A flexible, easy-to-use tool used by system
administrators for interrogating DNS
name servers and interpreting their replies. This tool performs DNS lookups and
then displays the answers returned from the name servers that were queried.
Crackers like to run the Dig command to query the BIND DNS server, in particular, to determine what servers
from the Internet Software Consortium are vulnerable.
Here is what a system administrator would type: dig @server type.
Here, Â“serverÂ” is the name or IP
address of the server to queryÂ—an IPv4
or an IPv6 address. When the server argument is a hostname, the
Domain Internet Groper (Dig) resolves that name first and then queries the name
server. If no server argument
is given, the Domain Internet Groper goes to /etc/resolv.conf and queries the listed name servers.
The response from the name server that reacts is displayed. Â“NameÂ” is the name
of the resource record to be looked up, and Â“typeÂ” indicates what kind of query
See Also: BIND
(Berkeley Internet Name Daemon); Domain Name System (DNS); Internet Protocol
Version 4 (IPv4) and Internet Protocol Version 6 (IPv6); Server.
Graham, R. Hacking Lexicon. [Online, 2001.] Robert Graham Website.
.com. Dig. [Online, June 30, 2000.]