dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
4085
share rss forum feed


sm5w2

join:2004-10-13
St Thomas, ON

iptools.com is dead? (domain for sale?)

I don't know what you people use for dns and domain queries that you might need to carry out from time to time as part of being a network admin, spam or malware detective, etc, but I've been using iptools.com for maybe the past 4 years.

Well today, after seeing a strange entry in my router's out-bound log (s.mol.im - probably related to web-metrics or ad-serving) I wanted to see who owned the domain mol.im before I added it to my hosts file. I went to iptools.com and was greeted with a stark "this domain may be for sale", with only a perfunctory "search" dialog box as the only function.

I guess I'll be looking for a new portal to perform whois, domain and IP lookups now. Bummer...



NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast

1 recommendation

said by sm5w2:

I don't know what you people use for dns and domain queries that you might need to carry out from time to time as part of being a network admin, spam or malware detective, etc, but I've been using iptools.com for maybe the past 4 years.

Well today, after seeing a strange entry in my router's out-bound log (s.mol.im - probably related to web-metrics or ad-serving) I wanted to see who owned the domain mol.im before I added it to my hosts file. I went to iptools.com and was greeted with a stark "this domain may be for sale", with only a perfunctory "search" dialog box as the only function.

I guess I'll be looking for a new portal to perform whois, domain and IP lookups now. Bummer...

There is really no need to use an outside service for whois or DNS queries. The whois and dig tools are included in every *nix distribution, and there are ports for the Windows platform as well (the Windows versions I use are illustrated below).

C:\>whois mol.im
 
Whois v1.11 - Domain information lookup utility
Sysinternals - www.sysinternals.com
Copyright (C) 2005-2012 Mark Russinovich
 
Connecting to IM.whois-servers.net...
 
Domain Name:    MOL.IM
Domain Managers
Name: Com Laude
Address
28-30 Little Russell Street
London
WC1A 2HN
United Kingdom
Domain Owners / Registrant
Name: Associated Newspapers Limited
Address
Northcliffe House
2 Derry Street
W8 5TT
United Kingdom
Administrative Contact
Name:   Associated Newspapers Limited
Address
Northcliffe House
2 Derry Street
W8 5TT
United Kingdom
Billing Contact
Name:  Billing Manager
Address
28-30 Little Russell Street
London
WC1A 2HN
United Kingdom
Technical Contact
Name:  Technical Manager
Address
28-30 Little Russell Street
London
WC1A 2HN
United Kingdom
Domain Details
Expiry Date: 20/11/2013 00:59:58
Name Server: ns6.associated.co.uk.
Name Server: ns5.anlremote.com.
 
C:\>dig s.mol.im
 
; <<>> DiG 9.9.2 <<>> s.mol.im
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36873
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;s.mol.im.                      IN      A
 
;; ANSWER SECTION:
s.mol.im.               8920    IN      CNAME   s.mol.im.edgesuite.net.
s.mol.im.edgesuite.net. 8435    IN      CNAME   a1758.g.akamai.net.
a1758.g.akamai.net.     1       IN      A       184.84.220.49
a1758.g.akamai.net.     1       IN      A       184.84.220.18
 
;; Query time: 31 msec
;; SERVER: 192.168.9.2#53(192.168.9.2)
;; WHEN: Tue Jan 08 09:29:30 2013
;; MSG SIZE  rcvd: 134
 

--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.

tomdlgns
Premium
join:2003-03-21
Chicago, IL
kudos:1

how are you using dig and whois in windows?



cdru
Go Colts
Premium,MVM
join:2003-05-14
Fort Wayne, IN
kudos:7

said by tomdlgns:

how are you using dig and whois in windows?

said by NetFixer:

...there are ports for the Windows platform as well (the Windows versions I use are illustrated below)....

Whois for Windows by Microsoft from Systernals

Dig for Windows (there are other ports and GUIs as well)


NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast
reply to tomdlgns

said by tomdlgns:

how are you using dig and whois in windows?

For whois, I use Mark Russinovich's utility that I downloaded from here: »technet.microsoft.com/en-us/sysi···bb897435 and I also have a gui whois client from »www.geektools.com/tools.php

I use the dig client that is part of the ISC Bind DNS server package: »www.isc.org/software/bind
Here is a link to an old article that describes a way to manually install the dig client without installing the whole bind server package: »www.techrepublic.com/article/use···/5032892 . The files that I extracted from Bind 9.9.2 are shown highlighted in the Explorer window screen shot below:




Whether you can get away with just copying the files or if you will need the full bind install will depend on if you already have the appropriate VC library files installed on your system. Here is a screen shot of where those file are stored, but I really don't remember which library files are required for the current bind 9.9.2:




You could probably extract the vcredist executable from the bind archive (shown below) and run that to get the proper VC library files installed, but I already had them on all of the systems I copied the dig files to, so I can't be sure of that.



--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


Wily_One
Premium
join:2002-11-24
San Jose, CA

1 recommendation

Sometimes it is helpful to have a 3rd-party site outside of your network to use to do lookups. For that I use: »network-tools.com/



NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast

1 recommendation

said by Wily_One:

Sometimes it is helpful to have a 3rd-party site outside of your network to use to do lookups. For that I use: »network-tools.com/

OK, if you feel the need to do so...

However, a tethered cellphone or an old fashioned dial-up connection from a PC that is not connected to your LAN will be totally outside of your network if for some reason being outside your network was deemed necessary. Even testing through a VPN connection from a PC that is still physically using your local network infrastructure is still passing its traffic through the same switches, routers, and firewalls.

I can certainly understand the reason for wanting to use an outside source for security testing/scanning, or for checking routing problems, but exactly why would using an outside service for doing simple whois or DNS queries really be needed?

I also understand that many web sites such as the one to which you provided a pointer offer additional services than simple whois and DNS queries, but the original post in this thread and my replies were only about doing whois and DNS queries.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.

tomdlgns
Premium
join:2003-03-21
Chicago, IL
kudos:1
reply to sm5w2

is there a tool that shows me every A, cname, txt, etc... record that is created for that domain?

i would type in the domain, submit, and see all the results on the screen.



sm5w2

join:2004-10-13
St Thomas, ON
reply to Wily_One

> Sometimes it is helpful to have a 3rd-party site outside of your
> network to use to do lookups. For that I use: »network-tools.com/

Hmmm.

99.99% of what I used iptools for is to either (a) look up an IP address to see what entity "owns" or is using it, or (b) to look up ownership / registration info about a domain. I don't seem to be able to do (a) with network-tools.com. Which I believe is a reverse who-is.



cdru
Go Colts
Premium,MVM
join:2003-05-14
Fort Wayne, IN
kudos:7

said by sm5w2:

99.99% of what I used iptools for is to either (a) look up an IP address to see what entity "owns" or is using it, or (b) to look up ownership / registration info about a domain. I don't seem to be able to do (a) with network-tools.com. Which I believe is a reverse who-is.

Punching in the IP address and choosing whois will give you the domain the IP's reverse DNS indicates. Instead of whois select network lookup and it will give who "owns" the IP address.


cdru
Go Colts
Premium,MVM
join:2003-05-14
Fort Wayne, IN
kudos:7
reply to tomdlgns

said by tomdlgns:

is there a tool that shows me every A, cname, txt, etc... record that is created for that domain?

i would type in the domain, submit, and see all the results on the screen.

Not really. What you basically want is a zone transfer and it's usually blocked for security reasons. There are web utilities that will perform individual queries of common records, but not all records.


Wily_One
Premium
join:2002-11-24
San Jose, CA
Reviews:
·AT&T U-Verse
reply to NetFixer

said by NetFixer:

... but exactly why would using an outside service for doing simple whois or DNS queries really be needed?

I work for a large company with a correspondingly large DNS infrastructure. Sometimes it's necessary to compare what I see within the corporate LAN to what "the Internet" sees for spotting problems, troubleshooting, and general verification. This is especially the case for intermittent issues where something works fine for some people but not others.


Wily_One
Premium
join:2002-11-24
San Jose, CA
Reviews:
·AT&T U-Verse

1 recommendation

reply to cdru

said by cdru:

Punching in the IP address and choosing whois will give you the domain the IP's reverse DNS indicates. Instead of whois select network lookup and it will give who "owns" the IP address.

Yes, quite so.

sm5w2 See Profile,
They're related but a DNS lookup is not quite the same as a WHOIS lookup.

If you only care about WHOIS information, another handy website that works for a lot of the country-code and one-off TLDs (where other sites fail) is: »whois.domaintools.com/

Back to network-tools.com, you can do simple DNS lookups like many sites let you do, but the power is in the link for 'Advanced Tool' to the right of DNS Records. Here you can specify certain name servers or record types, etc. For example you can compare your ISP's DNS with one of the free resolvers like Google or OpenDNS.


NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast
reply to Wily_One

said by Wily_One:

said by NetFixer:

... but exactly why would using an outside service for doing simple whois or DNS queries really be needed?

I work for a large company with a correspondingly large DNS infrastructure. Sometimes it's necessary to compare what I see within the corporate LAN to what "the Internet" sees for spotting problems, troubleshooting, and general verification. This is especially the case for intermittent issues where something works fine for some people but not others.

And for whois and DNS queries, that can be done using the whois and dig utilities from any PC (including one on your corporate LAN) if you use the correct options (such as specifying which whois server to use or which DNS server to use).

Below are some A record dig queries for att.yahoo.com (a relatively large company with complex DNS) using my local DNS server, an AT&T DNS server, Google's DNS server, and OpenDNS.


C:\>dig att.yahoo.com
 
; <<>> DiG 9.9.2 <<>> att.yahoo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60415
;; flags: qr rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;att.yahoo.com.                 IN      A
 
;; ANSWER SECTION:
att.yahoo.com.          101     IN      CNAME   fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 172 IN CNAME ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 217 IN CNAME ds-geoycpi-uno.gycpi.b.yahoodns.net.
ds-geoycpi-uno.gycpi.b.yahoodns.net. 95 IN CNAME ds-any-ycpi-uno.aycpi.b.yahoodns.net.
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A   206.190.57.60
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A   206.190.57.61
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A   216.115.101.178
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A   98.136.145.152
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A   98.136.145.154
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A   98.136.145.155
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A   98.136.145.153
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 31 IN A   216.115.101.179
 
;; Query time: 62 msec
;; SERVER: 192.168.9.2#53(192.168.9.2)
;; WHEN: Thu Jan 10 02:41:56 2013
;; MSG SIZE  rcvd: 327
 
C:\>dig @68.94.156.1 att.yahoo.com
 
; <<>> DiG 9.9.2 <<>> @68.94.156.1 att.yahoo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49980
;; flags: qr rd ra; QUERY: 1, ANSWER: 10, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;att.yahoo.com.                 IN      A
 
;; ANSWER SECTION:
att.yahoo.com.          285     IN      CNAME   fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 27 IN CNAME ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 27 IN CNAME ds-geoycpi-uno.gycpi.b.yahoodns.net.
ds-geoycpi-uno.gycpi.b.yahoodns.net. 81 IN CNAME ds-any-ycpi-uno.aycpi.b.yahoodns.net.
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A    216.115.110.119
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A    66.94.233.186
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A    66.94.233.187
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A    209.191.96.99
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A    209.191.96.100
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 1 IN A    216.115.110.118
 
;; Query time: 93 msec
;; SERVER: 68.94.156.1#53(68.94.156.1)
;; WHEN: Thu Jan 10 02:42:08 2013
;; MSG SIZE  rcvd: 295
 
C:\>dig @8.8.8.8 att.yahoo.com
 
; <<>> DiG 9.9.2 <<>> @8.8.8.8 att.yahoo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52364
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;att.yahoo.com.                 IN      A
 
;; ANSWER SECTION:
att.yahoo.com.          78      IN      CNAME   fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 87 IN CNAME ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 87 IN CNAME ds-geoycpi-uno.gycpi.b.yahoodns.net.
ds-geoycpi-uno.gycpi.b.yahoodns.net. 87 IN CNAME ds-any-ycpi-uno.aycpi.b.yahoodns.net.
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 87 IN A   216.115.98.124
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 87 IN A   216.115.98.107
 
;; Query time: 78 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Jan 10 02:42:57 2013
;; MSG SIZE  rcvd: 231
 
C:\>dig @208.67.222.222 att.yahoo.com
 
; <<>> DiG 9.9.2 <<>> @208.67.222.222 att.yahoo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48207
;; flags: qr rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 8192
;; QUESTION SECTION:
;att.yahoo.com.                 IN      A
 
;; ANSWER SECTION:
att.yahoo.com.          8       IN      CNAME   fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
fd-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 135 IN CNAME ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net.
ds-geoycpi-uno-deluxe.gycpi.b.yahoodns.net. 135 IN CNAME ds-geoycpi-uno.gycpi.b.yahoodns.net.
ds-geoycpi-uno.gycpi.b.yahoodns.net. 135 IN CNAME ds-any-ycpi-uno.aycpi.b.yahoodns.net.
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A  98.136.145.154
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A  206.190.57.60
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A  216.115.101.179
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A  98.136.145.153
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A  216.115.101.178
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A  98.136.145.155
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A  98.136.145.152
ds-any-ycpi-uno.aycpi.b.yahoodns.net. 172 IN A  206.190.57.61
 
;; Query time: 109 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Thu Jan 10 02:43:21 2013
;; MSG SIZE  rcvd: 327
 


Do you notice that the results are different for each different DNS server? All you have to do is use the DNS server(s) that your remote client is using to be able to see the same DNS results that remote client sees (unless that remote client is behind a proxy, or is using DNS servers that use an ACL to limit access from only specific IP addresses...and in those cases, I don't see how using network-tools.com is going to make any difference).

--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


Wily_One
Premium
join:2002-11-24
San Jose, CA
Reviews:
·AT&T U-Verse

Well, no. Perhaps in your world ports are wide open and anyone can do whois and dig queries to the outside from anywhere on your LAN, but my company blocks all that. And while there are certain servers in the DMZ I can get on that can, it's frankly easier to open up a web browser and just do it there.



NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast

said by Wily_One:

Well, no. Perhaps in your world ports are wide open and anyone can do whois and dig queries to the outside from anywhere on your LAN, but my company blocks all that. And while there are certain servers in the DMZ I can get on that can, it's frankly easier to open up a web browser and just do it there.

Even on my small LAN, I have some workstations that are locked down. However I don't find it any more difficult to telnet or ssh into a local server/workstation with the proper tools and network permissions than I do entering a URL into a web browser. And I also have http access to the same whois and dig tools on my web server which is accessible from my LAN or from anywhere I happen to be (just like your favorite network-tools.com site). But by using my own web site I control the scripts and updates instead of depending on an outside site's scripts and update policy (and FWIW, this thread has reminded me that I do need to do some updating of my whois script on that web server).
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.

When governments fear people, there is liberty. When the people fear the government, there is tyranny.


cdru
Go Colts
Premium,MVM
join:2003-05-14
Fort Wayne, IN
kudos:7

Lets all just agree that having a variety of options never hurts. Using a web-based tool doesn't work in every situation and having a PC-based tool doesn't work in every situation. You may be on a server that is locked down and doesn't have easy browser access to the internet at large. Or you may be at a computer that doesn't have the tool installed, doesn't have ssh, or whatever other reason that it's not immediately convenient to use a PC based tool.

If you get the answers that you need, it's correct, and you are happy with the effort it took to get it, who the fsck cares whether it was web or pc based.


NJ_Brad

join:2003-07-23
Trenton, NJ
reply to sm5w2

You could use dnstools.com



StrangeInk

@twin.org.uk
reply to sm5w2

I came to this post after doing a quick google for "what happened to iptools.com" as I was interested to know too.

Well not an explanation, but if you need something as good as iptools.com I have started using »www.mydnstools.info/ instead.

Seems like a clean interface, but I do miss being able to input straight into a box on the first page.
But then there is also »www.dnsqueries.com/en/ that looks exactly the same, just a bit cluttered for my liking.



mntnman

@communications.net
reply to Wily_One

Amen Wiley.