[dns-operations] check if a domain has been registered via DNS
Peng Yonghua
pyh at vodafonemail.de
Fri Apr 28 07:35:01 UTC 2017
在 2017/4/28 下午3:24, Stephane Bortzmeyer 写道:
> On Fri, Apr 28, 2017 at 09:32:34AM +0800,
> Peng Yonghua <pyh at vodafonemail.de> wrote
> a message of 9 lines which said:
>
>>> What would work for your situation is to test for the presence of
>>> NS records at the registry level, and if they are absent to fall
>>> back to whois to confirm.
>>
>> good idea.
>
> No bad idea. Really, you should drop the entire project. There are
> more things in the domain world than you imagine.
>
> Two reasons why it may fail (thanks to a colleague who is too shy to
> post here):
>
> 1) Some TLD do not delegate at all
>
> % dig @d.ns.tk -t NS +norecurs tkj6g.tk
>
> ; <<>> DiG 9.10.3-P4-Debian <<>> @d.ns.tk -t NS +norecurs tkj6g.tk
> ; (2 servers found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18776
> ;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
It returns NOERROR, so domain has been taken.
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 512
> ;; QUESTION SECTION:
> ;tkj6g.tk. IN NS
>
> ;; AUTHORITY SECTION:
> tk. 5 IN SOA a.ns.tk. joost\.zuurbier.dot.tk. (
> 1493361600 ; serial
> 10800 ; refresh (3 hours)
> 3600 ; retry (1 hour)
> 604800 ; expire (1 week)
> 5 ; minimum (5 seconds)
> )
>
> ;; Query time: 17 msec
> ;; SERVER: 2001:678:5c::1#53(2001:678:5c::1)
> ;; WHEN: Fri Apr 28 09:22:22 CEST 2017
> ;; MSG SIZE rcvd: 97
>
>
> 2) Some have wildcards:
it's bad pratical that root zone has wildcards as it had got discussed
here. :)
>
> % dig @ns3.dns.ws -t NS x$(hexdump -e '/1 "%02x"' -n 31 /dev/urandom).ws
>
> ; <<>> DiG 9.10.3-P4-Debian <<>> @ns3.dns.ws -t NS x2d6fcbd3fc6c1edce18c874a1bcb550672a5ee4afba6e374bcd67494296567.ws
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3215
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 8, ADDITIONAL: 1
> ;; WARNING: recursion requested but not available
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 4096
> ;; QUESTION SECTION:
> ;x2d6fcbd3fc6c1edce18c874a1bcb550672a5ee4afba6e374bcd67494296567.ws. IN NS
>
> ;; AUTHORITY SECTION:
> IIG01QLMMRJU3J9C5UEJ2AQP0D5OJR3F.ws. 86400 IN NSEC3 1 1 10 806C62E1B78B767C (
> IM0O08O5F0TE608RESL6HCPCDMPDO86S
> A NS SOA MX RRSIG DNSKEY NSEC3PARAM )
> IIG01QLMMRJU3J9C5UEJ2AQP0D5OJR3F.ws. 86400 IN RRSIG NSEC3 8 2 86400 (
> 20170528052917 20170428052917 6141 ws.
> H09I05I3L+gmrnUsRQZ9ymcBQ1rxDH1RsERps16WnsJo
> qrvLx/AdB8NqA5iJPnE86koGkPdmXHc2b9zbU3uuh3qm
> ay++KWlT1dlmCf0mbevoAycN0dW5PuDKb7pmlMnSPg/H
> hl28XbLfOfX/8sRHjI79aiPFFic7G3DXwOBQEAo= )
> 34IBHP0CB49CNPSD60EMTLD3CK9TMM8E.ws. 86400 IN NSEC3 1 1 10 806C62E1B78B767C (
> 37M2A7SE2UL454TMII7BHOVSDC7SB5HJ
> TXT RRSIG )
> 34IBHP0CB49CNPSD60EMTLD3CK9TMM8E.ws. 86400 IN RRSIG NSEC3 8 2 86400 (
> 20170528052917 20170428052917 6141 ws.
> fPq50AVHgTCVitw++vCldJ2wRG/cI94HzxwYNZ4vuIyM
> VGHWudqGm3qVM14QgUq7B/mGcrZy1Yo7wWYIGAuSpyUU
> KMAl6vrdQU7kI0rVWRzj5AzGsWunWbHPymsd9UTFykHl
> ofvcpS5Yg/1Xw8m3b2FwyfkPUKkFw2SPcOu8JfI= )
> F77R4FHVT9543N9GLP9DJTDFHVBN1PCJ.ws. 86400 IN NSEC3 1 1 10 806C62E1B78B767C (
> FBK53JUKM6O8TSOVH915VC5IOB319HMF
> A MX TXT RRSIG )
> F77R4FHVT9543N9GLP9DJTDFHVBN1PCJ.ws. 86400 IN RRSIG NSEC3 8 2 86400 (
> 20170528052917 20170428052917 6141 ws.
> qlEo3nvJqwVrXtzIEbyWYGWEF40Cpj5Sxk5I9YGCTR8u
> 93eIFLYQ6kPavN8Z8BQXrONcrp7EPhRTZPhSNoOGytrI
> KHFBaTsEZIwunQiip2rPajUZAX6cmz+H6ACgkIecSi6v
> Intl9psAYuSSEnufoStMK7ILdvcPcJSl6OuLM7k= )
> ws. 21600 IN SOA ns2.dns.ws. hostmaster.dns.ws. (
> 1704271729 ; serial
> 86400 ; refresh (1 day)
> 3600 ; retry (1 hour)
> 604800 ; expire (1 week)
> 86400 ; minimum (1 day)
> )
> ws. 21600 IN RRSIG SOA 8 1 21600 (
> 20170528070952 20170428060952 6141 ws.
> CKGJ65huqS5FWT/+SVvZioC8TNTf3XBH3ymahTIGsu3O
> nPvQ7M7jywxxBJ2yJUFTJKbpTQqfjh6e+AqTlfd4zMp2
> Rtu25Wh5PUttvLgBjAPG5p1G9z/UaE9uIg+f2HG3BSez
> h2CBXzFLP8HT9rFku8ABnzZznaN3d33gZ02BhFI= )
>
> ;; Query time: 107 msec
> ;; SERVER: 173.228.153.149#53(173.228.153.149)
> ;; WHEN: Fri Apr 28 09:23:31 CEST 2017
> ;; MSG SIZE rcvd: 1060
>
More information about the dns-operations
mailing list