Aquilenet

h1. Mentiodns

Validation des DNS à partir d'une liste sur un unbound et un DNS grand FAI et comparaison des résultats ;)

h2. Noeud actifs

|_. Nom |_. Bloc |

| Mezzanine | domain_names.com_sortedad |

| Millicent | domain_names.com_sortedab |

| Sacha | domain_names.com_sortedaa |

| Taziden | domain_names.com_sortedac |

h2. Mentio

<pre>

#-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-#

#  MENTIODNS : Check for lying DNS (France)  #

#--------------------------------------------#

#  Version 1.2 - Round robin on DNS_ISP_LIST #

#                For each request            #

#  Version 1.1 - Allow resume on basename    #

#  Version 1.0 - Parallel process with DIG   #

#--------------------------------------------#

# (c) Sacha at Aquilenet.fr part of FFDN.org #

#--------------------------------------------#

# This shity script intend to bruteforce the ISP lying DNS Servers to identify which one

# is going on Ministry of Interior Blocking page and compare the IP result from your favorite DNS server

# Use this script with the following paramters 

# 1 - domain names file (file with list of domain names whithout the tld  

# 2 - position number if it is not given the script will start at the begining

# If you relanch the script it will check if it has a counter for the given file to resume

# Blacklisted sites in $BLACKLIST_LOG file

# Diff ip from a domain name are in $DIFF_LOG 

RED='\e[31m'

GREEN='\e[32m'

YELLOW='\e[33m'

NC='\033[0m' # No Color

DNS_SOURCE=$1

DNS_SOURCE_BASENAME=`basename $DNS_SOURCE`

tld="com"

HOMEDIR="/root/MENTIODNS"

DIFF_LOG="$HOMEDIR/DNS_DIFF"

BLACKLIST_LOG="$HOMEDIR/DNS_BLACKLISTED"

parallel=10

lines=`wc -l $DNS_SOURCE|awk -F " " '{print $1}'`

countfile="$HOMEDIR/DNS_Count-$DNS_SOURCE_BASENAME"

DNS_ISP_LIST="$HOMEDIR/check-DNS_ISP_LIST"

DNS_MY="10.11.12.254"

DIG_FAST="+timeout=1 +tries=2"

DIG_SLOW="+timeout=5 +tries=3 "

echo $DNS_ISP_LIST

cat $DNS_ISP_LIST

_check(){

i=0

url=""

while [ $i -lt $parallel ]

do

n=`expr $count + $i`

ISP_DNS=`cat $DNS_ISP_LIST | sort -R | head -n 1`

url="$url @$ISP_DNS `awk -v n="${n}" 'NR==n {print;exit}' $DNS_SOURCE`.$tld"

i=`expr $i + 1`

done

}

#--------------------------------------

if [ -z $2 ]; then

        if [ -f $countfile ]; then

        count=`cat $countfile`

        else

        count=0

        echo $count > $countfile

        fi

else count=$2

echo $count > $countfile

fi

#--------------------------------------

while [ "$count" != "$lines" ]; do

echo $count > $countfile

_check

site="$url"

echo "-------------------------------------------------------------------------------"

echo "#$count `date +%Y%m%d-%H%M%S` SITE:$site"

nomentio=`dig +short @$DNS_MY $DIG_SLOW $site|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`

mentio=`dig +short $DIG_SLOW $site|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`

if [ -n "$nomentio" ] && [ -n "$mentio" ]; then

    if [ "$nomentio" != "$mentio" ]; then

        for i in $site; do

                nomentio1=`dig +short $DIG_FAST @$DNS_MY $i|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`

                ISP_DNS=`cat $DNS_ISP_LIST | sort -R | head -n 1`

                mentio1=`dig +short $DIG_FAST @$ISP_DNS $i|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`

                        if [ "$nomentio1" != "$mentio1" ]; then

                                if [ $mentio1 == "90.85.16.52" ]; then

                                        echo -e "$RED! SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO:$mentio1 $NC"

                                        echo "! SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO:$mentio1" >> $BLACKLIST_LOG

                                else

                                echo -e "$YELLOW> SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO: $mentio1 $NC"

                                echo "> SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO: $mentio1" >> $DIFF_LOG

                                fi

                        fi

        done

    else

    echo -e "$GREEN=#$count  SITE: $site  $NC"

    fi

fi

#echo "0 SITE: $count PUB: $nomentio PRIV: $mentio"

count=`expr $count + $parallel`

done

</pre>

h2. Test (valide au 14/06/18)

 dig +short shahamat1.com

 90.85.16.52

h2. Liste de serveurs DNS FAI Français

h3. Free

212.27.40.240

212.27.40.241

212.27.40.244

212.27.40.245

h3. Bouygues

194.158.122.10

194.158.122.15

h3. SFR/Numericable

89.2.0.1

89.2.0.2

h3. Orange

80.10.246.1

80.10.246.2

80.10.246.3

80.10.246.5

80.10.246.7

80.10.246.129

80.10.246.130

80.10.246.132

80.10.246.134

80.10.246.136

81.253.149.1

81.253.149.2

81.253.149.6

81.253.149.9

81.253.149.10

h3. OBS (ouverts)

194.2.0.20

194.2.0.50