Skip to content

WHOIS + DNS

  • query and response protocol that fetches information about registered internet resources

  • historic whois records: https://whoisfreaks.com/signup.html

  • whois inlanefreight.com

  • Bulletproof servers - “don't ask, don't tell” philosophy

  • Bulletproof hosting services are often found in countries with more relaxed laws about what type content is hosted on these servers, and also have less strict extradition laws

DNS

  • host files are used for IP and domain mapping
  • This is a local file that can override the internet dns mapping
  • The hosts file is located in:
    • C:\Windows\System32\drivers\etc\hosts on Windows
    • /etc/hosts on Linux and MacOS.
  • Block unwanted sites by mapping them to incorrect IPs.
  • IN stands for Internet.
  • CNAME can point to outdated servers
  • NS can give hosting provider info
  • A records can point to load balancers
  • TXT records can have sensitive information
  • Monitoring changes where a new subdomain might be added.

TOOLS:

  • Use with caution as the target might flag excessive DNS requests