-
September 18th, 2007, 12:45 AM
#1
DNS ISSUE
So in the process of conducting some network discovery for a new client I have discovered the following ...
C:\>ping -a x.x.x.10
Pinging 10.domain.tld [x.x.x.10] with 32 bytes of data:
Reply from x.x.x.10: bytes=32 time=83ms TTL=111
Reply from x.x.x.10: bytes=32 time=108ms TTL=111
Reply from x.x.x.10: bytes=32 time=107ms TTL=111
Reply from x.x.x.10: bytes=32 time=107ms TTL=111
Their DNS is hosted by their ISP and something is obviously wrong as their reverse dns is appearing as domain.tld. Could anyone shed some light on exact what is wrong so that I can notify their ISP?
-
September 18th, 2007, 02:41 AM
#2
Contact the ISP and have them setup the reverse dns records you want changed to point to the dns name you want.
If the IP is 13.12.11.10
Request to have this change made:
11.12.13.in-addr.arpa
10 PTR myserver.realdomain.com
I know it looks backwards.
Most DNS staff will understand simple english as "Please set the reverse dns record for 13.12.11.10 point to myserver.realdomain.com".
Maybe have them switch to another DNS hosting company, such as dnspark.net.
-
September 18th, 2007, 03:11 AM
#3
Thanks. Could you please clarify the significance of the "domain.tld" or is it merely a place holder?
-
September 18th, 2007, 07:43 AM
#4
In a LAN setting you can use any name or tld you want. Some providers don't even bother setting up a reverse lookup. So it's probably a placeholder.
To have a proper look at resolving issues use nslookup not ping
Also note that Active Directory and DNS are tightly coupled, so perhaps you're looking at the internal DNS not the ISP's DNS. Again use nslookup..
Last edited by SirDice; September 18th, 2007 at 07:46 AM.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
September 18th, 2007, 09:11 AM
#5
Thank you for your reply, but the IP address in question is actually a public IP address. I know that nslookup and dig are proper tools for DNS queries, but a ping was easier at the time ... haha.
-
September 18th, 2007, 09:50 AM
#6
The 'A' record and the PTR record can be managed by different people/companies.
For example if it is a web site you are pinging, then the 'A' record will usually be managed by the hosting company you use - or by yourself via the hosting companies control panel.
The PTR will be always be managed by the issuer of the IP address (not necessarily your ISP), so the name is usually something that will identify them as it will conform the their naming policy for internal administration reasons - i.e. We use Altohiway to supply our IP addresses, unless I have asked for the PTR to be altered, the syntax for the PTR is "mycompany12.hiway.co.uk", which to Altohiway would be the 12th IP they have assigned to my company, with obviously hiway.co.uk being the TLD for the sub-domain.
It is often just a case of sending them an email asking them to alter the PTR record of the IP in question to point to a name of your choosing.
Last edited by Nokia; September 18th, 2007 at 10:02 AM.
Similar Threads
-
By Ghost_25inf in forum Hardware
Replies: 2
Last Post: February 6th, 2007, 04:10 PM
-
By phishphreek in forum General Computer Discussions
Replies: 1
Last Post: May 30th, 2006, 05:04 PM
-
By hatebreed2000 in forum Microsoft Security Discussions
Replies: 5
Last Post: October 4th, 2004, 10:13 PM
-
By AngelicKnight in forum Newbie Security Questions
Replies: 30
Last Post: January 20th, 2004, 10:43 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|