.1host:dns信息
参数:
一般情况下,host查找的是a,aaaa,和mx的记录
案例:
dns服务器查询
host -t ns 域名
a记录和mx记录查询
host 域名(host -t a 域名 + host -t mx 域名)
ps:a (address) 记录是用来指定主机名(或域名)对应的ip地址记录。用户可以将该域名下的网站服务器指向到自己的web server上。同时也可以设置您域名的子域名。通俗来说a记录就是服务器的ip,域名绑定a记录就是告诉dns,当你输入域名的时候给你引导向设置在dns的a记录所对应的服务器。
ps:mx记录也叫做邮件路由记录,用户可以将该域名下的邮件服务器指向到自己的mail server上,然后即可自行操控所有的邮箱设置。您只需在线填写您服务器的ip地址,即可将您域名下的邮件全部转到您自己设定相应的邮件服务器上。简单的说,通过操作mx记录,您才可以得到以您域名结尾的邮局。
4.2dig :dns挖掘
root@kali:/home/dnt# dig -h
usage: dig [@global-server] [domain] [q-type] [q-class] {q-opt}
{global-d-opt} host [@local-server] {local-d-opt}
[ host [@local-server] {local-d-opt} [...]]
where: domain is in the domain name system
q-class is one of (in,hs,ch,...) [default: in]
q-type is one of (a,any,mx,ns,soa,hinfo,axfr,txt,...) [default:a]
(use ixfr=version for type ixfr)
q-opt is one of:
-x dot-notation (shortcut for reverse lookups)
-i (use ip6.int for ipv6 reverse lookups)
-f filename (batch mode)
-b address[#port] (bind to source address/port)
-p port (specify port number)
-q name (specify query name)
-t type (specify query type)
-c class (specify query class)
-k keyfile (specify tsig key file)
-y [hmac:]name:key (specify named base64 tsig key)
-4 (use ipv4 query transport only)
-6 (use ipv6 query transport only)
-m (enable memory usage debugging)
d-opt is of the form +keyword[=value], where keyword is:
+[no]vc (tcp mode)
+[no]tcp (tcp mode, alternate syntax)
+time=### (set query timeout) [5]
+tries=### (set number of udp attempts) [3]
+retry=### (set number of udp retries) [2]
+domain=### (set default domainname)
+bufsize=### (set edns0 max udp packet size)
+ndots=### (set ndots value)
+[no]edns[=###] (set edns version) [0]
+[no]search (set whether to use searchlist)
+[no]showsearch (search with intermediate results)
+[no]defname (ditto)
+[no]recurse (recursive mode)
+[no]ignore (don't revert to tcp for tc responses.)
+[no]fail (don't try next server on servfail)
+[no]besteffort (try to parse even illegal messages)
+[no]aaonly (set aa flag in query (+[no]aaflag))
+[no]adflag (set ad flag in query)
+[no]cdflag (set cd flag in query)
+[no]cl (control display of class in records)
+[no]cmd (control display of command line)
+[no]comments (control display of comment lines)
+[no]rrcomments (control display of per-record comments)
+[no]question (control display of question)
+[no]answer (control display of answer)
+[no]authority (control display of authority)
+[no]additional (control display of additional)
+[no]stats (control display of statistics)
+[no]short (disable everything except short
form of answer)
+[no]ttlid (control display of ttls in records)
+[no]all (set or clear all display flags)
+[no]qr (print question before sending)
+[no]nssearch (search all authoritative nameservers)
+[no]identify (id responders in short answers)
+[no]trace (trace delegation down from root [+dnssec])
+[no]dnssec (request dnssec records)
+[no]nsid (request name server id)
+[no]sigchase (chase dnssec signatures)
+trusted-key=#### (trusted key when chasing dnssec sigs)
+[no]topdown (do dnssec validation top down mode)
+[no]split=## (split hex/base64 fields into chunks)
+[no]multiline (print records in an expanded format)
+[no]onesoa (axfr prints only one soa record)
+[no]keepopen (keep the tcp socket open between queries)
global d-opts and servers (before host name) affect all queries.
local d-opts and servers (after host name) affect only that lookup.
-h (print help and exit)
-v (print version and exit)
常用:dig 域名 any
root@kali:/home/dnt# dig cnblogs.com any
; <<>> dig 9.9.5-9+deb8u2-debian <<>> cnblogs.com any
;; global options: +cmd
;; got answer:
;; ->>header<<- opcode: query, status: noerror, id: 18664
;; flags: qr rd ra; query: 1, answer: 2, authority: 0, additional: 0
;; question section:
;cnblogs.com. in any
;; answer section:
cnblogs.com. 5 in ns ns4.dnsv4.com.
cnblogs.com. 5 in ns ns3.dnsv4.com.
;; query time: 2010 msec
;; server: 192.168.232.2#53(192.168.232.2)
;; when: thu dec 24 23:19:22 cst 2015
;; msg size rcvd: 71
4.3ns lookup :dns裤子
windows+linux都自带
nslookup最简单的用法就是查询域名对应的ip地址,包括a记录和cname记录
帮助文档:man nslookup
我们看看windows里面的帮助文档(明了一点)
常用命令:nslookup
0.设置默认服务器
server 8.8.8.8
1.简单查询域名信息
> set type=any
> cnblogs.com
2.查询域名cname记录(别名指向)
> set type=cname
3.查询域名a记录(通俗来说a记录就是服务器的ip,域名绑定a记录就是告诉dns,当你输入域名的时候给你引导向设置在dns的a记录所对应的服务器)
4.查询域名mx记录(邮件记录)
> set type=mx
5.查询域名ns记录(域名所使用的dns)
不懂什么意思?给你看个图:(阿里云解析)
在不懂就百度谷歌吧