What is a DNS lookup?
A domain has a number of records associated with it, a DNS server can be queried to determine the IP address of the primary domain (A record), mail servers (MX records), DNS servers (NS nameservers) and other items such as SPF records (TXT records).
Different tools provide this functionality, a common one being
nslookup which is available on many operating systems including Microsoft Windows and most Linux distributions. Another tool found on Linux based systems is the dig tool. This is generally a more advanced tool that has a number of features that
nslookup does not.
In the past we used the
dig command line tool for this DNS lookup tool. We used it to show the response from a query of type
any. Over the past couple of years the
any query type has been deprecated.
A primary reason for deprecating the
any type is that it was often used in DNS amplification attacks (DDOS). The idea of an amplification attack is the attacker sends a small response and gets a large response sent to the target. Often using simple spoofed DNS queries.
Updated Result Format
Since the update from DNS type to ANY to now performing multiple requests for common records the format of the response has been updated to make reading the results clearer. We are currently checking for record types A, AAAA, MX, NS, CNAME, TXT, PTR & SOA.
Security implications of DNS queries
By its nature external facing DNS is an open and public service, while the information is openly available you should be aware of what information is being revealed. Security penetration testers and attackers will use information collected from DNS to expand their knowledge of an organizations information technology infrastructure and from that knowledge begin to understand the attack surface.
For example, the SPF records that an organization can publish in order to improve email security can also reveal the IP addresses or hostnames of systems with the ability to send email. These services can all then become targets to be assessed and attacked.
DNS Lookup API using dig
In addition to the web form on this page there is another way to grab the DNS records for a domain. Use this simple API using
curl or any other HTTP based tool or software. Output is of content type text.
The API is simple to use and aims to be a quick reference tool; like all our IP Tools there is a limit of 50 queries per day or you can increase the daily quota with a Membership. For those who need to send more packets HackerTarget has Enterprise Plans.
Know your Network - Know the Adversary
Know your Target
Next level testing with advanced Security Vulnerability Scanners.
Trusted tools. Hosted for easy access.
Remove limits with a full membership
More info available