[研究]DNS Server連線測試與版本檢查
2025-05-16
環境:Visual Studio 2022 + ASP.NET + WebForm + Web Application + C# + SQL Server 2019 + SQL Server Management Studio (SSMS) 19
********************************************************************************
DNS Server 連線測試
telnet 168.95.1.1 53 測試連 HiNet DNS Server
下圖,可以連
telnet 168.95.1.1 53 測試連 Google DNS Server
下圖,可以連
DNS Server 版本測試 (用 nmap)
測試 HiNET DNS Server,看不出 DNS Server 種類與版本
C:\>nmap -sU -sV -p 53 168.95.1.1 Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-16 08:58 ¥x¥_?D·CRE?! Nmap scan report for dns.hinet.net (168.95.1.1) Host is up (0.0060s latency). PORT STATE SERVICE VERSION 53/udp open domain Unbound Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 0.30 seconds C:\> |
測試 Google DNS Server,看不出 DNS Server 種類與版本
C:\>nmap -sU -sV -p 53 8.8.8.8 Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-16 08:57 ¥x¥_?D·CRE?! Nmap scan report for dns.google (8.8.8.8) Host is up (0.28s latency). PORT STATE SERVICE VERSION 53/udp open domain (generic dns response: NOTIMP) 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port53-UDP:V=7.95%I=7%D=5/16%Time=68268D91%P=i686-pc-windows-windows%r( SF:DNSVersionBindReq,1E,"\0\x06\x81\x82\0\x01\0\0\0\0\0\0\x07version\x04bi SF:nd\0\0\x10\0\x03")%r(DNS-SD,79,"\0\0\x80\x83\0\x01\0\0\0\x01\0\0\t_serv SF:ices\x07_dns-sd\x04_udp\x05local\0\0\x0c\0\x01\0\0\x06\0\x01\0\x01Q\x10 SF:\0@\x01a\x0croot-servers\x03net\0\x05nstld\x0cverisign-grs\x03com\0x\xb SF:3\xd5n\0\0\x07\x08\0\0\x03\x84\0\t:\x80\0\x01Q\x80")%r(NBTStat,32,"\x80 SF:\xf0\x80\x92\0\x01\0\0\0\0\0\0\x20CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\0\0! SF:\0\x01"); Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 26.52 seconds C:\> |
測試連 Windows Server 2025 Standard 安裝 DNS Server (關閉 Windows Defender 防火牆後),看不出 DNS Server 種類與版本
C:\>ping 192.168.128.144
Ping 192.168.128.144 (使用 32 位元組的資料):
回覆自 192.168.128.144: 位元組=32 時間<1ms TTL=128
回覆自 192.168.128.144: 位元組=32 時間<1ms TTL=128
回覆自 192.168.128.144: 位元組=32 時間<1ms TTL=128
回覆自 192.168.128.144: 位元組=32 時間<1ms TTL=128
192.168.128.144 的 Ping 統計資料:
封包: 已傳送 = 4,已收到 = 4, 已遺失 = 0 (0% 遺失),
大約的來回時間 (毫秒):
最小值 = 0ms,最大值 = 0ms,平均 = 0ms
C:\>
C:\>nmap -sU -sV -p 53 192.168.128.144 Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-16 09:57 ¥x¥_?D·CRE?! Nmap scan report for 192.168.128.144 Host is up (0.00s latency). PORT STATE SERVICE VERSION 53/udp open domain (generic dns response: NOTIMP) 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service : SF-Port53-UDP:V=7.95%I=7%D=5/16%Time=68269B9B%P=i686-pc-windows-windows%r( SF:DNS-SD,2E,"\0\0\x80\x82\0\x01\0\0\0\0\0\0\t_services\x07_dns-sd\x04_udp SF:\x05local\0\0\x0c\0\x01")%r(NBTStat,32,"\x80\xf0\x80\x82\0\x01\0\0\0\0\ SF:0\0\x20CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\0\0!\0\x01"); MAC Address: 00:0C:29:7A:E1:DA (VMware) Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 25.32 seconds C:\> |
測試連 Rocky Linux 9.5 安裝 DNS Server (bind) (防火牆開放 port 53)
C:\>nmap -sU -sV -p 53 192.168.128.132
Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-16 10:07 ¥x¥_?D·CRE?!
Nmap scan report for 192.168.128.132
Host is up (0.00013s latency).
PORT STATE SERVICE VERSION
53/udp open domain ISC BIND 9.16.23 (RedHat Linux)
MAC Address: 00:0C:29:31:18:E0 (VMware)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 0.33 seconds
C:\>
|
********************************************************************************
DNS Server 版本測試 (用 Rocky Linux 9.5 上 dig)
[user1@localhost ~]$ dig -v DiG 9.16.23-RH [user1@localhost ~]$ [user1@localhost ~]$ dig @8.8.8.8 version.bind txt chaos
; <<>> DiG 9.16.23-RH <<>> @8.8.8.8 version.bind txt chaos
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 25255
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;version.bind. CH TXT
;; Query time: 8 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri May 16 10:13:31 CST 2025
;; MSG SIZE rcvd: 41
[user1@localhost ~]$ dig @168.95.1.1 version.bind txt chaos
; <<>> DiG 9.16.23-RH <<>> @168.95.1.1 version.bind txt chaos
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 15344
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;version.bind. CH TXT
;; Query time: 7 msec
;; SERVER: 168.95.1.1#53(168.95.1.1)
;; WHEN: Fri May 16 10:14:28 CST 2025
;; MSG SIZE rcvd: 41
[user1@localhost ~]$ dig @127.0.0.1 version.bind txt chaos
; <<>> DiG 9.16.23-RH <<>> @127.0.0.1 version.bind txt chaos
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52033
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: d0adaffc131a62320100000068269faa5b90de87e8ec3faf (good)
;; QUESTION SECTION:
;version.bind. CH TXT
;; ANSWER SECTION:
version.bind. 0 CH TXT "9.16.23-RH"
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri May 16 10:15:06 CST 2025
;; MSG SIZE rcvd: 92
[user1@localhost ~]$ dig @168.95.1.1 version txt chaos
; <<>> DiG 9.16.23-RH <<>> @168.95.1.1 version txt chaos
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 19202
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;version. CH TXT
;; Query time: 2 msec
;; SERVER: 168.95.1.1#53(168.95.1.1)
;; WHEN: Fri May 16 10:15:47 CST 2025
;; MSG SIZE rcvd: 36
[user1@localhost ~]$ dig @8.8.8.8 version txt chaos
; <<>> DiG 9.16.23-RH <<>> @8.8.8.8 version txt chaos
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 64846
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;version. CH TXT
;; Query time: 6 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri May 16 10:16:30 CST 2025
;; MSG SIZE rcvd: 36
[user1@localhost ~]$
|
(完)
相關
沒有留言:
張貼留言