Scribd Logo
Upload

Welcome to Scribd!

  • Category Status Test Name Information

    Uploaded by

    PixelPatriot
    109 views7 pages
    Exhibit D - DNS report with the IP trace of The Internet Archive website on October 7th, 2011 by William Lolli, MCSE President of Tech Assist, Inc. A network consulting company

    Original Title

    DNS Report

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Exhibit D - DNS report with the IP trace of The Internet Archive website on October 7th, 2011 by William Lolli, MCSE President of Tech Assist, Inc. A network consulting company

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    109 views7 pages

    Category Status Test Name Information

    Uploaded by

    PixelPatriot
    Exhibit D - DNS report with the IP trace of The Internet Archive website on October 7th, 2011 by William Lolli, MCSE President of Tech Assist, Inc. A network consulting company

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    of 7

    Toolbox

    http://www.dnsstuff.com/tools/dnsreport/?domain=archive.org

    Your IP Address: 70.167.125.212 Located near: ESCONDIDO, CALIFORNIA (US)

    Hi, William Lolli

    Home

    Toolbox

    Buy Now

    Learn More

    My Account

    Contact Us

    Home Return to tools

    Toolbox Email Results

    DNSreport for archive.org


    Category Status
    PASS

    Test Name
    Missing Direct Parent check

    Information
    OK. Your direct parent zone exists, which is good. Some domains (usually third or fourth level domains, such as example.co.us) do not have a direct parent zone ('co.us' in this example), which is legal but can cause confusion. Your NS records at the parent servers are: ns2.archive.org. [208.70.31.251] [TTL=86400] [US] ord.sns-pb.isc.org. [199.6.0.30] [TTL=86400] [US] ns1.archive.org. [208.70.31.236] [TTL=86400] [US] sfba.sns-pb.isc.org. [149.20.64.3] [TTL=86400] [US] ams.sns-pb.isc.org. [199.6.1.30] [TTL=86400] [US] ns3.archive.org. [149.20.55.5] [TTL=86400] [US] [These were obtained from c0.org.afilias-nst.info] OK. When someone uses DNS to look up your domain, the first step (if it doesn't already know about your domain) is to go to the parent servers. If you aren't listed there, you can't be found. But you are listed there. OK. The parent servers have glue for your nameservers. That means they send out the IP address of your nameservers, as well as their host names. OK. All your DNS servers either have A records at the zone parent servers, or do not need them (if the DNS servers are on other TLDs). A records are required for your hostnames to ensure that other DNS servers can reach your DNS servers. Note that there will be problems if your DNS servers do not have these same A records. Your NS records at your nameservers are: ord.sns-pb.isc.org. ns1.archive.org. [208.70.31.236] [TTL=1800] sfba.sns-pb.isc.org. ns3.archive.org. [149.20.55.5] [TTL=1800] ams.sns-pb.isc.org. ns2.archive.org. [208.70.31.251] [TTL=1800] OK. Your DNS servers do not announce that they are open DNS servers. Although there is a slight chance that they really are open DNS servers, this is very unlikely. Open DNS servers increase the chances that of cache poisoning, can degrade performance of your DNS, and can cause your DNS servers to be used in an attack (so it is good that your DNS servers do not appear to be open DNS servers). OK. The DNS report did not detect any discrepancies between the glue provided by the parent servers and that provided by your authoritative DNS servers. OK. Your nameservers do include corresponding A records when asked for your NS records. This ensures that your DNS servers know the A records corresponding to all your NS records. OK. The NS records at all your nameservers are identical. OK. All of your nameservers listed at the parent nameservers responded. OK. All of the NS records that your nameservers report seem valid (no IPs or partial domain names). OK. You have 6 nameservers. You must have at least 2 nameservers (RFC2182 section 5 recommends at least 3 nameservers), and preferably no more than 7. OK. All the nameservers listed at the parent servers answer authoritatively for your domain. OK. All 6 of your nameservers (as reported by your nameservers) are also listed at the parent servers. OK. All of the nameservers listed at the parent nameservers are also listed as NS records at your nameservers. OK. There are no CNAMEs for archive.org. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present. OK. There are no CNAMEs for your NS records. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present. OK. You have nameservers on different Class C (technically, /24) IP ranges. You must have nameservers at geographically and topologically dispersed locations. RFC2182 3.1 goes into more detail about secondary nameserver location. OK. All of your NS records appear to use public IPs. If there were any private IPs, they would not be reachable, causing DNS delays.

    INFO

    NS records at parent servers

    Parent Parent nameservers have your nameservers listed Glue at parent nameservers DNS servers have A records

    PASS PASS

    PASS

    INFO

    NS records at your nameservers

    PASS

    Open DNS servers

    PASS PASS PASS NS PASS PASS PASS PASS PASS PASS PASS PASS PASS PASS

    Mismatched glue No NS A records at nameservers All nameservers report identical NS records All nameservers respond Nameserver name validity Number of nameservers Lame nameservers Missing (stealth) nameservers Missing nameservers 2 No CNAMEs for domain No NSs with CNAMEs Nameservers on separate class C's All NS IPs public

    1 of 3

    10/10/2011 4:27 PM

    Toolbox

    http://www.dnsstuff.com/tools/dnsreport/?domain=archive.org

    PASS

    TCP Allowed

    OK. All your DNS servers allow TCP connections. Although rarely used, TCP connections are occasionally used instead of UDP connections. When firewalls block the TCP DNS connections, it can cause hard-to-diagnose problems. Your nameservers have the following versions: 208.70.31.251: "9.7.0-P1" 199.6.0.30: "9.7.3-P1" 208.70.31.236: "9.7.0-P1" 149.20.64.3: "9.7.3-P1" 199.6.1.30: "9.7.3-P1" 149.20.55.5: "9.5.1-P2.1" Your DNS servers do not leak any stealth NS records (if any) in non-NS requests. Your SOA record [TTL=1800] is: Primary nameserver: ns1.archive.org. Hostmaster E-mail address: hostmaster.archive.org. Serial #: 2011100601 Refresh: 600 Retry: 300 Expire: 600 Default TTL: 600 OK. All your nameservers agree that your SOA serial number is 2011100601. That means that all your nameservers are using the same data (unless you have different sets of data with the same serial number, which would be very bad)! Note that the DNSreport only checks the NS records listed at the parent servers (not any stealth servers). OK. Your SOA (Start of Authority) record states that your master (primary) name server is: ns1.archive.org.. That server is listed at the parent servers, which is correct. OK. Your SOA (Start of Authority) record states that your DNS contact E-mail address is: hostmaster@archive.org. (techie note: we have changed the initial '.' to an '@' for display purposes). OK. Your SOA serial number is: 2011100601. This appears to be in the recommended format of YYYYMMDDnn, where 'nn' is the revision. So this indicates that your DNS was last updated on 06 Oct 2011 (and was revision #1). This number must be incremented every time you make a DNS change. WARNING: Your SOA REFRESH interval is : 600 seconds. This seems low. You should consider increasing this value to about 3600-7200 seconds. RFC1912 2.2 recommends a value between 1200 to 43200 seconds (20 minutes to 12 hours). A value that is too low will unncessarily increase Internet traffic. OK. Your SOA RETRY interval is : 300 seconds. This seems normal (about 120-7200 seconds is good). The retry value is the amount of time your secondary/slave nameservers will wait to contact the master nameserver again if the last attempt failed. WARNING: Your SOA EXPIRE time is : 600 seconds. This seems very low. You should consider increasing this value to about 1209600 to 2419200 seconds (2 to 4 weeks). RFC1912 suggests 2-4 weeks. This is how long a secondary/slave nameserver will wait before considering its DNS data stale if it can't reach the primary nameserver. WARNING: Your SOA MINIMUM TTL is : 600 seconds. This seems low (unless you are just about to update your DNS). You should consider increasing this value to somewhere between 3600 and 10800. RFC2308 suggests a value of 1-3 hours. This value used to determine the default (technically, minimum) TTL (time-to-live) for DNS entries, but now is used for negative caching. Your 1 MX record is:

    INFO

    Nameservers versions

    PASS

    Stealth NS record leakage

    INFO

    SOA record

    PASS

    NS agreement on SOA Serial #

    PASS

    SOA MNAME Check

    SOA

    PASS

    SOA RNAME Check

    PASS

    SOA Serial Number

    WARN

    SOA REFRESH value

    PASS

    SOA RETRY value

    FAIL

    SOA EXPIRE value

    WARN

    SOA MINIMUM TTL value

    INFO

    MX Record

    100 mail.archive.org. [TTL=1800] IP=207.241.224.6 [TTL=1800] [US] OK. Our local DNS server that uses a low port number can get your MX record. Some DNS servers are behind firewalls that block low port numbers. This does not guarantee that your DNS server does not block low ports (this specific lookup must be cached), but is a good indication that it does not. OK. All of your MX records appear to use valid hostnames, without any invalid characters. OK. All of your MX records appear to use public IPs. If there were any private IPs, they would not be reachable, causing slight mail delays, extra resource usage, and possibly bounced mail. OK. Looking up your MX record did not just return a CNAME. If an MX record query returns a CNAME, extra processing is required, and some mail servers may not be able to handle it. OK. There appear to be no CNAMEs returned for A records lookups from your MX records (CNAMEs are prohibited in MX records, according to RFC974, RFC1034 3.6.2, RFC1912 2.4, and RFC2181 10.3). OK. All of your MX records are host names (as opposed to IP addresses, which are not allowed in MX records). NOTE: You only have 1 MX record. If your primary mail server is down or unreachable, there is a chance that mail may have troubles reaching you. In the past, mailservers would usually re-try E-mail for up to 48 hours. But many now only re-try for a couple of hours. If your primary mailserver is very reliable (or can be fixed quickly if it goes down), having just one mailserver may be acceptable. OK. I did not detect differing IPs for your MX records (this would happen if your DNS servers return different IPs than the DNS servers that are authoritative for the hostname in your MX records). OK. You do not have any duplicate MX records (pointing to the same IP). Although technically valid, duplicate MX records can cause a lot of confusion, and waste resources. OK. The IPs of all of your mail server(s) have reverse DNS (PTR) entries. RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry. Note that this information is cached, so if you changed it recently, it will not be reflected here (see the 'Reverse DNS Tool' for the current data). The reverse DNS entries are: 6.224.241.207.in-addr.arpa mail.us.archive.org. [TTL=1800]

    PASS PASS PASS PASS PASS MX PASS INFO

    Low port test Invalid characters All MX IPs public MX records are not CNAMEs MX A lookups have no CNAMEs MX is host name, not IP Multiple MX records

    PASS PASS

    Differing MX-A records Duplicate MX records

    PASS

    Reverse DNS entries for MX records

    PASS Mail PASS

    Connect to mail servers Mail server host name in greeting

    OK: I was able to connect to all of your mailservers. OK: All of your mailservers have their host name in the greeting: mail.archive.org:<br /> 220 mail.archive.org ESMTP

    2 of 3

    10/10/2011 4:27 PM

    Toolbox

    http://www.dnsstuff.com/tools/dnsreport/?domain=archive.org

    Postfix (Debian/GNU) <br /> PASS PASS PASS PASS Acceptance of NULL <> sender Acceptance of postmaster address Acceptance of abuse address Acceptance of domain literals OK: All of your mailservers accept mail from "<>". You are required (RFC1123 5.2.9) to receive this type of mail (which includes reject/bounce messages and return receipts). OK: All of your mailservers accept mail to postmaster@archive.org (as required by RFC822 6.3, RFC1123 5.2.7, and RFC2821 4.5.1). OK: All of your mailservers accept mail to abuse@archive.org. OK: All of your mailservers accept mail in the domain literal format (user@[207.241.224.6]). OK: All of your mailservers appear to be closed to relaying. This is not a thorough check, you can get a thorough one here. PASS Open relay test mail.archive.org OK: 554 5.7.1 <Not.abuse.see.www.DNSreport.com.from.IP.75.125.82.136@DNSre Relay access denied <br /> Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the target date for domains to have SPF records in place (Hotmail, for example, started checking SPF records on 01 Oct 2004). Your www.archive.org A record is: INFO WWW Record www.archive.org. A 207.241.224.2 [TTL=3600] [US] PASS WWW PASS CNAME Lookup OK. Some domains have a CNAME record for their WWW server that requires an extra DNS lookup, which slightly delays the initial access to the website and use extra bandwidth. There are no CNAMEs for www.archive.org, which is good. Your archive.org A record is: INFO Domain A Lookup archive.org. A 207.241.224.2 [TTL=3600] All WWW IPs public OK. All of your WWW IPs appear to be public IPs. If there were any private IPs, they would not be reachable, causing problems reaching your web site.

    WARN

    SPF record

    Legend: Rows with a FAIL indicate a problem that in most cases really should be fixed. Rows with a WARN indicate a possible minor problem, which often is not worth pursuing. Note that all information is accessed in real-time (except where noted), so this is the freshest information about your domain. Note that automated usage is not tolerated without the purchase of an Automated Usage plan; please only view the DNS report directly with your web browser.

    ABOUT US CONTACT SITE MAP TRADEMARKS PRIVACY POLICY TERMS OF USE DNSstuff.com | 20 - 40 Holland Street | Suite 406 B | Somerville, MA 02144 | +1.866.751.4124 Technical Support Hours: Monday - Friday | 9 AM - 6 PM EST Copyright 2003-2011 SolarWinds. All Rights Reserved

    3 of 3

    10/10/2011 4:27 PM

    NeoTrace Trace Version 3.25 Results Target: liveweb.archive.org Date: 10/10/2011 (Monday), 4:23:13 PM Nodes: 10
    Node Data Node Net Reg IP Address 10 1 Location Node Name wwwb-front0.us.archive.org

    1 207.241.226.201 San Francisco

    Packet Data Node High Low 10 33 22

    Avg 25

    Tot 149

    Lost 0

    Network Data Network id#: 1 Query terms are ambiguous. n 207.241.226.201 Use ? to get help. The query is assumed to be:

    The following results may also be obtained via: http://whois.arin.net/rest/nets;q=207.241.226.201?showDetails=true&showARIN=false&ext=netref2

    NetRange: CIDR: OriginAS: NetName: NetHandle: Parent: NetType: RegDate: Updated: Ref: OrgName: OrgId: Address: Address: City: StateProv: PostalCode: Country: RegDate: Updated: Ref: OrgTechHandle: OrgTechName: OrgTechPhone: OrgTechEmail: OrgTechRef: OrgAbuseHandle: OrgAbuseName: OrgAbusePhone: OrgAbuseEmail: OrgAbuseRef:

    207.241.224.0 - 207.241.239.255 207.241.224.0/20 INTERNET-ARCHIVE-1 NET-207-241-224-0-1 NET-207-0-0-0-0 Direct Assignment 2004-05-20 2004-05-20 http://whois.arin.net/rest/net/NET-207-241-224-0-1 Internet Archive INTERN-95 The Presidio of San Francisco 116 Sheridan Ave. San Francisco CA 94129 US 1997-02-20 2011-09-24 http://whois.arin.net/rest/org/INTERN-95 JSH75-ARIN Shankland, James +1-415-561-6767 jim@archive.org http://whois.arin.net/rest/poc/JSH75-ARIN JSH75-ARIN Shankland, James +1-415-561-6767 jim@archive.org http://whois.arin.net/rest/poc/JSH75-ARIN

    ARIN WHOIS data and services are subject to the Terms of Use available at: https://www.arin.net/whois_tou.html Registrant Data Registrant id#: 1 NOTICE AND TERMS OF USE: You are not authorized to access or query our WHOIS Page 1 Mon Oct 10 16:23:13 2011

    database through the use of high-volume, automated, electronic processes. The Data in Network Solutions' WHOIS database is provided by Network Solutions for information purposes only, and to assist persons in obtaining information about or related to a domain name registration record. Network Solutions does not guarantee its accuracy. By submitting a WHOIS query, you agree to abide by the following terms of use: You agree that you may use this Data only for lawful purposes and that under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail, telephone, or facsimile; or (2) enable high volume, automated, electronic processes that apply to Network Solutions (or its computer systems). The compilation, repackaging, dissemination or other use of this Data is expressly prohibited without the prior written consent of Network Solutions. You agree not to use high-volume, automated, electronic processes to access or query the WHOIS database. Network Solutions reserves the right to terminate your access to the WHOIS database in its sole discretion, including without limitation, for excessive querying of the WHOIS database or for failure to otherwise abide by this policy. Network Solutions reserves the right to modify these terms at any time. Get a FREE domain name registration, transfer, or renewal with any annual hosting package. http://www.networksolutions.com Visit AboutUs.org for more information about ARCHIVE.ORG <a href= http://www.aboutus.org/ARCHIVE.ORG >AboutUs: ARCHIVE.ORG </a>

    Registrant: Internet Archive 300 Funston Avenue San Francisco, CA 94118 US Domain Name: ARCHIVE.ORG -----------------------------------------------------------------------Promote your business to millions of viewers for only 1 a month Learn how you can get an Enhanced Business Listing here for your domain name. Learn more at http://www.NetworkSolutions.com/ -----------------------------------------------------------------------Administrative Contact, Technical Contact: Archive, Internet info@archive.org 300 Funston Avenue San Francisco, CA 94118 US 415.561.6767

    Record expires on 15-Dec-2016. Record created on 24-Sep-2002. Database last updated on 10-Oct-2011 19:08:33 EDT. Domain servers in listed order: NS1.ARCHIVE.ORG ORD.SNS-PB.ISC.ORG AMS.SNS-PB.ISC.ORG SFBA.SNS-PB.ISC.ORG NS3.ARCHIVE.ORG NeoTrace Copyright 1997-2001 NeoWorx Inc 208.70.31.236 199.6.0.30 199.6.1.30 149.20.64.3 149.20.55.5

    Page 2

    Mon Oct 10 16:23:13 2011

    NeoTrace Trace Version 3.25 Results Target: wayback.archive.org Date: 10/10/2011 (Monday), 4:24:19 PM Nodes: 10
    Node Data Node Net Reg IP Address 10 1 Location Node Name wwwb-front0.us.archive.org

    1 207.241.226.201 San Francisco

    Packet Data Node High Low 10 36 22

    Avg 24

    Tot 113

    Lost 0

    Network Data Network id#: 1 Query terms are ambiguous. n 207.241.226.201 Use ? to get help. The query is assumed to be:

    The following results may also be obtained via: http://whois.arin.net/rest/nets;q=207.241.226.201?showDetails=true&showARIN=false&ext=netref2

    NetRange: CIDR: OriginAS: NetName: NetHandle: Parent: NetType: RegDate: Updated: Ref: OrgName: OrgId: Address: Address: City: StateProv: PostalCode: Country: RegDate: Updated: Ref: OrgTechHandle: OrgTechName: OrgTechPhone: OrgTechEmail: OrgTechRef: OrgAbuseHandle: OrgAbuseName: OrgAbusePhone: OrgAbuseEmail: OrgAbuseRef:

    207.241.224.0 - 207.241.239.255 207.241.224.0/20 INTERNET-ARCHIVE-1 NET-207-241-224-0-1 NET-207-0-0-0-0 Direct Assignment 2004-05-20 2004-05-20 http://whois.arin.net/rest/net/NET-207-241-224-0-1 Internet Archive INTERN-95 The Presidio of San Francisco 116 Sheridan Ave. San Francisco CA 94129 US 1997-02-20 2011-09-24 http://whois.arin.net/rest/org/INTERN-95 JSH75-ARIN Shankland, James +1-415-561-6767 jim@archive.org http://whois.arin.net/rest/poc/JSH75-ARIN JSH75-ARIN Shankland, James +1-415-561-6767 jim@archive.org http://whois.arin.net/rest/poc/JSH75-ARIN

    ARIN WHOIS data and services are subject to the Terms of Use available at: https://www.arin.net/whois_tou.html Registrant Data Registrant id#: 1 NOTICE AND TERMS OF USE: You are not authorized to access or query our WHOIS Page 1 Mon Oct 10 16:24:19 2011

    database through the use of high-volume, automated, electronic processes. The Data in Network Solutions' WHOIS database is provided by Network Solutions for information purposes only, and to assist persons in obtaining information about or related to a domain name registration record. Network Solutions does not guarantee its accuracy. By submitting a WHOIS query, you agree to abide by the following terms of use: You agree that you may use this Data only for lawful purposes and that under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail, telephone, or facsimile; or (2) enable high volume, automated, electronic processes that apply to Network Solutions (or its computer systems). The compilation, repackaging, dissemination or other use of this Data is expressly prohibited without the prior written consent of Network Solutions. You agree not to use high-volume, automated, electronic processes to access or query the WHOIS database. Network Solutions reserves the right to terminate your access to the WHOIS database in its sole discretion, including without limitation, for excessive querying of the WHOIS database or for failure to otherwise abide by this policy. Network Solutions reserves the right to modify these terms at any time. Get a FREE domain name registration, transfer, or renewal with any annual hosting package. http://www.networksolutions.com Visit AboutUs.org for more information about ARCHIVE.ORG <a href= http://www.aboutus.org/ARCHIVE.ORG >AboutUs: ARCHIVE.ORG </a>

    Registrant: Internet Archive 300 Funston Avenue San Francisco, CA 94118 US Domain Name: ARCHIVE.ORG -----------------------------------------------------------------------Promote your business to millions of viewers for only 1 a month Learn how you can get an Enhanced Business Listing here for your domain name. Learn more at http://www.NetworkSolutions.com/ -----------------------------------------------------------------------Administrative Contact, Technical Contact: Archive, Internet info@archive.org 300 Funston Avenue San Francisco, CA 94118 US 415.561.6767

    Record expires on 15-Dec-2016. Record created on 24-Sep-2002. Database last updated on 10-Oct-2011 19:08:33 EDT. Domain servers in listed order: NS1.ARCHIVE.ORG ORD.SNS-PB.ISC.ORG AMS.SNS-PB.ISC.ORG SFBA.SNS-PB.ISC.ORG NS3.ARCHIVE.ORG NeoTrace Copyright 1997-2001 NeoWorx Inc 208.70.31.236 199.6.0.30 199.6.1.30 149.20.64.3 149.20.55.5

    Page 2

    Mon Oct 10 16:24:19 2011

    You might also like