does anyone know where can i buy rDNS records? purpose is find all domains hosted on specific ip for a monthly price? I think crawling all my own is big environment waste of resources, i'd be happy to pay for a subscription or somethign
They mean anyone will only ever be able to get some rather than all because of how DNS works. Even that site is unable to find all such mappings for every IP. I.e. the first option to build such a dataset is to use rDNS lookups, but it's optional to configure those and many don't bother (opting to just have the forward lookup). The other way about it is collecting domains and seeing which IPs they resolve to, but this is only ever partial (there is no such thig as a conplete lists of domains in the world) and has additional problems with CDNs or things hosted in more than one place at once (you need to do a lookup from every possible location each domain could conceivably be hosted to be sure you get all of the reverse mappings for that domain).
As an example: Unless you know my domains ahead of time you'll never be able to come up with what domains are hosted on my IPs because I don't bother to configure rDNS. So those IPs will look like they host no servers (or only some if you only had a partial list of my domains) rather than all of them on those IPs.
Anyways, for free data sources trying to get a partial view of this you can check out Rapid7's Sonar or Common Crawl. Each should have the pieces needed to construct this kind of view from the data.
Common Crawl doesn't publish raw DNS separately, you have to pull the information out of the aggregate database. The WARC-IP-Address header should record the IP Common Crawl connected to for the site.
Do you mean rDNS records or a mapping of an IP address to all ([semi] publicly known) DNS records that point to an IP address? Cause these are two different things. Just because a.com points to 1.2.3.4 does not mean 1.2.3.4 has an rDNS record to a.com.
You are right, i'd need both actually. I can't find any service which provides weekly/monthly data download for a flat subscription price, so that i can perform local fast lookups.
How granular do you need this data? Domains are ultimately not publicly known, especially when it comes to subdomains. Do you just need domains that get a certain amount of public traffic or are you trying to get as much domains as possible? In the latter case scraping this data would require the logs of public DNS servers to even know of the existence of many domains (although certificate transparency logs could get one half the way).
Just to have a compressed static file that contains all the routes one could download from time to time I think would be interesting to analyze. Same goes for the anycast root DNS servers. To have a full dump from them could be interesting. Not to be confused with the root.zone [1] I mean the whole kit and caboodle.
The collectors seem to be overloaded so made a temporary mirror of the one for AMS In AMS. [1] I only mirrored the latest files. Feel free to beat it up. The .gz files decompress to just under 4GB
> Just to have a compressed static file that contains all the routes one could download from time to time I think would be interesting to analyze.
When I needed this for some work stuff, it was pretty easy to find table dumps and work with them? I don't remember where it was, but I'm sure you can find some. After an acquisition, we had our own ASN and I was able to get table dumps from our own infrastructure.
> Same goes for the anycast root DNS servers. To have a full dump from them could be interesting. Not to be confused with the root.zone [1] I mean the whole kit and caboodle.
What do you think the root servers have that's not in the root.zone? I think you can AXFR from the root servers, too, but it should be the same thing as from the https site.
The root servers don't have the glue record for every domain name though. All they have is the glue records for the TLDs. (which is in the zone file you linked)
Every time I stand up new name servers I have to add the glue records into the root servers or the name servers do not exist. In fairness to me I keep forgetting the trend is to shove everything into big centralized DNS servers as it is something I would never do at least not as a primary.
[shameless plug] I made a tool to look into BGP data as well as other networky things at https://god.ad. Can be added to homescreen as a PWA app.
https://god.ad/view/AS15169
Thanks, looks very llmish
Doesn’t mean it’s bad. Thanks for the work
Front-end was indeed done with Claude, with many iterations and tweaks though
this is great, thank you.
does anyone know where can i buy rDNS records? purpose is find all domains hosted on specific ip for a monthly price? I think crawling all my own is big environment waste of resources, i'd be happy to pay for a subscription or somethign
> does anyone know where can i buy rDNS records? purpose is find all domains hosted on specific ip for a monthly price
Are rdns records always populated? I thought they were optional and many sites didn't bother
i am talking about this data: https://host.io/lgyy.cc
They mean anyone will only ever be able to get some rather than all because of how DNS works. Even that site is unable to find all such mappings for every IP. I.e. the first option to build such a dataset is to use rDNS lookups, but it's optional to configure those and many don't bother (opting to just have the forward lookup). The other way about it is collecting domains and seeing which IPs they resolve to, but this is only ever partial (there is no such thig as a conplete lists of domains in the world) and has additional problems with CDNs or things hosted in more than one place at once (you need to do a lookup from every possible location each domain could conceivably be hosted to be sure you get all of the reverse mappings for that domain).
As an example: Unless you know my domains ahead of time you'll never be able to come up with what domains are hosted on my IPs because I don't bother to configure rDNS. So those IPs will look like they host no servers (or only some if you only had a partial list of my domains) rather than all of them on those IPs.
Anyways, for free data sources trying to get a partial view of this you can check out Rapid7's Sonar or Common Crawl. Each should have the pieces needed to construct this kind of view from the data.
Sonar does seem to have data here: https://opendata.rapid7.com/
But it seems you've to go through their sales team and all for the data.
I can't find CommonCrawl making their DNS resolution available.
Common Crawl doesn't publish raw DNS separately, you have to pull the information out of the aggregate database. The WARC-IP-Address header should record the IP Common Crawl connected to for the site.
Do you mean rDNS records or a mapping of an IP address to all ([semi] publicly known) DNS records that point to an IP address? Cause these are two different things. Just because a.com points to 1.2.3.4 does not mean 1.2.3.4 has an rDNS record to a.com.
You are right, i'd need both actually. I can't find any service which provides weekly/monthly data download for a flat subscription price, so that i can perform local fast lookups.
How granular do you need this data? Domains are ultimately not publicly known, especially when it comes to subdomains. Do you just need domains that get a certain amount of public traffic or are you trying to get as much domains as possible? In the latter case scraping this data would require the logs of public DNS servers to even know of the existence of many domains (although certificate transparency logs could get one half the way).
Just to have a compressed static file that contains all the routes one could download from time to time I think would be interesting to analyze. Same goes for the anycast root DNS servers. To have a full dump from them could be interesting. Not to be confused with the root.zone [1] I mean the whole kit and caboodle.
[1] - https://www.internic.net/domain/root.zone
RIPE keeps this https://ris.ripe.net/docs/mrt/#name-and-location
The collectors are browsable nice, Thankyou!
The collectors seem to be overloaded so made a temporary mirror of the one for AMS In AMS. [1] I only mirrored the latest files. Feel free to beat it up. The .gz files decompress to just under 4GB
[1] - https://ams.nochan.net/data.ris.ripe.net/rrc00/
> Just to have a compressed static file that contains all the routes one could download from time to time I think would be interesting to analyze.
When I needed this for some work stuff, it was pretty easy to find table dumps and work with them? I don't remember where it was, but I'm sure you can find some. After an acquisition, we had our own ASN and I was able to get table dumps from our own infrastructure.
> Same goes for the anycast root DNS servers. To have a full dump from them could be interesting. Not to be confused with the root.zone [1] I mean the whole kit and caboodle.
What do you think the root servers have that's not in the root.zone? I think you can AXFR from the root servers, too, but it should be the same thing as from the https site.
What do you think the root servers have that's not in the root.zone?
Every glue record for every domain name. The glue is the valuable goo. Without the goo everyone goes back to /etc/hosts which I am not opposed to.
The root servers don't have the glue record for every domain name though. All they have is the glue records for the TLDs. (which is in the zone file you linked)
Every time I stand up new name servers I have to add the glue records into the root servers or the name servers do not exist. In fairness to me I keep forgetting the trend is to shove everything into big centralized DNS servers as it is something I would never do at least not as a primary.
Seems to be from 6 years ago.
Ignorant question here: Isn't this an open port for BGP poisoning?
Only if they haven't enabled filtering, which would be ludicrous.