 sm5w2
Premium Member
join:2004-10-13
St Thomas, ON |
sm5w2
Premium Member
2013-Jan-8 9:57 am
iptools.com is dead? (domain for sale?)I don't know what you people use for dns and domain queries that you might need to carry out from time to time as part of being a network admin, spam or malware detective, etc, but I've been using iptools.com for maybe the past 4 years.
Well today, after seeing a strange entry in my router's out-bound log (s.mol.im - probably related to web-metrics or ad-serving) I wanted to see who owned the domain mol.im before I added it to my hosts file. I went to iptools.com and was greeted with a stark "this domain may be for sale", with only a perfunctory "search" dialog box as the only function.
I guess I'll be looking for a new portal to perform whois, domain and IP lookups now. Bummer... |
|
 NetFixerFrom My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Pace 5268AC
TRENDnet TEW-829DRU
1 recommendation |
NetFixer
Premium Member
2013-Jan-8 10:36 am
said by sm5w2:I don't know what you people use for dns and domain queries that you might need to carry out from time to time as part of being a network admin, spam or malware detective, etc, but I've been using iptools.com for maybe the past 4 years.
Well today, after seeing a strange entry in my router's out-bound log (s.mol.im - probably related to web-metrics or ad-serving) I wanted to see who owned the domain mol.im before I added it to my hosts file. I went to iptools.com and was greeted with a stark "this domain may be for sale", with only a perfunctory "search" dialog box as the only function.
I guess I'll be looking for a new portal to perform whois, domain and IP lookups now. Bummer...
There is really no need to use an outside service for whois or DNS queries. The whois and dig tools are included in every *nix distribution, and there are ports for the Windows platform as well (the Windows versions I use are illustrated below). C:\>whois mol.im
Whois v1.11 - Domain information lookup utility
Sysinternals - www.sysinternals.com
Copyright (C) 2005-2012 Mark Russinovich
Connecting to IM.whois-servers.net...
Domain Name: MOL.IM
Domain Managers
Name: Com Laude
Address
28-30 Little Russell Street
London
WC1A 2HN
United Kingdom
Domain Owners / Registrant
Name: Associated Newspapers Limited
Address
Northcliffe House
2 Derry Street
W8 5TT
United Kingdom
Administrative Contact
Name: Associated Newspapers Limited
Address
Northcliffe House
2 Derry Street
W8 5TT
United Kingdom
Billing Contact
Name: Billing Manager
Address
28-30 Little Russell Street
London
WC1A 2HN
United Kingdom
Technical Contact
Name: Technical Manager
Address
28-30 Little Russell Street
London
WC1A 2HN
United Kingdom
Domain Details
Expiry Date: 20/11/2013 00:59:58
Name Server: ns6.associated.co.uk.
Name Server: ns5.anlremote.com.
C:\>dig s.mol.im
; <<>> DiG 9.9.2 <<>> s.mol.im
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36873
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;s.mol.im. IN A
;; ANSWER SECTION:
s.mol.im. 8920 IN CNAME s.mol.im.edgesuite.net.
s.mol.im.edgesuite.net. 8435 IN CNAME a1758.g.akamai.net.
a1758.g.akamai.net. 1 IN A 184.84.220.49
a1758.g.akamai.net. 1 IN A 184.84.220.18
;; Query time: 31 msec
;; SERVER: 192.168.9.2#53(192.168.9.2)
;; WHEN: Tue Jan 08 09:29:30 2013
;; MSG SIZE rcvd: 134
|
|
| |
tomdlgns
Premium Member
2013-Jan-8 1:46 pm
how are you using dig and whois in windows? |
|
 cdruGo Colts
MVM
join:2003-05-14
Fort Wayne, IN |
cdru
MVM
2013-Jan-8 2:15 pm
said by tomdlgns:how are you using dig and whois in windows? said by NetFixer:...there are ports for the Windows platform as well (the Windows versions I use are illustrated below).... Whois for Windows by Microsoft from SysternalsDig for Windows (there are other ports and GUIs as well) |
|
NetFixerFrom My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU
|
to tomdlgns
said by tomdlgns:how are you using dig and whois in windows?
For whois, I use Mark Russinovich's utility that I downloaded from here: » technet.microsoft.com/en ··· bb897435 and I also have a gui whois client from » www.geektools.com/tools.phpI use the dig client that is part of the ISC Bind DNS server package: » www.isc.org/software/bindHere is a link to an old article that describes a way to manually install the dig client without installing the whole bind server package: » www.techrepublic.com/art ··· /5032892 . The files that I extracted from Bind 9.9.2 are shown highlighted in the Explorer window screen shot below: 
Whether you can get away with just copying the files or if you will need the full bind install will depend on if you already have the appropriate VC library files installed on your system. Here is a screen shot of where those file are stored, but I really don't remember which library files are required for the current bind 9.9.2: 
You could probably extract the vcredist executable from the bind archive (shown below) and run that to get the proper VC library files installed, but I already had them on all of the systems I copied the dig files to, so I can't be sure of that. 
|
|
 Wily_One
Premium Member
join:2002-11-24
San Jose, CA
1 recommendation |
Wily_One
Premium Member
2013-Jan-8 10:16 pm
Sometimes it is helpful to have a 3rd-party site outside of your network to use to do lookups. For that I use: » network-tools.com/ |
|
NetFixerFrom My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU
1 recommendation |
NetFixer
Premium Member
2013-Jan-9 7:38 am
said by Wily_One:Sometimes it is helpful to have a 3rd-party site outside of your network to use to do lookups. For that I use: »network-tools.com/
OK, if you feel the need to do so... However, a tethered cellphone or an old fashioned dial-up connection from a PC that is not connected to your LAN will be totally outside of your network if for some reason being outside your network was deemed necessary. Even testing through a VPN connection from a PC that is still physically using your local network infrastructure is still passing its traffic through the same switches, routers, and firewalls. I can certainly understand the reason for wanting to use an outside source for security testing/scanning, or for checking routing problems, but exactly why would using an outside service for doing simple whois or DNS queries really be needed? I also understand that many web sites such as the one to which you provided a pointer offer additional services than simple whois and DNS queries, but the original post in this thread and my replies were only about doing whois and DNS queries. |
|
| |
to sm5w2
is there a tool that shows me every A, cname, txt, etc... record that is created for that domain?
i would type in the domain, submit, and see all the results on the screen. |
|
sm5w2
Premium Member
join:2004-10-13
St Thomas, ON |
to Wily_One
> Sometimes it is helpful to have a 3rd-party site outside of your
> network to use to do lookups. For that I use: »network-tools.com/
Hmmm.
99.99% of what I used iptools for is to either (a) look up an IP address to see what entity "owns" or is using it, or (b) to look up ownership / registration info about a domain. I don't seem to be able to do (a) with network-tools.com. Which I believe is a reverse who-is. |
|
cdruGo Colts
MVM
join:2003-05-14
Fort Wayne, IN |
cdru
MVM
2013-Jan-9 10:17 am
said by sm5w2:99.99% of what I used iptools for is to either (a) look up an IP address to see what entity "owns" or is using it, or (b) to look up ownership / registration info about a domain. I don't seem to be able to do (a) with network-tools.com. Which I believe is a reverse who-is. Punching in the IP address and choosing whois will give you the domain the IP's reverse DNS indicates. Instead of whois select network lookup and it will give who "owns" the IP address. |
|
| cdru |
to tomdlgns
said by tomdlgns:is there a tool that shows me every A, cname, txt, etc... record that is created for that domain?
i would type in the domain, submit, and see all the results on the screen. Not really. What you basically want is a zone transfer and it's usually blocked for security reasons. There are web utilities that will perform individual queries of common records, but not all records. |
|
Wily_One
Premium Member
join:2002-11-24
San Jose, CA |
to NetFixer
said by NetFixer:... but exactly why would using an outside service for doing simple whois or DNS queries really be needed? I work for a large company with a correspondingly large DNS infrastructure. Sometimes it's necessary to compare what I see within the corporate LAN to what "the Internet" sees for spotting problems, troubleshooting, and general verification. This is especially the case for intermittent issues where something works fine for some people but not others. |
|
Wily_One
1 recommendation |
to cdru
said by cdru:Punching in the IP address and choosing whois will give you the domain the IP's reverse DNS indicates. Instead of whois select network lookup and it will give who "owns" the IP address. Yes, quite so. sm5w2  , They're related but a DNS lookup is not quite the same as a WHOIS lookup. If you only care about WHOIS information, another handy website that works for a lot of the country-code and one-off TLDs (where other sites fail) is: » whois.domaintools.com/Back to network-tools.com, you can do simple DNS lookups like many sites let you do, but the power is in the link for 'Advanced Tool' to the right of DNS Records. Here you can specify certain name servers or record types, etc. For example you can compare your ISP's DNS with one of the free resolvers like Google or OpenDNS. |
|
NetFixerFrom My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU
|
to Wily_One
said by Wily_One:said by NetFixer:... but exactly why would using an outside service for doing simple whois or DNS queries really be needed? I work for a large company with a correspondingly large DNS infrastructure. Sometimes it's necessary to compare what I see within the corporate LAN to what "the Internet" sees for spotting problems, troubleshooting, and general verification. This is especially the case for intermittent issues where something works fine for some people but not others. And for whois and DNS queries, that can be done using the whois and dig utilities from any PC (including one on your corporate LAN) if you use the correct options (such as specifying which whois server to use or which DNS server to use). Below are some A record dig queries for att.yahoo.com (a relatively large company with complex DNS) using my local DNS server, an AT&T DNS server, Google's DNS server, and OpenDNS.
C:\>dig att.yahoo.com
; <<>> DiG 9.9.2 <<>> att.yahoo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60415
;; flags: qr rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;att.yahoo.com. IN A
;; ANSWER SECTION:
att.yahoo.com. 101 IN CNAME fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 172 IN CNAME ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 217 IN CNAME ds-geoycpi-uno.gycpi.b.yahoodns.net.
ds-geoycpi-uno.gycpi.b.yahoodns.net. 95 IN CNAME ds-any-ycpi-uno.aycpi.b.yahoodns.net.
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A 206.190.57.60
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A 206.190.57.61
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A 216.115.101.178
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A 98.136.145.152
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A 98.136.145.154
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A 98.136.145.155
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A 98.136.145.153
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A 216.115.101.179
;; Query time: 62 msec
;; SERVER: 192.168.9.2#53(192.168.9.2)
;; WHEN: Thu Jan 10 02:41:56 2013
;; MSG SIZE rcvd: 327
C:\>dig @68.94.156.1 att.yahoo.com
; <<>> DiG 9.9.2 <<>> @68.94.156.1 att.yahoo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49980
;; flags: qr rd ra; QUERY: 1, ANSWER: 10, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;att.yahoo.com. IN A
;; ANSWER SECTION:
att.yahoo.com. 285 IN CNAME fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 27 IN CNAME ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 27 IN CNAME ds-geoycpi-uno.gycpi.b.yahoodns.net.
ds-geoycpi-uno.gycpi.b.yahoodns.net. 81 IN CNAME ds-any-ycpi-uno.aycpi.b.yahoodns.net.
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A 216.115.110.119
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A 66.94.233.186
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A 66.94.233.187
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A 209.191.96.99
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A 209.191.96.100
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A 216.115.110.118
;; Query time: 93 msec
;; SERVER: 68.94.156.1#53(68.94.156.1)
;; WHEN: Thu Jan 10 02:42:08 2013
;; MSG SIZE rcvd: 295
C:\>dig @8.8.8.8 att.yahoo.com
; <<>> DiG 9.9.2 <<>> @8.8.8.8 att.yahoo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52364
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;att.yahoo.com. IN A
;; ANSWER SECTION:
att.yahoo.com. 78 IN CNAME fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 87 IN CNAME ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 87 IN CNAME ds-geoycpi-uno.gycpi.b.yahoodns.net.
ds-geoycpi-uno.gycpi.b.yahoodns.net. 87 IN CNAME ds-any-ycpi-uno.aycpi.b.yahoodns.net.
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 87 IN A 216.115.98.124
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 87 IN A 216.115.98.107
;; Query time: 78 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Jan 10 02:42:57 2013
;; MSG SIZE rcvd: 231
C:\>dig @208.67.222.222 att.yahoo.com
; <<>> DiG 9.9.2 <<>> @208.67.222.222 att.yahoo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48207
;; flags: qr rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 8192
;; QUESTION SECTION:
;att.yahoo.com. IN A
;; ANSWER SECTION:
att.yahoo.com. 8 IN CNAME fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 135 IN CNAME ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 135 IN CNAME ds-geoycpi-uno.gycpi.b.yahoodns.net.
ds-geoycpi-uno.gycpi.b.yahoodns.net. 135 IN CNAME ds-any-ycpi-uno.aycpi.b.yahoodns.net.
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A 98.136.145.154
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A 206.190.57.60
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A 216.115.101.179
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A 98.136.145.153
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A 216.115.101.178
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A 98.136.145.155
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A 98.136.145.152
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A 206.190.57.61
;; Query time: 109 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Thu Jan 10 02:43:21 2013
;; MSG SIZE rcvd: 327
Do you notice that the results are different for each different DNS server? All you have to do is use the DNS server(s) that your remote client is using to be able to see the same DNS results that remote client sees (unless that remote client is behind a proxy, or is using DNS servers that use an ACL to limit access from only specific IP addresses...and in those cases, I don't see how using network-tools.com is going to make any difference). |
|
|
Wily_One
Premium Member
join:2002-11-24
San Jose, CA |
Wily_One
Premium Member
2013-Jan-10 4:35 am
Well, no. Perhaps in your world ports are wide open and anyone can do whois and dig queries to the outside from anywhere on your LAN, but my company blocks all that. And while there are certain servers in the DMZ I can get on that can, it's frankly easier to open up a web browser and just do it there. |
|
NetFixerFrom My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU
|
NetFixer
Premium Member
2013-Jan-10 5:36 am
said by Wily_One:Well, no. Perhaps in your world ports are wide open and anyone can do whois and dig queries to the outside from anywhere on your LAN, but my company blocks all that. And while there are certain servers in the DMZ I can get on that can, it's frankly easier to open up a web browser and just do it there.
Even on my small LAN, I have some workstations that are locked down. However I don't find it any more difficult to telnet or ssh into a local server/workstation with the proper tools and network permissions than I do entering a URL into a web browser. And I also have http access to the same whois and dig tools on my web server which is accessible from my LAN or from anywhere I happen to be (just like your favorite network-tools.com site). But by using my own web site I control the scripts and updates instead of depending on an outside site's scripts and update policy (and FWIW, this thread has reminded me that I do need to do some updating of my whois script on that web server). |
|
cdruGo Colts
MVM
join:2003-05-14
Fort Wayne, IN |
cdru
MVM
2013-Jan-10 8:38 am
Lets all just agree that having a variety of options never hurts. Using a web-based tool doesn't work in every situation and having a PC-based tool doesn't work in every situation. You may be on a server that is locked down and doesn't have easy browser access to the internet at large. Or you may be at a computer that doesn't have the tool installed, doesn't have ssh, or whatever other reason that it's not immediately convenient to use a PC based tool.
If you get the answers that you need, it's correct, and you are happy with the effort it took to get it, who the fsck cares whether it was web or pc based. |
|
| |
to sm5w2
You could use dnstools.com |
|
| |
StrangeInk to sm5w2
Anon
2013-Jan-15 9:40 am
to sm5w2
I came to this post after doing a quick google for "what happened to iptools.com" as I was interested to know too. Well not an explanation, but if you need something as good as iptools.com I have started using » www.mydnstools.info/ instead. Seems like a clean interface, but I do miss being able to input straight into a box on the first page. But then there is also » www.dnsqueries.com/en/ that looks exactly the same, just a bit cluttered for my liking. |
|
| |
mntnman to Wily_One
Anon
2013-Jan-16 12:27 pm
to Wily_One
Amen Wiley. |
|
