Could it be that my DNS (which was set by my ISP) is making money when I go online?
I know that the 'web-page unavailable, but look at these amazing ads'-pages (when the user tries to reach the wrong address) bring them a little bit of money. But I am interested in another case.
Could it be that they serve me an ad (as pop-up or pop-down) when I go to a completely 'normal' page without consent of the web-page itself? It would be a kind of add-on, you ask for page example.com/foe, the example.com site serves the page foe, but the DNS sends you unrequested a pop-under ad.
Am I paranoid, or is it happening? Note: I know how to block ads, pop-ups/under and so on. I just want to investigate better how DNS services are trying to make a buck (or a cent) here and there.
Not exactly. The way DNS works is straight forward; say you host a web server which you have purchased a domain name of noads.com for. When you purchase that domain name you're going to be setting it to point to the IP address of your server. Now, from your servers you can host ads if you wish, or setup redirects so that when someone requests, "Noads.com/hi" they get an ad proclaiming the wonders of a cereal high in fiber. However, at this point you're past the point of DBS resolution. The request to noads.com was resolved to your IP address. The /hi folder was accessed after that resolution took place and your webserver may have presented the ad or redirected as the programmer of the website chose.
As for your ISP sneaking something in there... It would be very bad for their business, if not a suable offense, to add A records to their DNS server which direct you to an IP other than the one registered. To check that you could use www.checkdomain.com to find what the domain should be, and type in the name of the domain you want to reach. Then use a command line (press your windows key and R to bring up a run prompt, then type CMD and press enter) from there type nslookup . This will show you the IP you SHOULD be directed to and the IP you ARE being directed to.
One last parting thought, DNS is not a random function. Meaning you can't set an "If, then" on it. If you request a website it's always going to go to the same IP. The only reason it wouldn't is if there are multiple host records pointing to different IPs for a single name. I don't believe that is something to worry about, as the ISP servers will point to the official "internet" servers which will be carefully tended and kept free of error.
Hopefully this explains everything to your satisfaction. Please feel free to ask for clarification if something is not clear.
Thanks!
Related
My website suddenly stopped working.
When I search for the domain name in WHOIS websites it is showing the correct server ip address and correct DNS IP address.
I can reach the website by its IP address but somehow when I am trying the domain name in browser its not working and its showing "This site can’t be reached"!
There is no error in my server log.
I tried different browsers and different systems and it is same issue.
I am really confused. Even when I am sending GET requests with Postman to my domain, it not reachable but sending request to IP is working!
whois and DNS resolution are two separate things and one does not imply anything for the other, so in short, except in very specific cases, if you have a DNS resolution problem you should use DNS troubleshooting tools, not the whois and especially not web-based whois (the only relevant whois is the registry one).
Now you are giving so few details that noone can really help.
Among the possible ideas to check and probable problems:
you forgot to renew the domain, your registrar put it on hold or worse deleted it (that you can see in whois)
you did a change in the DNS resolution and now it does not work anymore, use online troubleshooting tools like Zonemaster or DNSViz; alternatively your registrar and/or webhosting company should be able to help (since you are neither giving here the domain name nor details about the troubleshooting you do: for DNS problems, the browser is not the first tool to use, look instead at dig).
in appear that the problem was DNS on our local system. we changed it to 8.8.8.8 and then we could access to our domain!
it's usually because you use an addon domain, not the main domain for hosting orders that are set up on cpanel whm
I am using AMP (McMyAdmin3) as control panel for my minecraft and the servers are located at a secret address, except my bungeecord (proxy so multiple minecraft servers can be connected) ofcourse. Now I am trying to have a control panel for my admins, but I want them not to see the IP.
I was thinking of an SRV record, but I am not sure if this even CAN work or HOW it even works.
(Well I have an idea of how it works but I don't know if I am correct)
So I have pointed my domain 'manage.mydomain.com' to the IP I want, I put cloudflare protection on it, so if they resolve the IP, they cannot see the real IP. However, with this done they cannot type in the URL bar 'manage.mydomain.com:[port]' because cloudflare does not allow you to do that, because of the protection. So I tried setting up an SRV record like this:
_mcmyadmin._tcp.manage POINTS TO SRV 0 0 [port] manage.mydomain.com
I waited for 2 days now, and it still did not work, so I am sure that is not the case.
Is there any way to make this work? Or is not even possible with domain stuff :p
Or is there another way to fix this?
Kind regards,
Runefist
DNS is the public phone book of the internet. Its purpose is to take a domain name and map it to an IP Address. It is simply not possible to put anything in DNS and keep it secret.
When you put an address into your browser the first thing it does is find out the IP address associated with it.
In order to use a SRV record the application that uses it needs to be written to use them. Unless you are writing the frontend yourself, there are very few applications that will use SRV records. You can't just put data in there and expect it to be used.
If your intention here is to provide extra security to your servers, this isn't going to do you a lot of good. If you look at your server logs you are already being probed just by being online. The addition of a domain name won't do much change that.
You will be far better off understanding and hardening the security of your server than hiding it and hoping that nobody finds it, because it is almost guaranteed that they will if they have the inclination to do so.
Minecraft SRV records are _minecraft._tcp, you can't change the service name or the client won't be able to resolve it.
That being said, Michael B is right, what you're doing is implementing security by obscurity (which, as we all know, is no security). Instead, you should be using iptables to block all IPs except for the bungee from being able to reach the backend.
This may not even be possible but I'm trying to figure out the URL of the main domain for an add-on domain.
Lets say for example the site is at mymaindomain.com.
If I go to
http://mymaindomain.com/cpanel (or :2082 or :2083)
I get nothing.
That is because mymaindomain.com is an add on domain for the hosting account.
Lets say the primary domain on the account is myprimarydomain.com and this was the domain originally set up with the hosting account. However, this domain is no longer valid and not being leased by the hosting client anymore.
If I log in to cpanel using the old main domain by going to
http://myprimarydomain.com/cpanel (or :2082 or :2083)
I am able to get into cpanel.
The problem is, there must be a new main domain name associated with this account, but I don't know what it is.
Is there any way to find this out given cpanel access to the account?
Is there any other way to find out what the primary domain is on the account?
Any help is much appreciated and bounty will be awarded promptly to the first correct answer.
Sorry, my rep is too low to comment yet, I was wondering if you are able to get the IP of your server once you are in cpanel. (Should be on the right side). If so ... can you go here and input the IP and tell me what the 'node hostname' says? Also ISP might help.
getIP.com
i am not sure whether this correct words to describe the problem, but i try my best to explain.
Suppose i deployed a cloud service with A Name. now client ask me give me something good domain name rather than A.cloudapp.net, so according to need i given him fancy domain name A.myapp.com.
After some time they thinks A is not a good name , give me B. so i change the deployment to B.cloudapp.net and then configured custom Domain Name as B.myapp.com.
Client again comes as says my customer is still using A.myapp.com. Can you do something to redirect them to B.myapp.com. with message that it moved to another address.
As i know i used only CNAME and ARecord on domain registrar . how can show a message over there. That this page is moved to other domain.
If A.myapp.com is no longer in the DNS records then the only way that it's still working is that the DNS propagation hasn't taken full effect yet. That can take even up to a few days. Once that happens then A.myapp.com should no longer resolve. This might also be working if you have a wildcard record for #.myapp.com pointing to the same A.cloudapp.net site.
You can create the A.myapp.com DNS record (if it's not still there) and point it to the same cloudapp.net app again, but then in your cloud app look at the hostname as it comes it to the request. If it is A.myapp.com show them a specific page that reminds them this is now B.myapp.com and then redirect them.
I work for Johns Hopkins University, and our web culture here has been an unruled wilderness for many years. We're trying to get a handle on the enormous number of registered subdomains across our part of the web-universe, and even our IT department is having some trouble tracking down the unabridged list.
Is there a tool or a script that would do this quickly and semi-easily? I'm a developer and would write something but I want to find out if this wheel has been created already.
Alternatively, is there a fancy way to google search, more than just *.jhu.edu or site: .jhu.edu, because those searches turn up tons of sites that use "jhu.edu" in the end of their urls (ex. www.keywordspy.com/organic/domain.aspx?q=cer.jhu.edu)
Thanks for your thoughts on this one!
The Google search site:*.jhu.edu seems to work well for me.
That said, you can also use Wolfram Alpha. Using this search, in the third box click "Subdomains" and then in the new subdomains section that is created click "More".
As #Mark B alluded to in his comment, the only way a domain name (sub or otherwise) has any real value is if a DNS service maps it to a server so that a browser can send it a request. The only way to track down all of the sub-domains is to track down their DNS entries. Thankfully, DNS servers are fairly easy to find, depending on the level of access you have to the network infrastructure and the authoritative DNS server for the parent domain.
If you are able to, you can pull DNS traffic from firewall logs in and around your network. That will let you find DNS servers that are being sent requests for your sub-domains.
Easier though would be to simply follow the DNS trail. The authoritative DNS server for your domain (jhu.edu) will have pointers to the other DNS servers that are authoritative for sub-domains (if your main one is not authoritative already).
If you have access to the domain registrar and have the proper authorization, you should be able to contact technical support and request the zone file or even export it yourself depending on the provider.