O'Reilly logo

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide by Lee Allen

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

DNS recon

Domain Name System (DNS) can provide valuable data during the reconnaissance phase. If you do not already understand DNS, you may want to take some time to get a good grasp on the service and how it works. At a very basic level, DNS is used to translate domain names into IP addresses. Luckily for us, there are many tools available that are excellent at extracting the data that we need from nameservers. An example of the information you are able to gather includes:

Record

Description

CNAME

Alias, used to tie many names to a single IP. An IP address can have multiple CNAME records associated with it.

A

Used to translate a domain or subdomain name to a thirty-two bit IP address. It can also store additional useful information.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required