Get all DNS records on remote server?

Is it possible to get all DNS records off a remote server?

Normally you can't, but if the DNS server allows zone tranfers to anyone (unlikely) you can do it.

Zone transfers are always available to slave nameservers. This will be at least all the listed nameservers except the master nameserver. Higher security configuration hide the master nameserver and may not allow public access to it.

dig axfr sld.tld. @nameserver

Once upon a time, zone transfers were frequently available to everyone. Today's best practices discourage allowing them to everyone. This helps limit information leakage. The "dig axfr" command above will get the data if it is available.

Try Zonetransfer on unix shell:

$ dig axfr sld.tld. @nameserver

get a list of nameservers delegated for your zone:

$ dig soa sld.tld. +trace

Get all DNS records on remote server?

Related

Recent Posts