DNS Footprinting is used by attackers to obtain information on DNS servers, DNS records, and the types of servers used by the target organisation. This information enables attackers to identify the hosts linked to the target network and conduct additional exploitation on the target organisation.
DNS footprinting helps in determining the following records about the target
DNS:
| Record Type | Description |
|---|---|
| A | Points to a host's IP address |
| MX | Points to the domain's mail server |
| NS | Points to the host's name server |
| CNAME | Canonical naming allows aliases to a host |
| SOA | Indicate authority for a domain |
| SRV | Service records |
| PTR | Maps IP address to a hostname |
| RP | Responsible person |
| HINFO | Host information record includes CPY types and OS |
| TXT | Unstructured text records |
DNS interrogation tools such as
DNS Lookup
enable users to perform DNS footprinting. When the attacker uses the DNS
interrogation tool to query the DNS server, the server responds with a record
structure containing information about the target DNS. DNS entries contain
critical information about the location and type of server.
Tools like DNSdumpster.com, Bluto, and Domain Dossier can be used to retrieve
DNS records for specified domains or hostnames.
Reverse Lookup
DNS lookup is used to find the IP addresses for a given domain name, while
reverse DNS is used to find the domain name of a given IP address. A record
converts a domain name to an IP address (To know more - https://www.cyberwiki.in/2020/12/dns-servers-explained.html). Attackers use a reverse DNS lookup on the IP range to find a DNS PTR
record for such IP addresses.
Attackers use various tools such as
DNSRecon
and
Reverse IP Domain Check
to perform the reverse DNS lookup on the target host. When we get an IP
address or a range of IP addresses, we can use these tools to obtain the
domain name. Attackers also discover additional domains that use the same
web server and build a list of potential domains that use the same web
server using tool like Reverse IP Domain Check.
You might be interested in,
- Phases of Hacking
- Introduction to Footprinting - First Step to Hacking
- Information Obtained in Footprinting
- Objective and Threats of Footprinting
- Countermeasures of Footprinting
- Footprinting - First Step on Hacking (Summary) with Tools
We hope this helps. If you have any suggestions or doubts you can add a
comment and we will reply as soon as possible.
%20Cover.jpg)
%20Cover.jpg)
No comments:
Post a Comment