DNS

dnsmap .3.0 - Find Subdomains by Brute-Forcing

Dnsmap is a subdomain brute-forcing program. It has a built in word list, which makes it easier than ever to use. If you have your own list of subdomains, you can use that instead. Dnsmap is meant to be used by responsible pentesters during the information gathering/enumeration phase of infrastructure security assessments. Only use this tool on domain names you have permission to use it on (such as your own, or ones belonging to the person who is paying you).

Note*** You may want to consider using gxfr.py to find subdomains. This script filters through google search results for subdomain names. It is a very effective passive subdomain finder. Here is a tutorial on it: http://itswapshop.com/tutorial/gxfrpy-sub-domain-discovering-script-using-google-queries

To download and compile dnsmap, run the following commands (tested on Ubuntu and openSUSE):

wget http://dnsmap.googlecode.com/files/dnsmap-0.30.tar.gz
tar -xzf dnsmap-0.30.tar.gz
cd dnsmap-0.30/
make
sudo make install

Simply add a domain name after dnsmap to run the program:

dnsmap my-domain.com
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)

How to Set or Change IP Addresses, Gateways, Subnet Masks, and DNS Servers Remotely in Windows

If you are a systems administrator, there will probably be a time when you will need to change a users IP adddress, gateway, subnet mask, or DNS servers without actually logging into their computer. This method requires no end user interaction and is designed to work in a domain environment. We will be using two tools in this example: Netsh and PsExec (part of PsTools).

Download PsTools and extract it to C:\pstools on your system. Then open a command prompt and change to that directory:

cd C:\pstools

PsExec is a light-weight telnet replacement that lets you execute processes on remote systems. You can use IP addresses or hostnames with PsExec. To launch an interactive command prompt on a remote computer, run the following command (you should run theses commands as domain admin):

psexec.exe \\ip_or_hostname cmd

DNS Performance Test - Utility To Compare DNS Servers

 

DNS Performance Test is a great cross-platform utility for testing DNS servers. To begin, head over to their homepage and select the appropriate download. In my examples, I will be using Ubuntu 10.10 64 bit, so make the necessary adjustments.

http://swmirror.zapto.org/cms/index.php/software-download/dns-performance-test/

Extract the contents of the zip file. (You may have to make the program executable. Right click on “Dpt-Linux”, choose properties, select the “Permissions” tab, and check “Allow executing file as a program”)

Set your primary DNS server to whatever you want to test. For my example, I will set mine to 4.2.2.1

Open Dpt-Linux and hit start. The program will randomize a 10,000 entry list of domain names and proceed to query each one of them with your selected DNS server. Once finished, you can look at the “Stats” tab. You will see useful statistics such as best, worst, and average query times. You will also see the number of timeouts and successful queries. If you want to compare these results to another DNS server, the main thing you will be looking at is the “Average Query Time”. Go ahead and run the test again, except this time, change your primary DNS server to the one provided by your ISP. Whichever has the lowest average query time would be the preferable one.

Subscribe to DNS