Dig (Domain Information Groper) merupakan tool yang digunakan oleh para administrator jaringan untuk mengetahui informasi DNS (Domain Name System) name server, dengan tampilan berupa command line memiliki fungsi lain sebagai cara menganalisa troubleshooting jaringan,serta melakukan lookup DNS dengan menampilkn "jawaban" layanan yang dikembalikan dari name server dan host program.
Dig beroperasi dengan tampilan command line mendukung query IDN (Internationalized Domain Name) dan dig merupakan bagian dari BIND domain name server.
Dig (Domain Information Groper) - Information Gathering Query DNS Name Server
Opsi :
Usage: dig [@global-server] [domain] [q-type] [q-class] {q-opt}
{global-d-opt} host [@local-server] {local-d-opt}
[ host [@local-server] {local-d-opt} [...]]
Where: domain is in the Domain Name System
q-class is one of (in,hs,ch,...) [default: in]
q-type is one of (a,any,mx,ns,soa,hinfo,axfr,txt,...) [default:a]
(Use ixfr=version for type ixfr)
q-opt is one of:
-x dot-notation (shortcut for reverse lookups)
-i (use IP6.INT for IPv6 reverse lookups)
-f filename (batch mode)
-b address[#port] (bind to source address/port)
-p port (specify port number)
-q name (specify query name)
-t type (specify query type)
-c class (specify query class)
-k keyfile (specify tsig key file)
-y [hmac:]name:key (specify named base64 tsig key)
-4 (use IPv4 query transport only)
-6 (use IPv6 query transport only)
-m (enable memory usage debugging)
d-opt is of the form +keyword[=value], where keyword is:
+[no]vc (TCP mode)
+[no]tcp (TCP mode, alternate syntax)
+time=### (Set query timeout) [5]
+tries=### (Set number of UDP attempts) [3]
+retry=### (Set number of UDP retries) [2]
+domain=### (Set default domainname)
+bufsize=### (Set EDNS0 Max UDP packet size)
+ndots=### (Set NDOTS value)
+edns=### (Set EDNS version)
+[no]search (Set whether to use searchlist)
+[no]showsearch (Search with intermediate results)
+[no]defname (Ditto)
+[no]recurse (Recursive mode)
+[no]ignore (Don't revert to TCP for TC responses.)
+[no]fail (Don't try next server on SERVFAIL)
+[no]besteffort (Try to parse even illegal messages)
+[no]aaonly (Set AA flag in query (+[no]aaflag))
+[no]adflag (Set AD flag in query)
+[no]cdflag (Set CD flag in query)
+[no]cl (Control display of class in records)
+[no]cmd (Control display of command line)
+[no]comments (Control display of comment lines)
+[no]question (Control display of question)
+[no]answer (Control display of answer)
+[no]authority (Control display of authority)
+[no]additional (Control display of additional)
+[no]stats (Control display of statistics)
+[no]short (Disable everything except short form of answer)
+[no]ttlid (Control display of ttls in records)
+[no]all (Set or clear all display flags)
+[no]qr (Print question before sending)
+[no]nssearch (Search all authoritative nameservers)
+[no]identify (ID responders in short answers)
+[no]trace (Trace delegation down from root)
+[no]dnssec (Request DNSSEC records)
+[no]nsid (Request Name Server ID)
+[no]sigchase (Chase DNSSEC signatures)
+trusted-key=#### (Trusted Key when chasing DNSSEC sigs)
+[no]topdown (Do DNSSEC validation top down mode)
+[no]multiline (Print records in an expanded format)
global d-opts and servers(before host name) affect all queries.
local d-opts and servers (after host name) affect only that lookup.
-h (print help and exit)
-v (print version and exit)
{global-d-opt} host [@local-server] {local-d-opt}
[ host [@local-server] {local-d-opt} [...]]
Where: domain is in the Domain Name System
q-class is one of (in,hs,ch,...) [default: in]
q-type is one of (a,any,mx,ns,soa,hinfo,axfr,txt,...) [default:a]
(Use ixfr=version for type ixfr)
q-opt is one of:
-x dot-notation (shortcut for reverse lookups)
-i (use IP6.INT for IPv6 reverse lookups)
-f filename (batch mode)
-b address[#port] (bind to source address/port)
-p port (specify port number)
-q name (specify query name)
-t type (specify query type)
-c class (specify query class)
-k keyfile (specify tsig key file)
-y [hmac:]name:key (specify named base64 tsig key)
-4 (use IPv4 query transport only)
-6 (use IPv6 query transport only)
-m (enable memory usage debugging)
d-opt is of the form +keyword[=value], where keyword is:
+[no]vc (TCP mode)
+[no]tcp (TCP mode, alternate syntax)
+time=### (Set query timeout) [5]
+tries=### (Set number of UDP attempts) [3]
+retry=### (Set number of UDP retries) [2]
+domain=### (Set default domainname)
+bufsize=### (Set EDNS0 Max UDP packet size)
+ndots=### (Set NDOTS value)
+edns=### (Set EDNS version)
+[no]search (Set whether to use searchlist)
+[no]showsearch (Search with intermediate results)
+[no]defname (Ditto)
+[no]recurse (Recursive mode)
+[no]ignore (Don't revert to TCP for TC responses.)
+[no]fail (Don't try next server on SERVFAIL)
+[no]besteffort (Try to parse even illegal messages)
+[no]aaonly (Set AA flag in query (+[no]aaflag))
+[no]adflag (Set AD flag in query)
+[no]cdflag (Set CD flag in query)
+[no]cl (Control display of class in records)
+[no]cmd (Control display of command line)
+[no]comments (Control display of comment lines)
+[no]question (Control display of question)
+[no]answer (Control display of answer)
+[no]authority (Control display of authority)
+[no]additional (Control display of additional)
+[no]stats (Control display of statistics)
+[no]short (Disable everything except short form of answer)
+[no]ttlid (Control display of ttls in records)
+[no]all (Set or clear all display flags)
+[no]qr (Print question before sending)
+[no]nssearch (Search all authoritative nameservers)
+[no]identify (ID responders in short answers)
+[no]trace (Trace delegation down from root)
+[no]dnssec (Request DNSSEC records)
+[no]nsid (Request Name Server ID)
+[no]sigchase (Chase DNSSEC signatures)
+trusted-key=#### (Trusted Key when chasing DNSSEC sigs)
+[no]topdown (Do DNSSEC validation top down mode)
+[no]multiline (Print records in an expanded format)
global d-opts and servers(before host name) affect all queries.
local d-opts and servers (after host name) affect only that lookup.
-h (print help and exit)
-v (print version and exit)
Contoh :
Dalam pemakaian sederhananya :
tws@linux:~$ dig www.tws.web.id
Untuk Hasilnya :
; <<>> DiG 9.7.0-P1 <<>> www.tws.web.id
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 42597
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;www.tws.web.id. IN A
;; Query time: 5 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Wed Sep 12 15:38:36 2012
;; MSG SIZE rcvd: 32
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 42597
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;www.tws.web.id. IN A
;; Query time: 5 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Wed Sep 12 15:38:36 2012
;; MSG SIZE rcvd: 32
Dengan opsi menampilkan info tipe query -t (type),contohnya :
tws@linux:~$ dig -t ns www.tws.web.id
Untuk Hasilnya :
; <<>> DiG 9.7.0-P1 <<>> -t ns www.tws.web.id
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44971
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.tws.web.id. IN NS
;; ANSWER SECTION:
www.tws.web.id. 14394 IN CNAME ghs.google.com.
ghs.google.com. 43193 IN CNAME ghs.l.google.com.
;; AUTHORITY SECTION:
l.google.com. 60 IN SOA ns4.google.com. dns-admin.google.com. 1497150 900 900 1800 60
;; Query time: 624 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Wed Sep 12 14:39:29 2012
;; MSG SIZE rcvd: 130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44971
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.tws.web.id. IN NS
;; ANSWER SECTION:
www.tws.web.id. 14394 IN CNAME ghs.google.com.
ghs.google.com. 43193 IN CNAME ghs.l.google.com.
;; AUTHORITY SECTION:
l.google.com. 60 IN SOA ns4.google.com. dns-admin.google.com. 1497150 900 900 1800 60
;; Query time: 624 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Wed Sep 12 14:39:29 2012
;; MSG SIZE rcvd: 130
NOTE :
Tutorial ini hanya untuk tujuan pendidikan. Saya tidak bertanggung jawab atas jenis kegiatan ilegal yang dilakukan oleh Anda.
No comments:
Post a Comment