspmx.l.google.com.
google.com. 299 IN TXT "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289"
google.com. 299 IN TXT "v=spf1 include:_spf.google.com ~all"
google.com. 3599 IN TXT "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="
google.com. 3599 IN TXT "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95"
google.com. 299 IN TXT "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"
google.com. 299 IN AAAA 2a00:1450:400c:c00::65
google.com. 21599 IN CAA 0 issue "pki.goog"
;; Query time: 49 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Tue Mar 10 16:45:11 CET 2020
;; MSG SIZE rcvd: 649
Retourne le résultat dans un format court
$ dig MX google.com +short
10 aspmx.l.google.com.
30 alt2.aspmx.l.google.com.
50 alt4.aspmx.l.google.com.
40 alt3.aspmx.l.google.com.
20 alt1.aspmx.l.google.com.