A DNS lookup is a means to obtain all of a particular domain name’s available Domain Name System (DNS) records. It can tell you the resolving Internet Protocol (IP) address/es of the domain you used as a search term. It also reveals the domain name’s nameserver/s, mail exchanger (MX) servers, and more.
Think of it as a phone book containing a person’s address and phone number. In this case, the person’s name is the domain name, his/her address is the nameserver address, and his/her phone number is the IP address.
Other interesting terms…
Read More about “DNS Lookup”
Before going too deep into a DNS lookup, let’s tackle the basics first.
What Is the DNS?
The DNS is almost always described as the Internet’s phone book, as described above. With its help, you can gather more information about any domain name. To do that, however, the domain’s owner should maintain the web property’s records.
What DNS Records Do DNS Lookups Get Information From?
A DNS lookup tool or DNS checker like this checks various DNS records for more data on a given domain name, including:
- Address (A) record: This tells you what the domain’s resolving IP address/es is/are. That way, when you type the domain name into your browser, you’ll see the correct website. You see, computers need to consult a DNS database to take all users to the sites they’re hoping to browse.
- MX record: This identifies the domain’s MX server/s. The MX server is responsible for directing emails to their intended destinations. If domain owners don’t indicate the correct MX server information in their MX record, they won’t get messages intended for them.
- Nameserver record: This indicates the domain’s nameserver/s. The nameserver holds all of a domain name’s DNS records and is the one browsers consult to get directed to the correct IP address, email server, and more.
- Text (TXT) record: This provides more information on the domain, including its Sender Policy Framework (SPF), Domain-Based Message Authentication, Reporting, and Conformance (DMARC) authentication, and other settings typically related to security and communication policies.
- Canonical name (CNAME) record: This enumerates all of the domain’s aliases. In many cases, domain administrators indicate other names (shorter) the domain goes by. That way, all communications meant for it (site visits and emails) don’t get lost.
- Start of Authority (SOA) record: This gives you the domain’s zone data. The DNS is divided into zones administered by specific organizations to keep the space orderly.
There are other DNS records, but the ones above are the ones you’ll likely obtain from a DNS lookup tool.
How Do You Perform a DNS Lookup?
A DNS lookup tool is necessary if you want to know more about a domain name. This tool, for instance, will tell you that threat[.]media has 11 DNS records—three TXT, two A, one SOA, and five MX records.
That said, the DNS lookup for the domain tells you that:
- Threat[.]media is Google-verified and has a 300-second-long time-to-live (TTL) based on its TXT records. That means all packets and related data should be on the computer or network accessing it before they get discarded.
- Threat[.]media resolves to two IP addresses—104[.]21[.]35[.]235 and 172[.]67[.]180[.]173—according to its A records.
- Threat[.]media uses Cloudflare based on its SOA record.
- Threat[.]media has five MX servers. If one of them fails, the others can take over.
What Is a DNS Lookup Used For?
A DNS lookup is helpful for:
- Understanding your DNS configuration: You can use DNS lookup data to expand your knowledge of all your web properties. A thorough list of your digital properties can help you avoid “dangling DNS records.” Dangling DNS records belong to pages that no longer exist, but their DNS records still do. You should know that these records and related setting misconfigurations can lead to vulnerability exploitation.
- Monitoring third parties: You can use DNS lookup information to monitor the configurations and potential anomalies in third-party suppliers’ or partners’ DNS records. Failure to address DNS record misconfigurations or delete unused DNS records can put you at risk.
—
As you’ve learned here, a DNS lookup is critical to maintaining a secure network against DNS-based attacks.