RDNS Database
I am looking for a database that contains a maintained list of all reverse dns records currently appearing on the internet. Hoping for something I can quickly parse.
If that isn't possible, does anyone know a project that will allow me to quickly snag all the reverse dns records and dump into a database manually?
Comments
I am not sure if you know what you're asking. There's no such thing.
I'd strongly encourage to overthink such a lifetime project to manually dump every single PTR record.
it-df.net: IT-Service David Froehlich | Individual network and hosting solutions | AS39083 | RIPE LIR services (IPv4, IPv6, ASN)
I know these exist. It's not an impossibility.
I concur, sadly the other option isn't really viable as it will cause lookup times that are significantly higher than I want.
Even if he could, the DNS resolvers are going to rate limit him anyway.
Free NAT KVM | Free NAT LXC
Yep, another reason I'd hope for a database.
I am not asking for anything real time, just updated somewhat often.
One option I have found so far:
https://opendata.rapid7.com/sonar.rdns_v2/
Okay, so, In my case, I am pinging the entire internet right.
I can do that in 22-23 hours with 50k pps.
I probably ramp it up to 200k or higher.
Makes it possible in roughly 6 hours.
I mean the internet has lots of public, open resolvers.
If you build yourself a list of 100+ resolvers, you could easily do 1k pps for each vps you have.
Make it 10 and you probably can do it in a few days.
Free NAT KVM | Free NAT LXC
Yes it is impossible. There exist as example also databases with millions of gathered passwords but there's no way to collect all existing passwords on the world. What about ssh keys?
Lets say i have this longstupidlookingdomanwithweirdextension.xyz and then I create several.aaaa.records.of.the.longstupidlookingdomanwithweirdextension.xyz from my /48 for my irc vhosts usage (which I mostly then don't even use). Where on the earth do you hope to get those completely random reverse dns records from?
Would you perform dns lookup of all potential 340,282,366,920,938,463,463,374,607,431,768,211,456 IPV6 addresses ... and then check also lookup of all corresponding rDNS/PTR records from those results? Not in your lifetime.
I would imagine most places that need to look this up would do this with a live check plus perhaps some light caching.
A DB full of potentially stale info seems a bit pointless given the ease of a live check. I guess you're dealing with a niche use case?
Why would you?
It makes no sense to lookup IPv6 addresses that not have been announced.
You can grab a file or routing table anytime that can tell you which IPv6 ranges have been announced.
Probably more methods to filter out ranges.
Is it going to take longer? Yes, but impossible? No.
Free NAT KVM | Free NAT LXC
And ALL those announced /29 and /32 subnets are small enough to make it viable to get all AAAA records out of their individual random /128s by making trillions and trillions dns lookoups? 😆
I'd imagine OP is asking about ipv4 only.
I don't know. He asked about all reverse dns records, but principle is more or less the same.
You can't get results solely from DNS PTR lookups as there's no known list of all existing domains/subdomains but other way around, from rDNS lookups.
And once you finish with all existing IPs you need to perform also DNS PTR lookups (this would be easier I guess) from rDNS results to see if dns record exist also on the domain/subdomain side.
I don't see how this would be viable. Maybe reverse dns limited to IPv4 solely but I am not convienced even in that as a lot of those records aren't permanent and they would change before he even finish his database.
I suppose there are "only" 4 billion IPv4 addresses, which at least makes the database size feasible - but as you say, it would be out of date before you even finished assembling it.
There's probably a smarter way of pulling the data you actually want, because I'm struggling to imagine a use case that actually needs every single rDNS record on the planet.
Even less, considering things like 10.0.0.0/8 192.168.0.0/16 127.0.0.0/8
Definitely only after ipv4 only in this case.
It should be dooable.
Why don't you just tell us what you're up to?
As you've been told several times, that doesn't sound like the best way to go, since rdns records can change regularly.
Some data hoarding companies and secret agencies around the world definitely do this to match bits and pieces together. Data hoarding companies like Security Trails, MaxmindDB and other providers may have the data you're looking for given that you pay the right price.
Reverse IPv4 dataset februari 2023: https://ipsniper.info/archive/dns_data/2023-02_rdns_all_ipv4.json.gz (6.5 GB)
More dns datasets: https://ipsniper.info/archive/dns_data/
Thank you Thank you!
This is exactly what I needed. Is this something you created?
You're welcome, and yes, it's my project.
Do you have any linking to the find the latest file, or just a manual process each time? i.e. http://example.com/rdns-latest -> rdns_03_2023
You might find this interesting: https://blog.apnic.net/2023/03/22/zdns-a-fast-dns-toolkit-for-internet-measurement/