If you have use of a UNIX system, try extracting other types of information from the DNS database using
- Extract the SOA records for your own companys network, and any other domains you find interesting.
Can you tell who provides Internet services for your company?
(Hint: sometimes, DNS service is supplied by the ISP, whose name appears in the name servers.)
Does your company include HINFO records in DNS?
To obtain NS records, use
set type=NS in
nslookup. Find the addresses of name servers for your company or any other
Query internet name servers interactively.
nslookup [-option] [name | -] [server]
nslookup is a program used to query Internet domain name servers. nslookup has two modes: interactive and non-interactive.
Interactive mode allows the user to query name servers for information about various hosts and domains or to print a list of hosts in a domain.
Non-interactive mode is used to print just the name and requested information for a host or domain.
Interactive mode is entered in the following cases:
- when no arguments are given (the default name server will be used)
- when the first argument is a hyphen ("-") and the second argument is the host name or Internet address of a name server.
Non-interactive mode is used when the name or Internet address of the host to be looked up is given as the first argument.
The optional second argument specifies the host name or address of a name server.
Options can also be specified on the command line if they precede the arguments and are prefixed with a hyphen.
For example, to change the default query type to host information, and the initial timeout to 10 seconds, type:
nslookup -query=hinfo -timeout=10