DNS Footprinting

00:00

Hey, everyone, welcome back to the course in this video. We're to take a brief look at DNA's foot printing, so we'll talk about what DNS Foot printing is. We'll also talk about some of the DNS records that you'll need to know in particular, if you're planning to take things like the EEC Council certified ethical hacker exam, you want to know some of the DNS records. Just be familiar with them.

00:18

So what is DNS. Footprint? Well, essentially, it's just gathering information, right? It allows us to gather information around DNS servers as well as gathering information about DNS zone data.

00:28

With that, we can

00:30

potentially determine key host of the network, and we can also do things like performing social engineering attacks. We can use tools like DNA stuff dot com as well as network tools dot com that allows us to do DNS interrogation.

00:43

So what are some of the

00:44

records that you'll need to know for, in particular for certification exams, we got a record, which basically maps are host name to an I P address. So, for example,

00:55

I can type in google dot com instead of typing in 1 92.168 dot 0.5 or whatever, right? I'm gonna stop in google dot com. And when I do that and knows to redirect me to Google's Web servers,

01:07

we've got rmX record or our mail exchange record. This one. Basically, this points to the domain's mail server. And if you've ever purchased the domain through a site like Go Daddy or Something, you'll see all these records that you can look at and redirect if you need to.

01:21

We gotta see name, record or the chemical name is. What that stands for basically allows aliases to a host. So, for example, if I wanted to create a sub domain, so if I had google dot com and I wanted to create

01:30

books dot google dot com, I could just go in and create a C name record with books in it, and that would create the sub domain books dot google dot com. So when I give that to you, you could type in books dot google dot com. Just click the link and he would go to my book website with all my best selling books that I want you to read.

01:48

We've also got our name server record. Uh, this one points to the host name servers. So, for example, if I bought a domain through Go Daddy and by the way, that's not endorsement. I just use them in the past for some domain names. So if I buy a domain name through Go Daddy And but I built my website with, like, Wicks or some other provider like that, I would have to redirect my name servers

02:07

to the weeks ones so people could type in my google dot com and go to my website

02:10

versus by default. It's set to the go Daddy wants, because that's where I bought the domain name from.

02:16

So that's what the name server records are.

02:20

And then we got our S o A or started authority. This one is basically the indicates the authority of the domain.

02:25

Some other records that you want to know of are gonna be the service location record. It's basically the service record The pointer record. This one maps the i P address to a host name. So if I type in one attitude, I want 68.0 dot five, for example, it will take me to google dot com right, so you could do it either way. And that's what those two records do for us.

02:44

Can you imagine how difficult it would be Toe

02:46

sit there and type in I p addresses all day long just because you want to go to Amazon and then Netflix and then Google. So thankfully, we came up with this solution many years ago. We've also got the RP record a responsible person, the H info for the host information. This one includes things like the CPU type is Well, it's the operating system.

03:04

And then finally, we got our unstructured text records.

03:07

So just a quick, quick question for you. Which DNS record indicates the authority for the domain. Is that gonna be the MX record? The S O A or the service record?

03:16

All right, so if you guessed the so you're starting authority record, you are correct.