Recently in DNS Category

alias whois='whois -H'

Put that in your .bashrc (or equivalent) and get rid of the legal disclaimers which usually mean that you have to scroll up two pages to get the actual results! I should have looked at the whois man page ages ago.

Michele posted about the fun and games with Domainnews and copyright two months ago. Domainnews seem to have finally realised  and their "Chief Editor" has replied claiming innocence. Unfortunately he still does not seem to realise what he has done wrong, and he still hasn't as much as apologised yet. In fact Michele had to send a DMCA Takedown notice to Google before anything was done. For fun and giggles I had a look at the Domainnews site and spotted a post attributed to "press" which is a copy of the domains.asia press release here. According to Domainnews: "press is one of our editors and not someone we are trying to credit this to". What's even more fun is that the DotAsia press release is covered by a Creative Commons Attribution License (look at the icon at the bottom left of DotAsia's press release) which probably means that DotAsia would at least like a link back. Even if they didn't have the CC license, it is just a common courtesy to link back to the originating site, even for a press release. There is no point posting about DotAsia starting a new program, if the reader can't click on a link and have a look around to get more details. The whole whole point of the Internet was/is to share information.

I have come across a couple of handy little trick for DNS recently which I'm going to throw up here just to save me searching when I need them in the future :)

Getting The Version Of A DNS Server

To get the version of a DNS server, you can run the following command:

dig @dns_server_you_want_to_check +short version.bind chaos txt

It is very easy for the server administrator to change this to whatever they want, but it's still a handy command.

Getting The Whois Server For A Top Level Domain

I found the following command for finding the whois server for a TLD on the Nominet Blog.

dig +short _nicname._tcp.ie srv

This should return:

10 0 43 whois.domainregistry.ie.

This means that the whois server for .ie is listening to port 43 at whois.domainregistry.ie. Unfortunately, not all TLDs support this, most noticeably .com.

Since ICANN Lisbon, EURid has been taking lots of abuse from all corners due to their business practices. Michele has talked about the conduct of EURid Staff during their session at Lisbon and John McCormac also has plenty to say about EURid Incompetence. One older post that was pointed out to me has really caught my eye. It is by Phill Parker and is simply entitled EURid Are Pure Evil. One of the EURid registrar rules is that you may only have one connection to the EPP server at any given time. However, certain registrars are gaming the system by getting "Registrars" accredited who haven't even got a website or any trading presence. These virtual accredited registrars are then used for additional connections to the EPP server giving those who follow the rules no chance. A quick bit of Googling led me to Commission Regulation (EC) No 874/2004 of 28 April 2004 available here. To quote the second paragraph of Article 4 of the above document:

The procedure for the accreditation of registrars shall be deter- mined by the Registry and shall be reasonable, transparent and non-discriminatory, and shall ensure effective and fair condi- tions of competition.

I'm by no means a legal expert, but what Phill describes seems like a very clear cut breach of the above paragraph. This only took me a couple of minutes to find, and I'm betting that it's only the very tip of the iceberg. What other EU Regulations are EURid breaching on a daily basis? It has become fairly obvious that EURid are totally incapable of handling a gTLD, I'll let Michele tell of why multiyear registrations are out :) Why are the European Commission not stepping in and asking serious questions of EURid?

A while ago Michele blogged about generating stats from Rbldnsd. Since then I've had to put it into practice. During the post he mentioned Jeff Chan's script for getting the numbers from rbldnsd's stats file. The only problem with this script was that it rapidly ran out of steam when you went over ten zones. This becomes a problem when you consider that a dnsbl like countries.nerd.dk has over 200 zones. A new script was created in order to get around this limitation, which is available here. If no argument is passed to the script, it will return the aggregate numbers for all the zones, and if the zone name is passed in as an argument it will give the numbers for that zone. In both cases it will return two lines. The first is the number of positve hits on the zone, the second line is the total number of requests to the zone. In order to use the script with mrtg you will have to edit the $statfile variable to point at where rbldnsd is outputting it's stats. For each DNSBL, you have to setup a target in your MRTG config. The target for sbl.spamhaus.org would be:

Target[sbl.spamhaus.org]: `perl /etc/mrtg/rbldnsdstat.pl sbl.spamhaus.org` MaxBytes[sbl.spamhaus.org]: 4800000 Title[sbl.spamhaus.org]: RBLDNSD - sbl.spamhaus.org PageTop[sbl.spamhaus.org]: <H1>sbl.spamhaus.org requests </H1>

MRTG should then be run every five minutes using cron.

Looks like Google managed to forget to renew the google.de domain. Oops :)