—or, notes for a program “paleodig: DNS historian” I’ll probably never get around to writing. I certainly haven’t since I drafted these notes in 2010.
Forward: FWD_DB=/data/db/paleodig/fwd
Try AXFR…
dig @$AUTH_NS $DOMAIN AXFR > $FWD_DB/$DOMAIN # Filter version string, query info., &c. # "git commit", &c.…but fall back when that fails (as it usually will):
dig $DOMAIN > $FWD_DB/$DOMAIN # Likewise.Perhaps trace other hostnames in
$DOMAINin HTML.
Reverse: REV_DB=/data/db/paleodig/rev
Per-IP only.
Special cases: new hostname, hostname
rm’d (i.e., from DNS itself). Compare multiple authoritatives and show disagreements?
Output: git-filter-brach(1) –> tar czf –> download
Someday, though, Web-based diffing would be nice.
telnet interface.
E-mail notifications of changes?
PostgreSQL for queue (stagger Alexa’s top throughout the day), cached statistics, &c.
How will this data pile up? On-disk storage okay, or need S3?
IPv6.
From http://mailman.nanog.org/pipermail/nanog/2010-December/028635.html:
Date: Fri, 3 Dec 2010 09:45:57 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
Subject: Re: wikileaks dns (was Re: Blocking International DNS)
To: Ken Chase <ken@sizone.org>
Cc: nanog@nanog.org
Message-ID: <20101203084557.GA26742@nic.fr>
Content-Type: text/plain; charset=us-ascii
On Fri, Dec 03, 2010 at 12:52:29AM -0500,
Ken Chase <ken@sizone.org> wrote
a message of 24 lines which said:
> Anyone have records of what wikileaks (RR, i assume) A record was?
91.121.133.41
46.59.1.2
Translated into an URL, the first one does not work (virtual hosting,
may be) but the second does.
I've found also, thanks to a new name resolution protocol, TDNS
(Tweeter DNS), 213.251.145.96, which works.
> I should have queried my favourite open rDNS servers before they
> expired,
dig A wikileaks.org > backup.txt
(from cron)
is a useful method. Other possible solution would be a DNSarchive, in
the same way there is a WebArchive. Any volunteer?