DNS troubleshooting and reconnaissance
The main tool in Linux to troubleshoot DNS services is dig, which comes pre-installed in almost all Linux distributions. If you don't have dig in your distribution, you can install it with apt-get install dnsutils. The use of this tool is pretty simple, as can be seen here:
Dig <request value you are making> <the request type you are making> +<additional request types>
So, to find name server records for a company (we'll check sans.org), we'll make an ns query against sans.org, as follows:
$ dig sans.org ns ; <<>> DiG 9.16.1-Ubuntu <<>> sans.org ns ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27639 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;sans.org. ...
