Saturday, September 10, 2011

dnssec NSEC record poor man's axfr


$ dig +dnssec isc.org NSEC
; <<>> DiG 9.3.4 <<>> +dnssec isc.org NSEC
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47304
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4000
;; QUESTION SECTION:
;isc.org.                       IN      NSEC
;; ANSWER SECTION:
isc.org.                3600    IN      NSEC    _kerberos.isc.org. A NS SOA MX TXT AAAA NAPTR RRSIG NSEC DNSKEY TYPE99
;; Query time: 23 msec
;; SERVER: 68.87.76.182#53(68.87.76.182)
;; WHEN: Sat Sep 10 19:38:38 2011
;; MSG SIZE  rcvd: 82

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)