Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

DNS Wildcards

Posted on 2004-10-28
8
Medium Priority
?
262 Views
Last Modified: 2010-05-18
When a IIS server is running with a dns wildcard such as *.xyz.com, is there any way of querying it to see what sites it supports ?

E.g. get a list such as

site1.xyz.com
site3.xyz.com
www.xyz.com

thanks
0
Comment
Question by:plq
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 15

Expert Comment

by:periwinkle
ID: 12447193
Interesting question.

Under linux, I would use the host command, like:

host -l domainname

where domainname is the xyz.com in the above example.  I don't know if there is an equivalent command under Windows?
0
 
LVL 34

Expert Comment

by:Dave_Dietz
ID: 12448432
IIS and DNS are entirely different services.

IIS will handle any traffic it receives on an IP address it is listening on.

DNS determines what traffic gets sent to which IP.

If your DNS server is set to resolve *.xyz.com to 192.168.0.5 then *any* traffic going to *.xyz.com will be handled by IIS if IIS is listening on the address.

If you are meaning something more along the lines of "what Host Headers are configured for a given website?" then you could try something like the following from c:\inetpub\adminscripts:

cscript.exe adsutil.vbs get w3svc/X/serverbindings - where X is the site instance you are wanting to check

Hope this helps

Dave Dietz
0
 
LVL 8

Author Comment

by:plq
ID: 12448852
The reason for asking is security

We have some sites such as

          somecompanysdemo.ourdomain.com

and we don't want anyone else finding them. So its really a question of if we put these sites up can outsiders and hackers tell that they exist ?
0
Simplify Your Workload with One Tool

How do you combat today’s intelligent hacker while managing multiple domains and platforms? By simplifying your workload with one tool. With Lunarpages hosting through Plesk Onyx, you can:

Automate SSL generation and installation with two clicks
Experience total server control

 
LVL 34

Accepted Solution

by:
Dave_Dietz earned 500 total points
ID: 12448930
If you simply have a DNS wildcard set for *.wherever.com and have Host Headers set in IIS for specific names (bob.somewhere.com) there is no way to find them except by trial-and-error.

Dave Dietz
0
 
LVL 8

Author Comment

by:plq
ID: 12449011
Thanks for your help
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 12449312
Hmmm - I'd probably secure the sites via some form of password protection as well - it's just a matter of typing in another URL after visiting one of those sites, and your URL is then listed as a referrer of another site... if they run site stats, and get curious, they'll find your site.  Worse yet, if they make their stats public, so will the search engines.
0
 
LVL 8

Author Comment

by:plq
ID: 12451382
Yes, I looked at using authentication onto the web but just a bit worried that doing that will open up a back door to the server, e.g. through RDP. I know I can secure RDP by user or even by IP but don't have that much expertise in windows security to be confident that every thing else is properly closed off. Having said all that, the app is secured with database authentication anyway so they'd only get as far as the logon.

I think I can get around httpreferrer by adding a header to stop the page going into history ?
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 12466503
RE: avoiding the page going into history - I don't know, to be honest.  The referrer is controlled (I believe) by the browser - it's up to the browser to report the proper page.  You could try, but I wouldn't consider that sufficient control.
0

Featured Post

Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question