Nslookup is a program to query Internet domain name servers (DNS).
Type nslookup in the terminal.
- To find name servers that are hosting the target
set type=ns
website(xyz[.]com)
- To see if there is a SPF record missing or misconfigured so that we can spoof someone at the institution
set type=txt
- To see mail servers of the target
set type=mx
- Both SPF (missing or misconfigured) and mail servers can help us to spoof someone.
Notes:
- Name Servers
A name server translates domain names into IP addresses. This makes it possible for a user to access a website by typing in the domain name instead of the website's actual IP address. For example, when you type in "www.microsoft[.]com," the request gets sent to Microsoft's name server which returns the IP address of the Microsoft website.
- Each domain name must have at least two name servers listed when the domain is registered. These name servers are commonly named ns1.servername[.]com and ns2.servername[.]com, where "servername" is the name of the server. The first server listed is the primary server, while the second is used as a backup server if the first server is not responding.
- Name servers are a fundamental part of the Domain Name System (DNS). They allow websites to use domain names instead of IP addresses, which would be much harder to remember. In order to find out what a certain domain name's name servers are, you can use a WHOIS lookup tool.
- SPF record
A Sender Policy Framework (SPF) record is a type of Domain Name System (DNS) record that can help to prevent email address forgery.
-
Spammers can falsify email headers so it looks like they're sending from an email address at your domain. They can pretend to be you, allowing them to phish your users for private account information, or otherwise abuse your reputation. When they hijack an email account, they alter the email header details to show the messages they're sending are coming from the true owner of the account. This can result in the account owner receiving replies and bouncebacks for mail they never sent.
-
Adding an SPF record can help prevent others from spoofing your domain. You can specify which mail servers are permitted to send email on behalf of your domain. Then, when incoming mail servers receive email messages from your domain name, they compare the SPF record to the outgoing mail server information. If the information doesn't match, they identify the email message as unauthorized, and will generally filter it as spam or reject it.
- Mail Server
A mail server (or email server) is a computer system that sends and receives email.
Mail servers send and receive email using standard email protocols. For example, the SMTP protocol sends messages and handles outgoing mail requests. The IMAP and POP3 protocols receive messages and are used to process incoming mail.