获取远程主机的DNS配置 [英] Get DNS configuration of a remote host
问题描述
我想知道如何通过Python网络应用程序获取连接到我的应用程序的远程客户端的DNS配置。
I was wondering how can I through a Python web app, get the DNS configuration of a remote client who's connected to my app.
我想知道如何我可以告诉远程客户端正在使用的DNS服务器。
I would like to know how I can tell what DNS server the remote client is using.
看起来像这样: https://www.perfect-privacy.com/dns-leaktest/
推荐答案
您可以从您链接的服务获取相同的信息,但
You can get the same information as from the service you linked, but
- 您将需要更多网络应用程序
- 信息可能不完全准确
服务的工作方式是在HTML页面中嵌入资源,这些资源又被尝试由浏览器下载。下载要求浏览器解析域名,这样您就可以强制将DNS请求从浏览器强制到您的权威DNS服务器。通过为每个客户端或请求使用唯一的域名,您可以跟踪从服务器请求唯一域名的DNS服务器。
The way the service works is by embedding resources in the HTML page that are in turn attempted to be downloaded by the browser. Downloading requires the browser to resolve the domain name, which allows you to force a DNS request from the browser to your authoritative DNS servers. By using a unique domain name for each client or request, you can track the DNS server requesting the unique domain name from your servers.
该过程将如下所示: / p>
The process would go like this:
-
为每个页面请求生成随机唯一的ID,例如
rndun1qu3(必须是有效的DNS标签,请参阅 RFC1035 )。这必须是一个新的ID,以便它不会出现在任何DNS缓存中。
Generate a random, unique ID for each page request, e.g.
rndun1qu3(must be a valid DNS label, consult RFC1035). This must be a new ID every time so that it will not be present in any DNS cache.
嵌入一个HTML < img> ; 元素在页面中触发下载,例如< img src =rndun1qu3.your-tracking-domain.com/example.png> 。浏览器首次看到此域名时,将尝试解析 rndun1qu3.your-tracking-domain.com 。请注意,触发DNS请求的任何内容都可以用于此目的,例如AJAX调用,< script> 元素等。
Embed a HTML <img> element in the page to trigger a download, e.g. <img src="rndun1qu3.your-tracking-domain.com/example.png">. As the browser sees this domain the first time, it will attempt to resolve rndun1qu3.your-tracking-domain.com. Note that anything that triggers a DNS request is OK for this purpose, e.g. AJAX calls, <script> elements, etc.
监视到达DNS的DNS请求负责 rndun1qu3.your-tracking-domain.com 的服务器。当您看到 rndun1qu3.your-tracking-domain.com 的请求时,请注意请求DNS信息的远程对等IP地址(将是您要查找的IP地址) ),然后通知您的网络应用程序。
Monitor the DNS requests arriving to the DNS server responsible for rndun1qu3.your-tracking-domain.com. When you see a request for rndun1qu3.your-tracking-domain.com, note the remote peer IP address requesting the DNS information (that will be the IP address you are looking for), then notify your web application.
上面解释了为什么我说你将需要更多的网络应用程序 - - 您还需要一个可以监控的DNS服务器。这可能是一个普通的香草DNS服务器,其中包含可以监视的日志,或者是专门构建的。有很多开放源码的项目,甚至可以为您的目的定制的Python示例。所有您需要做的是将您的子域的权威服务器指向该服务器。
The above explains why I said you will need more than a web app -- you will also need a DNS server that you can monitor. This may be a plain vanilla DNS server with logs that you can monitor, or something purpose-built. There are plenty of open source projects and even Python examples you can customize for your purposes. All you need to do is to point the authoritative servers for your subdomain to that server.
至于为什么信息可能不准确,请考虑通常配置DNS服务器将所有请求转发到另一个服务器,而不是通过根DNS服务器。在这种情况下,DNS请求将从最终执行名称解析的服务器(即转发器服务器)到达。例如,您的公司网络可能具有192.168.251.1的DNS服务器,公共IP为1.2.3.4,但如果将请求转发给Google DNS,则可以很好地看到该请求来自8.8.8.8(Google DNS IP)而不是1.2.3.4。 DNS找不到要求查询的原始主机,这样几乎是最好的。
As for why the information may not be accurate, consider that DNS servers are often configured to forward all requests to another server instead of going through the root DNS servers. In this case, the DNS request will arrive from the server that eventually carries out the name resolution, i.e. the forwarder server. For instance, your corporate network may have a DNS server at 192.168.251.1 with a public IP of 1.2.3.4, but if it forwards requests to Google DNS, you may very well see that the request came from 8.8.8.8 (the Google DNS IP) instead of 1.2.3.4. There is no way in DNS to find out the original host requesting the query, so that is pretty much the best you can get.
这篇关于获取远程主机的DNS配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
