Question : How to properly query a domain for all DNS records

I've been using www.who.is, but it seems like it sometimes doesn't pull all the info, especially CNAMEs or A records

Any advice would be appreciated

Answer : How to properly query a domain for all DNS records

A tool like WHOIS from any provider can provide you with the DNS servers for a specific domain (NS records). Once you know the name servers, you can query these directly. If the DNS servers allow for a zone transfer, you'll be able to obtain all the records for the DNS zone.

In Windows, you could use:

nslookup
server x.x.x.x (where x.x.x.x matches one of the zones NS records)
set type=any
ls -d company.net
exit

If the zone does not allow for zone transfers, you could use a tool to enumerate DNS records like with FierceDNS (perl script):

http://carnal0wnage.blogspot.com/2007/12/fiercedns-for-dns-enumeration.html

Hope this helps...

Mike

Random Solutions

.pfx and .cer file, to access Web services

what ports need to be connected for Cisco 2811 on network

Restrict internet access to allow only certain pre-defined websites

internal routing between exchange server with smart host

Is it possible to install a better virtual display adapter than the one which is installed by default in Virtual XP Mode within Windows 7?

Export All Information in DHCP

Member server on the DMZ

E-mailing through telnet - How do you attach files?

Networking by crossover (2 WinXPPro PCs)

Lotus Notes Version 8.5 (Evaluation Copy)