Dns Footprinting
1.8 Dns Footprinting
My resume of module 02 footprinting form CEH material
The next phase in footprinting methodology is DNS footprinting. This following section describes how to extract DNS information and the DNS interrogation tools.
Extracting DNS Information
DNS footprinting, namely Domain Name System footprinting, reveals information about DNS zone data. DNS zone data include DNS domain names, computer names, IP addresses, and much more about a particular network. An attacker uses DNS information to determine key hosts in the network, and then performs social engineering attacks to gather even more information.
DNS interrogation tools such as http://www.dnsstuff.com and DNS Records (http://network- tools.com) enable user to perform DNS footprinting. DNSstuff extracts DNS information about IP addresses, mail server extensions, DNS lookups, Whois lookups and so on. It can extract a range of IP addresses utilizing an IP routing lookup. If the target network allows unknown, unauthorized users to transfer DNS zone data, then it is easy for an attacker to obtain the information about DNS with the help of the DNS interrogation tool.
When the attacker queries the DNS server using the DNS interrogation tool, the server then responds with a record structure that contains information about the target DNS. DNS records provide important information about the location and types of servers.
DNS Interrogation Tools
The DNS Lookup tools retrieve the DNS records for a specified domain or hostname. These tools retrieve information such as domains and IP addresses, domain Whois records, DNS records, and network Whois record.
- Professional Toolset
Source: http://www.dnsstuff.com
Professional Toolset assists IT professionals troubleshooting, managing, and
configuring the domain and email.
Professional Toolset includes Domain/WWW tools, IP tools, Networking tools, and Email
tools that assist with:
- DNS troubleshooting, management and monitoring
- Network administration and troubleshooting
- Email troubleshooting and diagnostics
- Internet/Cybercrime forensics
- Spam combat
- Insight into an IP address
- Internet configuration, connectivity and performance
Some of the DNS interrogation tools used to extract DNS information include:
- DIG (http://www.kloth.net)
- myDNSTools (http://www.mydnstools.info)
- Domain Dossier (https://centralops.net)
- DNSDataView (http://www.nirsoft.net)
- DNSWatch (https://www.dnswatch.info)
- DNS Tools (http://dnstools.com)
- DNS Lookup Tool (https://network-tools. webwiz.net)
- DomainTools (http://www.domaintools.com)
- DNS Query Utility (http://www.dnsqueries.com)
- DNS Lookup Tool (https://www.ultratools.com)
- DNS Check (http://dnscheck. pingdom.com)
- Fierce (https://github.com)
- MX Lookup (https://mxtoolbox.com)
Some of the DNS interrogation tools for use with smartphones include:
- DNS Lookup Tool (https://www.theemaillaundry.com)
- Ping & DNS (http://www.ulfdittmer.com)
- IP Tools (http://www. iptools.su)
- DNS Lookup (https://play.google.com)
- DNS Lookup and Whois (https://www.networkpanda.com)
- DNS Tools (https://www.dnssniffer.com)
- and github