Index of /files/code/dnsnew

[ICO]NameLast modifiedSizeDescription

[PARENTDIR]Parent Directory   -  
[   ]dnsnew-0.1.tar.gz 2007-11-20 21:47 2.0K 
[DIR]dnsnew-0.1/ 2012-03-27 15:44 -  
[   ]dnsnew.tar.gz 2007-11-20 21:47 2.0K 

dnsnew: yet another DNS scanner.

dnsnew is a small Perl script that looks up DNS resource records (RRs)
for a given network, specified in CIDR notation.  The Net::CIDR Perl
module is required.  Basic syntax is shown below:

% ./dnsnew.pl [-n] prefix/len

``prefix'' is a network number, such as 10.1.1.0 or 172.16.3.2, and
``len'' is the prefix length (aka subnet mask bits).

For each address in the given network range, dnsnew first looks up the
PTR resource record.  If it doesn't exist, ``NXDOMAIN'' is printed to
the screen, and the next address is queried.  However, if a PTR record
is found, dnsnew will take the first one, and attempt to look up all A
RRs for it.  If at least one of the A records matches the original IP,
then an ``OK'' message is printed, indicating that forward and reverse
lookups have succeeded.  If none of the A records match the original IP,
a message of ``MISMATCH'' is printed.  It's also possible that there are
no A records for the PTR RR returned, so an ``NXDOMAIN'' will be printed
to the screen.

If executed on a terminal supporting color, A records that do not match
the original IP address will be printed in red, while the record that
doe match will be green.  There is an optional -n flag, which will
disable the ANSI color, in the event the output needs to be redireced to
a file.  The matching A record (normally green) will be prefixed by a
asterisk, instead.

Here are a few examples:

% ./dnsnew.pl 10.3.7.160/29
PTR 10.3.7.160 -> NXDOMAIN
PTR 10.3.7.161 -> 0.0.FastEthernet.defiant.prolixium.net, A $_ -> 10.3.7.161 [OK]
PTR 10.3.7.162 -> 0.0.FastEthernet.voyager.prolixium.net, A $_ -> 10.3.7.162 [OK]
PTR 10.3.7.163 -> 0.0.fxp.vorta.prolixium.net, A $_ -> 10.3.7.163 [OK]
PTR 10.3.7.164 -> NXDOMAIN
PTR 10.3.7.165 -> NXDOMAIN
PTR 10.3.7.166 -> NXDOMAIN
PTR 10.3.7.167 -> NXDOMAIN

% ./dnsnew.pl 128.113.2.9/32
PTR 128.113.2.9 -> vip.web.server.rpi.edu, A $_ -> 128.113.2.9 [OK]

% ./dnsnew.pl 128.6.194.128/28
PTR 128.6.194.128 -> NXDOMAIN
PTR 128.6.194.129 -> NXDOMAIN
PTR 128.6.194.130 -> cil-server-130.rutgers.edu, A $_ -> 128.6.194.130 [OK]
PTR 128.6.194.131 -> citrix404.rutgers.edu, A $_ -> 128.6.194.131 [OK]
PTR 128.6.194.132 -> NXDOMAIN
PTR 128.6.194.133 -> NXDOMAIN
PTR 128.6.194.134 -> paxal.scilsnet.rutgers.edu, A $_ -> 172.18.165.69 [MISMATCH]
PTR 128.6.194.135 -> citrix402.rutgers.edu, A $_ -> 128.6.194.135 [OK]
PTR 128.6.194.136 -> scils-sunray1.rutgers.edu, A $_ -> 172.18.165.80 [MISMATCH]
PTR 128.6.194.137 -> scils-sunray2.rutgers.edu, A $_ -> 172.18.165.81 [MISMATCH]
PTR 128.6.194.138 -> nb-cil-web-01-scilsnet.rutgers.edu, A $_ -> 128.6.194.138 [OK]
PTR 128.6.194.139 -> NXDOMAIN
PTR 128.6.194.140 -> brains.rutgers.edu, A $_ -> 128.6.194.140 [OK]
PTR 128.6.194.141 -> scilsnet-sql-cluster.rutgers.edu, A $_ -> NXDOMAIN
PTR 128.6.194.142 -> cil-server-142.rutgers.edu, A $_ -> 128.6.194.142 [OK]
PTR 128.6.194.143 -> cil-server-143.rutgers.edu, A $_ -> 128.6.194.143 [OK]

% ./dnsnew.pl -n 24.28.193.0/27
PTR 24.28.193.0 -> NXDOMAIN
PTR 24.28.193.1 -> www.rr.com, A $_ -> *24.28.193.1 [OK]
PTR 24.28.193.2 -> quantum.rr.com, A $_ -> *24.28.193.2 [OK]
PTR 24.28.193.3 -> broker.rr.com, A $_ -> 24.28.193.7 [MISMATCH]
PTR 24.28.193.4 -> hercules.rr.com, A $_ -> 24.28.193.8 [MISMATCH]
PTR 24.28.193.5 -> NXDOMAIN
PTR 24.28.193.6 -> NXDOMAIN
PTR 24.28.193.7 -> NXDOMAIN
PTR 24.28.193.8 -> NXDOMAIN
PTR 24.28.193.9 -> NXDOMAIN
PTR 24.28.193.10 -> NXDOMAIN
PTR 24.28.193.11 -> NXDOMAIN
PTR 24.28.193.12 -> NXDOMAIN
PTR 24.28.193.13 -> NXDOMAIN
PTR 24.28.193.14 -> NXDOMAIN
PTR 24.28.193.15 -> NXDOMAIN
PTR 24.28.193.16 -> NXDOMAIN
PTR 24.28.193.17 -> ffaxvahe-ndc-sw04-vlan1.rr.com, A $_ -> *24.28.193.17 [OK]
PTR 24.28.193.18 -> ffaxvahe-ndc-sw03-vlan1.rr.com, A $_ -> *24.28.193.18 [OK]
PTR 24.28.193.19 -> NXDOMAIN
PTR 24.28.193.20 -> NXDOMAIN
PTR 24.28.193.21 -> NXDOMAIN
PTR 24.28.193.22 -> NXDOMAIN
PTR 24.28.193.23 -> NXDOMAIN
PTR 24.28.193.24 -> NXDOMAIN
PTR 24.28.193.25 -> NXDOMAIN
PTR 24.28.193.26 -> NXDOMAIN
PTR 24.28.193.27 -> NXDOMAIN
PTR 24.28.193.28 -> NXDOMAIN
PTR 24.28.193.29 -> NXDOMAIN
PTR 24.28.193.30 -> NXDOMAIN
PTR 24.28.193.31 -> NXDOMAIN