Practical content
Application of various search techniques
Query of DNS IP registration information
Basic scanning techniques: host discovery, port scanning, OS and service version detection, enumeration of specific services
Vulnerability Scanning: Can scan, read reports, check vulnerability descriptions, and patch vulnerabilities
basic question answer
Which organizations are responsible for DNS, IP management.
- The Internet Domain Name and Addressing Organization (ICANN) is responsible for the management of the domain name system. It sets up three support organizations. The Address Support Organization (ASO) is responsible for the management of the IP address system; the Domain Name Support Organization (DNSO) is responsible for the domain name system (DNS) on the Internet. ); the Protocol Supporting Organization (PSO) is responsible for the assignment of unique parameters involving Internet Protocol.
What is 3R information.
- 3R is the registrant (Registrant), the registrar (Registrar), the official registry (Registry)
Experimental procedure
1. Information collection
- Mining the information of the target website by DNS and IP
(1) whoisQuery
[Take baidu.com as an example to query here]
3R information can be obtained:
(2) nslookup, dig domain name query
Use nslookup to get the result of the cache saved by the DNS resolution server.
The dig (domain information finder) command is a flexible tool for interrogating DNS name servers. It performs a DNS search and displays the replies returned from the requested nameservers.
3) IP2Location geographic location query
ping baidu.comThe ip address of Baidu can be obtained.
Information can be found on the website MaxMind .
(4) Information query service provided by netcraft
The basic information of the website and the security assessment of the website can be found on the netcraft website.
