reverse lookup question...

From: Wouter Sonneveldt (w.sonneveldt@xxxxxxxx)
Subject: reverse lookup question... 
 
  
View this article only 
Newsgroups: comp.protocols.dns.bind
Date: 2001-06-26 07:47:09 PST 
 

Hi all,

Does anybody know if it is possible to generate for one specific ip
address
(registered by my company) a complete list of DNS-names that are
associated
with that address?
If I do a 'dig -x 111.222.333.444', I get only one name for each
ip-address,
but I know there are more...

Thanks in advance for your reply,
Wouter Sonneveldt
Network Administrator
IQUIP Informatica B.V.
Message 2 in thread 
From: Simon Waters (Simon@xxxxxxxxxxxxxxxxxxxx)
Subject: Re: reverse lookup question... 
 
  
View this article only 
Newsgroups: comp.protocols.dns.bind
Date: 2001-06-26 08:50:31 PST 
 

Wouter Sonneveldt wrote:
> 
> Does anybody know if it is possible to generate for one specific ip address
> (registered by my company) a complete list of DNS-names that are associated
> with that address?
> If I do a 'dig -x 111.222.333.444', I get only one name for each ip-address,
> but I know there are more...

In general no - you want to do an "inverse query" and the
DNS just doesn't do them. The reverse look up is a special
case, but you can only look up data that has been entered.

If all the zones pointing at this address are your's try
"grepping" the zone files.

Why do you ask?

 Simon

PS: Having only one PTR record per IP address is probably
sensible, as most software that looks at them only gets
confused if you have more than one.
Message 3 in thread 
From: Wouter Sonneveldt (w.sonneveldt@xxxxxxxx)
Subject: Re: reverse lookup question... 
 
  
View this article only 
Newsgroups: comp.protocols.dns.bind
Date: 2001-06-26 13:50:09 PST 
 

Why I'm asking is the following:

Our company doesn't host its own DNS-records. This is done by our ISP.
Now
we want to change ISP's, but still have our names working. But our old
ISP
is having "trouble" finding which registered domain-names we have
(stupid
huh?).

"Simon Waters" <Simon@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:9hab07$hbn@xxxxxxxxxxxxxxxxxx
>
> Wouter Sonneveldt wrote:
> >
> > Does anybody know if it is possible to generate for one specific ip address
> > (registered by my company) a complete list of DNS-names that are associated
> > with that address?
> > If I do a 'dig -x 111.222.333.444', I get only one name for each ip-address,
> > but I know there are more...
>
> In general no - you want to do an "inverse query" and the
> DNS just doesn't do them. The reverse look up is a special
> case, but you can only look up data that has been entered.
>
> If all the zones pointing at this address are your's try
> "grepping" the zone files.
>
> Why do you ask?
>
> Simon
>
> PS: Having only one PTR record per IP address is probably
> sensible, as most software that looks at them only gets
> confused if you have more than one.
>
>
Message 4 in thread 
From: Andrew Dadmun (adadmun@xxxxxxxxxxxxxxxxxxx)
Subject: Re: reverse lookup question... 
 
  
View this article only 
Newsgroups: comp.protocols.dns.bind
Date: 2001-06-26 15:42:46 PST 
 

Go to www.nsi.com and do a whois query in this format:  name
company-name

Example:
Our company is called e-Builder.  Here is a query to find our "owned"
domain
names:

http://www.networksolutions.com/cgi-bin/whois/whois?STRING=name+e-Builder
(URL may be wrapped)

Regards,
Andrew Dadmun
Senior Network Engineer - e-Builder, Inc. - http://www.e-builder.net/
MS Exchange Server FAQ - http://www.swinc.com/resource/exch_faq.htm

Post in a newsgroup, read the response in a newsgroup.
*~*~*    Questions not answered via email    *~*~*

"Wouter Sonneveldt" <w.sonneveldt@xxxxxxxx> wrote in message
news:9hasi1$ku9@xxxxxxxxxxxxxxxxxx
> Why I'm asking is the following:
>
> Our company doesn't host its own DNS-records. This is done by our ISP. Now
> we want to change ISP's, but still have our names working. But our old ISP
> is having "trouble" finding which registered domain-names we have (stupid
> huh?).
>
> "Simon Waters" <Simon@xxxxxxxxxxxxxxxxxxxx> wrote in message
> news:9hab07$hbn@xxxxxxxxxxxxxxxxxx
> >
> > Wouter Sonneveldt wrote:
> > >
> > > Does anybody know if it is possible to generate for one specific ip 
> > > address
> > > (registered by my company) a complete list of DNS-names that are 
> > > associated
> > > with that address?
> > > If I do a 'dig -x 111.222.333.444', I get only one name for each 
> > > ip-address,
> > > but I know there are more...
> >
> > In general no - you want to do an "inverse query" and the
> > DNS just doesn't do them. The reverse look up is a special
> > case, but you can only look up data that has been entered.
> >
> > If all the zones pointing at this address are your's try
> > "grepping" the zone files.
> >
> > Why do you ask?
> >
> > Simon
> >
> > PS: Having only one PTR record per IP address is probably
> > sensible, as most software that looks at them only gets
> > confused if you have more than one.
> >
> >
>
>
>
>
Message 5 in thread 
From: Wouter Sonneveldt (w.sonneveldt@xxxxxxxx)
Subject: Re: reverse lookup question... 
 
  
View this article only 
Newsgroups: comp.protocols.dns.bind
Date: 2001-06-27 00:33:28 PST 
 

Andrew,

Thanks for your reply, but unfortunately this doesn't help me, since
our
domains are registered under the name of our ISP... Also I am looking
for a
complete list of the domains AND subdomains with their corresponding
IP-addresses...
Just a thought: would it be possible to set up BIND on a computer to
become
a slave of the zone(s) our ISP has? Than we would be able to look at
the
zone-files, right?

Greetz,
Wouter

"Andrew Dadmun" <adadmun@xxxxxxxxxxxxxxxxxxx> wrote in message
news:9hb355$m33@xxxxxxxxxxxxxxxxxx
> Go to www.nsi.com and do a whois query in this format:  name company-name
>
> Example:
> Our company is called e-Builder.  Here is a query to find our "owned" domain
> names:
>
> http://www.networksolutions.com/cgi-bin/whois/whois?STRING=name+e-Builder
> (URL may be wrapped)
>
> Regards,
> Andrew Dadmun
> Senior Network Engineer - e-Builder, Inc. - http://www.e-builder.net/
> MS Exchange Server FAQ - http://www.swinc.com/resource/exch_faq.htm
>
> Post in a newsgroup, read the response in a newsgroup.
> *~*~*    Questions not answered via email    *~*~*
>
> "Wouter Sonneveldt" <w.sonneveldt@xxxxxxxx> wrote in message
> news:9hasi1$ku9@xxxxxxxxxxxxxxxxxx
> > Why I'm asking is the following:
> >
> > Our company doesn't host its own DNS-records. This is done by our ISP. Now
> > we want to change ISP's, but still have our names working. But our old ISP
> > is having "trouble" finding which registered domain-names we have (stupid
> > huh?).
> >
> > "Simon Waters" <Simon@xxxxxxxxxxxxxxxxxxxx> wrote in message
> > news:9hab07$hbn@xxxxxxxxxxxxxxxxxx
> > >
> > > Wouter Sonneveldt wrote:
Read the rest of this message... (38 more lines)

Message 6 in thread 
From: Barry Margolin (barmar@xxxxxxxxxxx)
Subject: Re: reverse lookup question... 
 
  
View this article only 
Newsgroups: comp.protocols.dns.bind
Date: 2001-06-27 10:34:08 PST 
 


In article <9hc1iv$roq@xxxxxxxxxxxxxxx>,
Wouter Sonneveldt <w.sonneveldt@xxxxxxxx> wrote:
>Thanks for your reply, but unfortunately this doesn't help me, since
our
>domains are registered under the name of our ISP... Also I am looking
for a
>complete list of the domains AND subdomains with their corresponding
>IP-addresses...
>Just a thought: would it be possible to set up BIND on a computer to
become
>a slave of the zone(s) our ISP has? Than we would be able to look at
the
>zone-files, right?

But if you don't know the list of zones, how can you set up your
computer
to be slave?  Isn't that what you're trying to find out?

Anyway, you don't really need to set up a DNS server to do this, just
run
"dig <zone-name> axfr @<isp-server>" and look at the output.  This is
essentially what a slave server does.

I think you should keep pushing at the ISP, and ask them to do a
"grep"
through the DB files looking for your IP address.

-- 
Barry Margolin, barmar@xxxxxxxxxxx
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to
newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to
the group.


Message 7 in thread 
From: Len Conrad (LConrad@xxxxxxxxxxxxx)
Subject: Re: reverse lookup question... 
 
  
View this article only 
Newsgroups: comp.protocols.dns.bind
Date: 2001-06-27 00:45:08 PST 
 

>Thanks for your reply, but unfortunately this doesn't help me, since
our
>domains are registered under the name of our ISP...

Then them trasferred to you.

>Also I am looking for a
>complete list of the domains AND subdomains with their corresponding
>IP-addresses...
>Just a thought: would it be possible to set up BIND on a computer to
become
>a slave of the zone(s) our ISP has? Than we would be able to look at
the
>zone-files, right?

If they have their NS set up without zone transfer restrictions or
with
your ip´s allow-transfer, yes.

If transfer is allowed, no need to set up a DNS, just do:

dig @ns1.secretISP.nl secretdomain.nl axfr > db.secretdomain.nl

the db. file is your zone contents, with an SOA RR at top and bottom.

Len

http://MenAndMice.com/DNS-training
http://BIND8NT.MEIway.com : ISC BIND 8.2.4 for NT4 & W2K
http://IMGate.MEIway.com  : Build free, hi-perf, anti-abuse mail
gateways
Message 8 in thread 
From: Wouter Sonneveldt (w.sonneveldt@xxxxxxxx)
Subject: Re: reverse lookup question... 
 
  
View this article only 
Newsgroups: comp.protocols.dns.bind
Date: 2001-06-27 02:17:25 PST 
 

Thanks Len,

The "dig" command you mentioned actually works!
This is a great help for us...
Thanks again...

Greetz
Wouter

"Len Conrad" <LConrad@xxxxxxxxxxxxx> wrote in message
news:9hc2u4$rvp@xxxxxxxxxxxxxxxxxx
>
>
> >Thanks for your reply, but unfortunately this doesn't help me, since our
> >domains are registered under the name of our ISP...
>
> Then them trasferred to you.
>
> >Also I am looking for a
> >complete list of the domains AND subdomains with their corresponding
> >IP-addresses...
> >Just a thought: would it be possible to set up BIND on a computer to become
> >a slave of the zone(s) our ISP has? Than we would be able to look at the
> >zone-files, right?
>
> If they have their NS set up without zone transfer restrictions or with
> your ip´s allow-transfer, yes.
>
> If transfer is allowed, no need to set up a DNS, just do:
>
> dig @ns1.secretISP.nl secretdomain.nl axfr > db.secretdomain.nl
>
> the db. file is your zone contents, with an SOA RR at top and bottom.
>
> Len
>
> http://MenAndMice.com/DNS-training
> http://BIND8NT.MEIway.com : ISC BIND 8.2.4 for NT4 & W2K
> http://IMGate.MEIway.com  : Build free, hi-perf, anti-abuse mail gateways
>
>
>
Message 9 in thread 
From: Brad Knowles (brad.knowles@xxxxxxxxx)
Subject: Re: reverse lookup question... 
 
  
View this article only 
Newsgroups: comp.protocols.dns.bind
Date: 2001-06-27 14:49:27 PST 
 

At 7:48 AM +0200 6/27/01, Wouter Sonneveldt wrote:

>  Thanks for your reply, but unfortunately this doesn't help me, since our
>  domains are registered under the name of our ISP... Also I am looking for a
>  complete list of the domains AND subdomains with their corresponding
>  IP-addresses...

 This is the reverse-lookup problem.  Without getting a copy of 
their complete /etc/named.conf contents, and then grepping for your 
names, you have no idea what they have registered on your behalf.

>  Just a thought: would it be possible to set up BIND on a computer to become
>  a slave of the zone(s) our ISP has? Than we would be able to look at the
>  zone-files, right?

 Assuming they allow zone-transfers, this could work.  But, you'd 
have to know what zones to set yourself up as a secondary for. 
However, if you knew that, you wouldn't need to set yourself up as a 
secondary for them, since you could then just go to the registrar and 
get the appropriate delegation data changed.

-- 
Brad Knowles, <brad.knowles@xxxxxxxxx>

/*        efdtt.c  Author:  Charles M. Hannum <root@xxxxxxxxx>        
 */
/*       Represented as 1045 digit prime number by Phil Carmody       
 */
/*     Prime as DNS cname chain by Roy Arends and Walter Belgers      
 */
/*                                                                    
 */
/*     Usage is:  cat title-key scrambled.vob | efdtt >clear.vob      
 */
/*   where title-key = "153 2 8 105 225" or other similar 5-byte key  
 */

dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'


Message 10 in thread 
From: Kevin Darcy (kcd@xxxxxxxxxxxxxxxxxxx)
Subject: Re: reverse lookup question... 
 
  
View this article only 
Newsgroups: comp.protocols.dns.bind
Date: 2001-06-26 15:20:25 PST 
 

Wouter Sonneveldt wrote:

> Why I'm asking is the following:
>
> Our company doesn't host its own DNS-records. This is done by our ISP. Now
> we want to change ISP's, but still have our names working. But our old ISP
> is having "trouble" finding which registered domain-names we have (stupid
> huh?).

Yeah, that's pretty stupid. Why don't they just grep that IP address
from
their zone files?

Alternatively, why don't you/they look in the web/mail/etc. logs and
just see
what domain names clients are using to access your
websites/servers/etc.?

Failing those methods, if your ISP used only one registrar for all of
your
gTLD domain names, and a consistent owner name on all of them, then
maybe the
registrar can generate a "all domains owned by X" kind of report.


- Kevin

>
>
> "Simon Waters" <Simon@xxxxxxxxxxxxxxxxxxxx> wrote in message
> news:9hab07$hbn@xxxxxxxxxxxxxxxxxx
> >
> > Wouter Sonneveldt wrote:
> > >
> > > Does anybody know if it is possible to generate for one specific ip 
> > > address
> > > (registered by my company) a complete list of DNS-names that are 
> > > associated
> > > with that address?
> > > If I do a 'dig -x 111.222.333.444', I get only one name for each 
> > > ip-address,
> > > but I know there are more...
> >
> > In general no - you want to do an "inverse query" and the
> > DNS just doesn't do them. The reverse look up is a special
> > case, but you can only look up data that has been entered.
> >
> > If all the zones pointing at this address are your's try
> > "grepping" the zone files.
> >
> > Why do you ask?
> >
> > Simon
> >
> > PS: Having only one PTR record per IP address is probably
> > sensible, as most software that looks at them only gets
> > confused if you have more than one.
> >
> >

Here are some other Reverse Whois tools:

http://samspade.org/t/refer?i=on
http://packetderm.cotse.com/cgi-bin/lookuptools
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&threadm=MPG.15015fc2270aa2e1989a68%40news.supernews.com&rnum=16&prev=/groups%3Fq%3D(find%2BOR%2Blookup%2BOR%2Bsearch)%2B(%2522ALL%2Bdomains%2522%2BOR%2B%2522ALL%2Bdomain%2Bnames%2522)%2BOWNER%26start%3D10%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3DMPG.15015fc2270aa2e1989a68%2540news.supernews.com%26rnum%3D16

Some registries offer this service, but I think you can only search by
OWNERID:
http://networksolutions.com/cgi-bin/whois/whois/

Alternately, there are a number of Intellectual Property tools that,
for
a fee, will do this:
http://www.lexisnexis.com/infopro/newsletters/2002/0201lnipu.shtml#spotlight
- Markmonitor QuickTools
http://www.alldomains.com/corp/dtective.html
http://openaccess.dialog.com/ip/forms/PTCDomainNames.html