[dns-operations] check if a domain has been registered via DNS
Stephane Bortzmeyer
bortzmeyer at nic.fr
Fri Apr 28 07:24:11 UTC 2017
On Fri, Apr 28, 2017 at 09:32:34AM +0800,
Peng Yonghua <pyh at vodafonemail.de> wrote
a message of 9 lines which said:
> > What would work for your situation is to test for the presence of
> > NS records at the registry level, and if they are absent to fall
> > back to whois to confirm.
>
> good idea.
No bad idea. Really, you should drop the entire project. There are
more things in the domain world than you imagine.
Two reasons why it may fail (thanks to a colleague who is too shy to
post here):
1) Some TLD do not delegate at all
% dig @d.ns.tk -t NS +norecurs tkj6g.tk
; <<>> DiG 9.10.3-P4-Debian <<>> @d.ns.tk -t NS +norecurs tkj6g.tk
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18776
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;tkj6g.tk. IN NS
;; AUTHORITY SECTION:
tk. 5 IN SOA a.ns.tk. joost\.zuurbier.dot.tk. (
1493361600 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
604800 ; expire (1 week)
5 ; minimum (5 seconds)
)
;; Query time: 17 msec
;; SERVER: 2001:678:5c::1#53(2001:678:5c::1)
;; WHEN: Fri Apr 28 09:22:22 CEST 2017
;; MSG SIZE rcvd: 97
2) Some have wildcards:
% dig @ns3.dns.ws -t NS x$(hexdump -e '/1 "%02x"' -n 31 /dev/urandom).ws
; <<>> DiG 9.10.3-P4-Debian <<>> @ns3.dns.ws -t NS x2d6fcbd3fc6c1edce18c874a1bcb550672a5ee4afba6e374bcd67494296567.ws
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3215
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 8, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;x2d6fcbd3fc6c1edce18c874a1bcb550672a5ee4afba6e374bcd67494296567.ws. IN NS
;; AUTHORITY SECTION:
IIG01QLMMRJU3J9C5UEJ2AQP0D5OJR3F.ws. 86400 IN NSEC3 1 1 10 806C62E1B78B767C (
IM0O08O5F0TE608RESL6HCPCDMPDO86S
A NS SOA MX RRSIG DNSKEY NSEC3PARAM )
IIG01QLMMRJU3J9C5UEJ2AQP0D5OJR3F.ws. 86400 IN RRSIG NSEC3 8 2 86400 (
20170528052917 20170428052917 6141 ws.
H09I05I3L+gmrnUsRQZ9ymcBQ1rxDH1RsERps16WnsJo
qrvLx/AdB8NqA5iJPnE86koGkPdmXHc2b9zbU3uuh3qm
ay++KWlT1dlmCf0mbevoAycN0dW5PuDKb7pmlMnSPg/H
hl28XbLfOfX/8sRHjI79aiPFFic7G3DXwOBQEAo= )
34IBHP0CB49CNPSD60EMTLD3CK9TMM8E.ws. 86400 IN NSEC3 1 1 10 806C62E1B78B767C (
37M2A7SE2UL454TMII7BHOVSDC7SB5HJ
TXT RRSIG )
34IBHP0CB49CNPSD60EMTLD3CK9TMM8E.ws. 86400 IN RRSIG NSEC3 8 2 86400 (
20170528052917 20170428052917 6141 ws.
fPq50AVHgTCVitw++vCldJ2wRG/cI94HzxwYNZ4vuIyM
VGHWudqGm3qVM14QgUq7B/mGcrZy1Yo7wWYIGAuSpyUU
KMAl6vrdQU7kI0rVWRzj5AzGsWunWbHPymsd9UTFykHl
ofvcpS5Yg/1Xw8m3b2FwyfkPUKkFw2SPcOu8JfI= )
F77R4FHVT9543N9GLP9DJTDFHVBN1PCJ.ws. 86400 IN NSEC3 1 1 10 806C62E1B78B767C (
FBK53JUKM6O8TSOVH915VC5IOB319HMF
A MX TXT RRSIG )
F77R4FHVT9543N9GLP9DJTDFHVBN1PCJ.ws. 86400 IN RRSIG NSEC3 8 2 86400 (
20170528052917 20170428052917 6141 ws.
qlEo3nvJqwVrXtzIEbyWYGWEF40Cpj5Sxk5I9YGCTR8u
93eIFLYQ6kPavN8Z8BQXrONcrp7EPhRTZPhSNoOGytrI
KHFBaTsEZIwunQiip2rPajUZAX6cmz+H6ACgkIecSi6v
Intl9psAYuSSEnufoStMK7ILdvcPcJSl6OuLM7k= )
ws. 21600 IN SOA ns2.dns.ws. hostmaster.dns.ws. (
1704271729 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
ws. 21600 IN RRSIG SOA 8 1 21600 (
20170528070952 20170428060952 6141 ws.
CKGJ65huqS5FWT/+SVvZioC8TNTf3XBH3ymahTIGsu3O
nPvQ7M7jywxxBJ2yJUFTJKbpTQqfjh6e+AqTlfd4zMp2
Rtu25Wh5PUttvLgBjAPG5p1G9z/UaE9uIg+f2HG3BSez
h2CBXzFLP8HT9rFku8ABnzZznaN3d33gZ02BhFI= )
;; Query time: 107 msec
;; SERVER: 173.228.153.149#53(173.228.153.149)
;; WHEN: Fri Apr 28 09:23:31 CEST 2017
;; MSG SIZE rcvd: 1060
More information about the dns-operations
mailing list