Get Info From DNS Servers and Active Hosts


 

    Get the Authority Dns Reverse Servers with a nice tool called Whois; so then you can start a passive gathering from Multiples Hosts in a file caught by your IDS or IPS blacklist or from some secure source database on web , either if it has 80.000 hosts file , turning it into a powerful tool with pv and grep to your toolkit.

 pv is a monitor to progress of data through a pipe or source, same as a more common tool DD, but pv offers some more options to Show Progress and Monitor  data transfer.

Here, I'm using grep followed with -H to bring the Source File Name and -f option to insert a match list  in a file named Matchfile.

apt-cache search whois # also check other tools as dmitry


# Check WHOIS Flags Enabled :

                '-a' = All mirrored databases.
                '-d' = Return the Reverse DNS delegation objects too.
                '-B' = Disable object filtering. [show e-mails and more info]

 After all process you will get a Filtered file named Datafilted-v which contains the information of : inetnum, inetname, email, role, domain, nserver, route and Description of the host.

See on screen below:   

 

Comments

Post a Comment

Popular posts from this blog

Nmap Scan Your Home Network [Linux]

Image
       To those that are new in Security Information, here is one of most popular tool which you can't left out of your toolbox.       I made this script to introduce you  Acknowledgment  scan, which grap FLAG status  from target host in the first defaults ports (1-1024) which are some of most important ports.      The OSI Protocol was made to have from 0-65535 ports (tcp/udp), you can have the additional in yout amazing SCAN ports with same script just add "-p": eg: nmap --scripts=default -p 1-65535      The "scripts=default means the  nmap is going  to activate the options "-O" and "-A" for OS (Operation System), what ever it is! And  grap  banner fingerprint from deductions or most its acctual OS running at the target and activating Advanced Scan that also makes injection of scripts to probe the data from Firawall / IDS / IPS scope. # I've also brought graphical map of som...
Read more

IDS (Intrusion Detection System) - Snort 2.9 [Linux Deb/Ubuntu]

Image
  What is Snort?      Snort is the foremost Open Source Intrusion Detection System (IDS) in the world. Snort IDS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users.      Snort can be deployed inline to stop these packets, as well. Snort has three primary uses: As a packet sniffer like tcpdump, as a packet logger — which is useful for network traffic debugging, or it can be used as a full-blown network intrusion prevention system. Snort can be downloaded and configured for personal and business use alike. (apud: https://www.snort.org/)      After digging made this script to make life more easier, you may just [ apt install snort -y ] to verify if your REPO got everything before, if it doesn't work, just copy and run the first script out of three: [1] Install from tarball file manually  [2] Makes Configuration ...
Read more