DNS
DNS Server
Tutorials
DNS over HTTPS (DoH)
Secure DNS
- DNS settings to avoid email spoofing and phishing for unused domain - nixCraft (cyberciti.biz)
- How to test and validate DNSSEC using dig command line - nixCraft (cyberciti.biz)
Adguard Home
NSD
- NSD Tutorial Updated for 2024: Now With Zone Transfers! - LowEndBox
- How To Use NSD, an Authoritative-Only DNS Server, on Ubuntu 14.04 | DigitalOcean
Pi-hole
Pi-hole - A DNS-based advertisement blocker
docker-compose.yaml :
pihole:
image: pihole/pihole:latest
container_name: pihole
restart: always
ports:
- "53:53/tcp"
- "53:53/udp"
dns:
- 127.0.0.1
- 1.1.1.1
environment:
TZ: 'America/Chicago'
WEBPASSWORD: 'password'
PIHOLE_DNS_: 1.1.1.1;9.9.9.9
DNSSEC: 'false'
WEBTHEME: default-dark
volumes:
- '~/homelabservices/pihole/pihole:/etc/pihole/'
- '~/homelabservices/pihole/dnsmasq.d:/etc/dnsmasq.d/'
networks:
- pihole
networks:
pihole:
driver: bridge
name: pihole
dig - DNS Lookup Utility
The dig
is a powerful CLI to find out information about domains and IP addresses without using any 3rd party tools or websites.
01. What is the website’s IP address?
dig apple.com
02. How do you identify the name servers(NS) associated with a domain?
dig NS apple.com +short
dig NS com. +short
03. Which eMail Servers(MX) are responsible for a domain?
dig MX apple.com +short
04. Finding out the domain name associated with the IP address (reverse IP lookup)
dig -x 1.1.1.1 +short
dig -x 8.8.4.4 +short
05. Finding out the delegation path for any DNS zone (learn how DNS works)
dig apple.com +trace
06. Finding out DNS answers from specific cache resolver (e.g. Cloudflare [1.1.1.1], Google DNS [8.8.8.8], IBM and so on for cyberciti.biz domain)
dig A cyberciti.biz @1.1.1.1 +short
dig A cyberciti.biz @8.8.8.8 +short
07. Finding out the cache expire time (TTL) for DNS
# AAAA is for IPv6
dig A www.cyberciti.biz +nocmd +noall +answer +ttlid
dig AAAA www.cyberciti.biz +nocmd +noall +answer +ttlid
08. Finding if a zone is synchronized with all authoritative name servers (look for serial number)
dig nixcraft.com +nssearch
09. What is my public IPv4 or IPv6 address?
dig TXT o-o.myaddr.l.google.com @ns1.google.com +short
dig TXT ch whoami.cloudflare @1.0.0.1 +short
10. Getting help about the dig command
man dig
11. Finding out the IP address associated the domain name.
dig yahoo.com +short | sort -V
What's DNS
Tutorials
- What is Round-Robin DNS? - GreenCloud
- What is a DNS Amplification Attack? - GreenCloud
- DNS Failover: How does it work? - GreenCloud