Avoid reverse IP domain lookups?
In other words, I just went on whois.sc and entered my IP address and got all the domains hosted on my IP. Is there a way to avoid this? I'm using Bind9.
Thanks!
11 Replies
Do you have a PTR record set up for that IP? You need to do that through the Linode control panel rather than your DNS, by the way.
Are you talking about the Reverse DNS Manager or the DNS Manager?
I only have one IP per each of my Linodes so don't know whether the Reverse DNS Manager can handle multiple IPs per Linode (it should). If it doesn't I'd suggest that you raise a support ticket.
Please note the following from Reverse DNS Manager:
> The hostname you enter must have a valid A/CNAME record pointing to the IP you want to set the reverse DNS for. The A/CNAME record must be propagated and working before we will be able to find it. You may also enter the IP address if you don't want an RDNS entry for that IP.
@A32:
Ok sorry.. Try this link.. It might surprise you:
http://www.domaintools.com/reverse-ip/
I just checked the domain "neonnero.com", which points to 69.12.118.136. The real reverse-DNS points to noreverse.dns-solutions.net, while the first 3 results from the DomainTools website show the domains bd0.info, bd0.net and betadome.com, which 39 more results. This is for the virtual hosting provider (ProHosting.com) I use for my primary website.
Also, looking up 213.184.199.28 using that tool shows the first 3 results as actual-gaming.org, akero.info and akeroe.info, while the actual reverse DNS shows up as nansen.betadome.net (and I know for a fact that this IP address wasn't used for any reverse DNS mapping prior to the current mapping).
Judging by that, I can tell that the DomainTools reverse DNS uses cached results from the individual domains, rather than a plain reverse DNS lookup.
So… where's the surprise?
> Judging by that, I can tell that the DomainTools reverse DNS uses cached results from the individual domains, rather than a plain reverse DNS lookup.
So… where's the surprise?
The surprise comes from me on my end because I don't even use some of the domains that are listed (yet they belong to me). The only entries for those domains are with my registrar (NS) and bind.. I don't understand where they got them!
Like for instance..
Registrar end:
NS: ns1.domain1.com (123.123.123.123) ns2.domain.com (123.123.123.124)
domain1: ns1.domain1.com ns2.domain1.com
domain2: ns1.domain1.com ns2.domain1.com
domain3: ns1.domain1.com ns2.domain1.com
But I'm missing something. How did they take 1 IP address and get all the domain names that are hosted on it if all they know is my nameserver IP's? Doesn't that mean that bind is giving away a list of all domain names configured on my linode?
For the curious, you can get access to various key TLD zone files by filling out a legal agreement and sending it back to Verisign:
Application forms (which must be filled out, signed, and faxed):
The zone files are a bit different from whois information. They contain every domain (in the TLD) and the IPs of their nameservers.