RDNS Database

I am looking for a database that contains a maintained list of all reverse dns records currently appearing on the internet. Hoping for something I can quickly parse.

If that isn't possible, does anyone know a project that will allow me to quickly snag all the reverse dns records and dump into a database manually?

Comments

  • edited March 2023

    I am not sure if you know what you're asking. There's no such thing.

    Thanked by (2)adly ehab
  • dfroedfroe Services Provider

    I'd strongly encourage to overthink such a lifetime project to manually dump every single PTR record.

    it-df.net: IT-Service David Froehlich | Individual network and hosting solutions | AS39083 | RIPE LIR services (IPv4, IPv6, ASN)

  • @Mumbly said:
    I am not sure if you know what you're asking. There's no such thing.

    I know these exist. It's not an impossibility.

    @dfroe said:
    I'd strongly encourage to overthink such a lifetime project to manually dump every single PTR record.

    I concur, sadly the other option isn't really viable as it will cause lookup times that are significantly higher than I want.

  • @dfroe said:
    I'd strongly encourage to overthink such a lifetime project to manually dump every single PTR record.

    Even if he could, the DNS resolvers are going to rate limit him anyway.

  • @Neoon said:

    @dfroe said:
    I'd strongly encourage to overthink such a lifetime project to manually dump every single PTR record.

    Even if he could, the DNS resolvers are going to rate limit him anyway.

    Yep, another reason I'd hope for a database.

    I am not asking for anything real time, just updated somewhat often.

    One option I have found so far:

    https://opendata.rapid7.com/sonar.rdns_v2/

  • @CMunroe said:

    @Neoon said:

    @dfroe said:
    I'd strongly encourage to overthink such a lifetime project to manually dump every single PTR record.

    Even if he could, the DNS resolvers are going to rate limit him anyway.

    Yep, another reason I'd hope for a database.

    I am not asking for anything real time, just updated somewhat often.

    Okay, so, In my case, I am pinging the entire internet right.
    I can do that in 22-23 hours with 50k pps.

    I probably ramp it up to 200k or higher.
    Makes it possible in roughly 6 hours.

    I mean the internet has lots of public, open resolvers.
    If you build yourself a list of 100+ resolvers, you could easily do 1k pps for each vps you have.

    Make it 10 and you probably can do it in a few days.

  • edited March 2023

    @CMunroe said:

    I know these exist. It's not an impossibility.
    One option I have found so far:
    https://opendata.rapid7.com/sonar.rdns_v2/

    Yes it is impossible. There exist as example also databases with millions of gathered passwords but there's no way to collect all existing passwords on the world. What about ssh keys?

    Lets say i have this longstupidlookingdomanwithweirdextension.xyz and then I create several.aaaa.records.of.the.longstupidlookingdomanwithweirdextension.xyz from my /48 for my irc vhosts usage (which I mostly then don't even use). Where on the earth do you hope to get those completely random reverse dns records from?
    Would you perform dns lookup of all potential 340,282,366,920,938,463,463,374,607,431,768,211,456 IPV6 addresses ... and then check also lookup of all corresponding rDNS/PTR records from those results? Not in your lifetime.

  • havochavoc OGContent Writer

    I would imagine most places that need to look this up would do this with a live check plus perhaps some light caching.

    A DB full of potentially stale info seems a bit pointless given the ease of a live check. I guess you're dealing with a niche use case?

  • @Mumbly said:
    Would you perform dns lookup of all potential 340,282,366,920,938,463,463,374,607,431,768,211,456 IPV6 addresses ... and then check also lookup of all corresponding rDNS/PTR records from those results?

    Why would you?
    It makes no sense to lookup IPv6 addresses that not have been announced.

    You can grab a file or routing table anytime that can tell you which IPv6 ranges have been announced.
    Probably more methods to filter out ranges.

    Is it going to take longer? Yes, but impossible? No.

  • edited March 2023

    And ALL those announced /29 and /32 subnets are small enough to make it viable to get all AAAA records out of their individual random /128s by making trillions and trillions dns lookoups? 😆

    Thanked by (1)quicksilver03
  • havochavoc OGContent Writer

    @Mumbly said:
    And ALL those announced /29 and /32 subnets are small enough to make it viable to get all AAAA records out of their individual random /128s by making trillions and trillions dns lookoups? 😆

    I'd imagine OP is asking about ipv4 only.

  • edited March 2023

    I don't know. He asked about all reverse dns records, but principle is more or less the same.
    You can't get results solely from DNS PTR lookups as there's no known list of all existing domains/subdomains but other way around, from rDNS lookups.
    And once you finish with all existing IPs you need to perform also DNS PTR lookups (this would be easier I guess) from rDNS results to see if dns record exist also on the domain/subdomain side.
    I don't see how this would be viable. Maybe reverse dns limited to IPv4 solely but I am not convienced even in that as a lot of those records aren't permanent and they would change before he even finish his database.

  • @Mumbly said:
    I don't know. He asked about all reverse dns records, but principle is more or less the same.
    You can't get results solely from DNS PTR lookups as there's no known list of all existing domains/subdomains but other way around, from rDNS lookups.
    And once you finish with all existing IPs you need to perform also DNS PTR lookups (this would be easier I guess) from rDNS results to see if dns record exist also on the domain/subdomain side.
    I don't see how this would be viable. Maybe reverse dns limited to IPv4 solely but I am not convienced even in that as a lot of those records aren't permanent and they would change before he even finish his database.

    I suppose there are "only" 4 billion IPv4 addresses, which at least makes the database size feasible - but as you say, it would be out of date before you even finished assembling it.

    There's probably a smarter way of pulling the data you actually want, because I'm struggling to imagine a use case that actually needs every single rDNS record on the planet.

    Thanked by (1)Mumbly
  • skorupionskorupion Services Provider

    @ahnlak said: only" 4 billion IPv4 addresses

    Even less, considering things like 10.0.0.0/8 192.168.0.0/16 127.0.0.0/8

    Crunchbits Technical Support, Technical Writer, and Sales
    Contact me at: +1 (347) 518-1661 or [email protected]

  • Definitely only after ipv4 only in this case.

    It should be dooable.

  • RapToNRapToN Hosting ProviderOG
    edited March 2023

    @CMunroe said:
    Definitely only after ipv4 only in this case.

    It should be dooable.

    Why don't you just tell us what you're up to?

    As you've been told several times, that doesn't sound like the best way to go, since rdns records can change regularly.

  • Some data hoarding companies and secret agencies around the world definitely do this to match bits and pieces together. Data hoarding companies like Security Trails, MaxmindDB and other providers may have the data you're looking for given that you pay the right price.

  • Thank you Thank you!

    This is exactly what I needed. Is this something you created?

  • @CMunroe said:

    Thank you Thank you!

    This is exactly what I needed. Is this something you created?

    You're welcome, and yes, it's my project.

  • @PinHead said: You're welcome, and yes, it's my project.

    Do you have any linking to the find the latest file, or just a manual process each time? i.e. http://example.com/rdns-latest -> rdns_03_2023

  • You might find this interesting: https://blog.apnic.net/2023/03/22/zdns-a-fast-dns-toolkit-for-internet-measurement/

    • ZDNS is an open-source scanning system that can resolve 50M domains in 10 minutes and query the PTR records of the full public IPv4 address space in 12 hours.

Sign In or Register to comment.