Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Identify Clients DNS Settings

Posted on 2014-03-28
17
Medium Priority
?
213 Views
Last Modified: 2014-04-05
Hi,

I need to be able to identify that a visitor, visiting my site is using the correct DNS Settings.  Is there any method / script to confirm this.

Thx
Nev
0
Comment
Question by:collinsn
  • 7
  • 6
  • 2
  • +1
17 Comments
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 39961316
How do you define "correct?"  What would be some examples of correct vs. incorrect?
0
 
LVL 1

Author Comment

by:collinsn
ID: 39961341
We have clients that I need to validate if their Primary and Secondary DNS settings are set to ours, rather than google, e.g. 8.8.8.8 or 8.8.4.4
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 39961355
I think the best way is with firewall configuration.  This will not "validate", but it will enforce compliance.  Essentially, create a firewall rule that allows access to port 53 UDP/TCP to accepted dns servers and restrict all others.  

Depending on the firewall, you may even be able to distinguish between guests and authenticated users.  

One caveat, make sure DHCP is setup with the correct DNS settings.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 111

Expert Comment

by:Ray Paseur
ID: 39961401
Agree with rfportilla.  Why simply validate if what you really want is enforcement?
0
 
LVL 1

Author Comment

by:collinsn
ID: 39961589
Hi, this is not what I'm looking for.

Let me ask the question a different way.  How can I see what DNS a client is using when visiting my WebSite?
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 39961612
I see, web site, not physical location.

You can't.  It's like trying to figure out where someone looked up your phone number without specifically asking them.
0
 
LVL 1

Author Comment

by:collinsn
ID: 39961618
I know you can get their IP through PHP, so was hoping I could get all the details.
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 39961616
DNS is like a public phone book.  The browser only checks it for the IP address and then makes the request directly to the IP.  There is no protocol support (or requirement) to transmit the DNS server info.
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 39961623
If there is a specific problem related to this, maybe you should post that instead.  If you are concerned with DNS pointing to the wrong place, you can shorten the TTL of the DNS records so that clients are pulling stale records.
0
 
LVL 1

Author Comment

by:collinsn
ID: 39961764
I understand DNS and IP Tables Firewall, I was just hoping to find a way of confirming a user on our site has the correct DNS entries configured when using the SmartDNS services I'm providing...
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39962430
SmartDNS services I'm providing
Are these 'public' DNS services like Google's?  Most people get DNS thru their ISP (and don't know where they are getting it either!).  I can't see that they could use your service (unless it is public) or that there is any way for you to check what they're using.
0
 
LVL 1

Author Comment

by:collinsn
ID: 39963465
Yes, my DNS servers are public using ACL list based on IP Address to control access. I'm just looking for a way to show the user that their DNS is correctly setup to use our DNS Service.

Thx
Nev
0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 500 total points
ID: 39964005
Let me ask it a different way.  Why, other than you wanting them to, why would they want to use your service or even know about it?  Most 'regular' non-technical users don't even know that there is a DNS service.
0
 
LVL 9

Assisted Solution

by:rfportilla
rfportilla earned 500 total points
ID: 39966505
Without having something run on the client computer, there is no way to do this.  You can only verify that they got to the correct location (because they were able to resolve the name to the proper IP and get to your Web site).  You can't see how they resolved it (DNS, hosts file, etc.) and the browser does not provide this information.  

Moreover, the way DNS works is that as long as the first DNS server responds (bad or good), it does not go to a second.  DNS does not fail to a 2nd DNS unless it is down.  This means that you are completely on the hook for all DNS requests.  If your DNS becomes overloaded or has connection issues, you could be responsible for your customers not being able to access the Internet.
0
 
LVL 1

Accepted Solution

by:
collinsn earned 0 total points
ID: 39967433
I have worked out a way to do what I need by some clever PHP Scripting and a spare IP on the server link to a subdomain.

Unfortunately, none of the comments helped and I've had to pay a resource on freelancer to do this for me.

Nev
0
 
LVL 9

Expert Comment

by:rfportilla
ID: 39967445
I'm sorry we couldn't be more help.  Would you mind sharing the method by which you are doing this?
0
 
LVL 1

Author Closing Comment

by:collinsn
ID: 39979862
Unfortunately, did not get the answer needed,
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question