Dave, You might just use adnshost to query the ns records from the parent TLDs. it free and fast and authortative. There are also perl and python bindings to adnslib.
best, -rick On Sat, Mar 8, 2014 at 2:08 PM, Paul Vixie <[email protected]> wrote: > in general, delegations have to meet only two conditions. first, every > name server that's designated by an NS RR above or below a delegation > point has to be authoritative. second, the set of NS RR's below a > delegation point (so, at the zone apex) has to be equal to or a superset > of the set of NS RR's above that delegation point (so, the parent's > zone-leaf). > > note that scraping the TLD's isn't a reliable way to find all the > invocations of your NS RR name, partly because not all TLD's have ZFA, > and partly because not all delegations are in TLD's. passive DNS is your > better answer here. i looked at the NS RRset for your "hireahit.com" > domain, chose one at random, and asked the Farsight DNSDB about it. my > second example below turns off DNS output conversion and shows the raw > JSON, in case that inspires you to consider ways to automate this kind > of auditing. > > --- > > vixie@linux1:~/work/dnsdb_c$ ./dnsdb_query -n anyns1.hireahit.com/ns > ;; record times: 2014-03-06 09:15:40 .. 2014-03-08 19:09:04 > ;; count: 26 > coaxial.ca. NS anyns1.hireahit.com. > > ;; record times: 2014-03-06 15:44:49 .. 2014-03-08 18:53:29 > ;; count: 26 > roidology.ca. NS anyns1.hireahit.com. > > ;; record times: 2014-03-06 21:23:19 .. 2014-03-08 05:11:04 > ;; count: 10 > djw.biz. NS anyns1.hireahit.com. > > ;; record times: 2014-03-06 06:44:07 .. 2014-03-08 19:53:15 > ;; count: 2689 > hireahit.com. NS anyns1.hireahit.com. > > ;; record times: 2014-03-07 03:43:59 .. 2014-03-08 03:34:22 > ;; count: 4 > djwhosting.com. NS anyns1.hireahit.com. > > ;; record times: 2014-03-06 07:21:24 .. 2014-03-08 20:43:57 > ;; count: 3791 > neverhost.net. NS anyns1.hireahit.com. > > ;; record times: 2014-03-06 07:43:12 .. 2014-03-08 19:26:12 > ;; count: 259 > devilsplayground.net. NS anyns1.hireahit.com. > > --- > > vixie@linux1:~/work/dnsdb_c$ ./dnsdb_query -n anyns1.hireahit.com/ns -j > {"count": 26, "time_first": 1394097340, "rrtype": "NS", "rrname": > "coaxial.ca.", "rdata": "anyns1.hireahit.com.", "time_last": 1394305744} > {"count": 26, "time_first": 1394120689, "rrtype": "NS", "rrname": > "roidology.ca.", "rdata": "anyns1.hireahit.com.", "time_last": 1394304809} > {"count": 10, "time_first": 1394140999, "rrtype": "NS", "rrname": > "djw.biz.", "rdata": "anyns1.hireahit.com.", "time_last": 1394255464} > {"count": 2689, "time_first": 1394088247, "rrtype": "NS", "rrname": > "hireahit.com.", "rdata": "anyns1.hireahit.com.", "time_last": 1394308395} > {"count": 4, "time_first": 1394163839, "rrtype": "NS", "rrname": > "djwhosting.com.", "rdata": "anyns1.hireahit.com.", "time_last": > 1394249662} > {"count": 3791, "time_first": 1394090484, "rrtype": "NS", "rrname": > "neverhost.net.", "rdata": "anyns1.hireahit.com.", "time_last": > 1394311437} > {"count": 259, "time_first": 1394091792, "rrtype": "NS", "rrname": > "devilsplayground.net.", "rdata": "anyns1.hireahit.com.", "time_last": > 1394306772} > > === > > vixie > _______________________________________________ > dns-operations mailing list > [email protected] > https://lists.dns-oarc.net/mailman/listinfo/dns-operations > dns-jobs mailing list > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs >
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
