|Front | Info | Lists | Newsfeeds | Study Guide | What is BSD?|
This is the BSDA Study Guide Book written via a wiki collaboration. This is a work in progress. You may contribute to or discuss this specific page at http://bsdwiki.reedmedia.net/wiki/Determine_who_is_responsible_for_a_DNS_zone.html.
Determine who is responsible for a DNS zone
Be able to perform a reverse DNS lookup to determine the network associated with an IP address and gather contact information regarding that network.
(Note: Basic information on DNS system is covered in section Query a DNS server)
Being a BSD system administrator requires the knowledge of obtaining contact information of persons responsible for a given DNS zone. This is most commonly achieved through a reverse DNS lookup or a whois query.
Having only an IP address, the first step is to perform a reverse DNS lookup for a given address to obtain information on domain to which this machine belongs to. Both the dig(1) and whois(1) commands can be used for this purpose.
A reverse DNS lookup can be performed using the -x flag to the dig(1) command. The information that we're looking for is located within the SOA record.
One of the pieces of information obtained with this command is a contact e-mail address for the person responsible for a given DNS zone. This is located just after the hostname of the primary DNS server for the zone and is shown with a . (dot) instead of the usual @ character. In this case it is dns-admin.google.com which should be read as email@example.com.
The whois(1) command does not require any additional parameters to perform a lookup and it provides far more detailed contact information.
Notice that the format of the whois output depends on many factors, such as the registry for the IP address block, but each gives similarly detailed information. Notice also, that the information gained from a whois query on an IP address may differ from the information gained when querying a domain name pointing to the very same IP address. Most commonly this occurs when the domain is administered by a different organization than the IP address block.
dig(1) and whois(1)