Main Menu

The next part of the command forces a “pause” of 10 seconds, to ensure I limit the traffic to the domain server. It then strips out invalid responses and unimportant details not associated with the task at hand, via a chain of grep commands. The chain I use is to ensure clarity of the requirements, and so others who may not be familiar with the grep command can see what is happening.

In addition, the order of the grep commands ensures I eliminate empty lines or failed query responses such as this: 10 IN SOA root\ 2013111501 86400 3600 604800 10

This resulted in 142 positive responses out of the possible 254 that were identified earlier. I stored these results in a file called “dns_lookup_results.txt”, which has also been posted as part of this article. It contains the entire list of identified domain names that returned an IP address, of which a small sample looks like: 21600 IN A 21600 IN A 21600 IN A 21600 IN A 21600 IN A

The first field is the domain name we queried, the second field represents the time a domain server will cache the look up results, in seconds. The IN and A fields simply tell us the domain name is not an alias, and is configured to return a direct IP response. If it was an alias, we would be seeing a CNAME reference in the field where the A reference exists. The last field is the IP Address returned by our query. I was only interested in the first and last fields, but it is interesting to see that all of the IP addresses were A records.