2.2.8 DNS Footprinting
Extracting DNS Information (重要)
- Attacker can gather DNS information to determine key hosts in the network and can perform social engineering attacks.
- DNS records provide important information about location and type of servers.
- DNS Interrogation Tools:
- Name -> IP
- IP -> Name
- Service -> Name
Record | Description |
---|---|
A | Points to a host's IP address |
MX | Points to domain's mail server |
NS | Points to host's name server |
CNAME | Canonical naming allows aliases to a host |
SDA | Indicate authority for domain |
SRV | Service records |
PTR | Maps IP address to a hostname |
RP | Responsible person |
HINFO | Host information record includes CPU type and OS |
TXT | Unstructured text records |
- Linux
host
command- GET dns.google.com
- dnsdumpster