≡ Menu

DNS

How to set or update DNS servers on Linux?

Each operating system comes with a way of updating the DNS servers that the OS will use to perform name lookups. DNS is a protocol based upon UDP which allows you to convert a domain name to an IP Address. On Linux, there is a file called the following: /etc/resolv.conf This file contains the IP [...]

{ 0 comments }

Monitor your DNS traffic using dnstop!

The tool dnstop is a very useful tool to monitor your DNS traffic. It can give you breakdowns using source IP addresses, destination IP addresses, DNS query type and several other fields that I will elaborate in this tutorial. First you should install dnstop: For RPM based systems (Fedora, Red Hat, CentOS): yum install dnstop [...]

{ 0 comments }

Change the IP address of a domain name – Bind

Bind is a DNS server that allows you to run your own name servers. It is a very professionally written DNS server and it supports all RR types using its configuration file called named.conf. On my Linux CentOS box, named.conf is located in the following location: /etc/named.conf This file contains all the options that Bind [...]

{ 0 comments }

Interesting dig command examples (Linux)

The command dig is a very useful tool to do DNS lookups on the command line on Linux. The host and nslookup commands produce equivalent output, but in a different format. The dig output is more detailed with several statistics about the command outputted. In this tutorial, I will illustrate using examples on how to [...]

{ 0 comments }

The question - I need to check if my DNS name server (Bind) supports recursion. Is there a Linux command that can do this? If you ask your name server for domain names which are not in the local zone file, it should respond with a REFUSED error code. If you get the REFUSED DNS [...]

{ 0 comments }

dig – Command Not Found and Installation

Question - I am trying to perform DNS queries using the command dig. But I get a command not found. How do I fix this? The command dig is a great utility to perform DNS lookups on the SSH command line or a local terminal in a Linux box. The command dig is part of [...]

{ 0 comments }

If you do a DNS query, the DNS server will return the status of the query like NXDOMAIN or NOERROR. All of these return codes have a specific meaning. For example, NXDOMAIN means that the domain name does not exist. NOERROR means that the query completed successfully. REFUSED means that the DNS server refused to [...]

{ 0 comments }

How to get and hide the DNS name server version?

The question - I need to know which version of the DNS server is a particular website running. This could be Bind or PowerDNS or something else. Is there a way to find this information? There is a dig command that can be use to get the DNS server name and version. dig @nameserver -c [...]

{ 0 comments }

The question - I want to disable recursion on my Bind name server. Is there a Bind directive that can be used to do this? Recursion is a way by which a name server can resolve domain names for which it is not authoritative. For example, you may ask pete.ns.cloudflare.com for the domain name google.com. [...]

{ 0 comments }

OpenDNS and Google Public DNS are two main publicly available free DNS services. Both provide an excellent, fast recursive DNS resolution service which also has several security features built in. Which one to use is up to you. You should try both and see which one gives you the fastest DNS service. On a Linux [...]

{ 0 comments }