Is it possible to setup a dns server containing all internet A records?

Assume I have unlimited funds and hardware resources.

Is it possible to somehow setup a dns server to end up with a copy of all A Records as the root dns servers do?

Not saying i'd like to setup a root server, just would like full records locally on a one time basis, not worried about continually updating them either..
LVL 1
bluedragon99Asked:
Who is Participating?
 
woolmilkporcConnect With a Mentor Commented:
NetCraft found over 213 million webservers in August 2010, let alone all those FTP servers, routers, DNS servers and the like.
http://news.netcraft.com/archives/category/web-server-survey/ 
Do you really want to store all those records? For what purpose?
As Razmus pointed out, the root servers don't contain those records.
You would have to scan each and every public DNS, starting at the root servers, store the results, check for duplicates (!) etc. And unless you already know the domain names whose A records you're searching, you need permission to do a zone transfer (or the like, at least the possibility do do an export some way) for each and every DNS you're passing by.
I don't believe that there is an application which could do that, and I don't believe that anybody in the world is going to develop such a thing, because it's really useless, imo.
An approach not really doing what you want is "Passive DNS" - http://technical.bestgrid.org/index.php/Passive_DNS
And you can buy a dataset containing the top million websites (including hostnames it will cost an additional fee) at NetCraft (see above).
wmp
0
 
Rich WeisslerConnect With a Mentor Professional Troublemaker^h^h^h^h^hshooterCommented:
When you say all the A Records, I assume you mean all the Alias records for every address on the Internet.  That isn't what the root dns servers have.  

http://en.wikipedia.org/wiki/Root_nameserver
"The root zone file is a small (about 200 kB) computer file whose publication is the primary purpose of Root nameservers, the servers which constitute the essential backbone of the internet."
<snip>
"The contents of the root zone file is a list of names and numeric IP addresses of the authoritative DNS servers for all top-level domains  (TLDs) such as .com, .org, .edu, or .nz, .fr, .ro. On 12 December 2004, there were 258 TLDs and 773 different authoritative servers for those TLDs listed."

But I've only intermediate expertise in DNS, so it's possible you mean something else when you indicate that you want "all internet A records"?
0
 
ddiazpConnect With a Mentor Commented:
Not possible unless you write a script that will query every domain that exists for every possible record since zone transfers are denied mostly everywhere.

your script would be something like

a.a.com
b.a.com
c.a.com
...
...
...
zzzzzzzzzzzzzzzzzzzzzzzzzz.zzzzzzzzzzzzzzzzzzzzzz.com
...
...
etc

such list doesn't even exist and this would take years to finish.. considering all the root zones.. new domains creating every second,...
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
bluedragon99Author Commented:
verisign offers this service...
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
All three experts would appear to agree on an answer the questioner did not wish to hear.  Please provide more information on the Verisign offering which meets the original question requirements.
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
I asked for more information, and simply pointed out that the root servers don't contain the records the questioner assumed it did.  The other two experts provided potential answers to the most logical alternate question, giving the downsides to each.  Hence, I recommend accepting two answers, and splitting the points equally between the other two experts:
http:#33499048 and http:#33689071
0
 
modus_in_rebusCommented:
bluedragon99,

Since you haven't responded here, I assume you're no longer interested in what happens with this question.

Since you haven't clarified the VeriSign offer, there's no way for me to know whether that indeed solves the issue you explained in this question, so I'll have to go with the experts' advice, and accept their suggestions as the solution.

modus_in_rebus
Community Support Moderator
0
All Courses

From novice to tech pro — start learning today.