Pluf Simple Hostname Scanner

While reading the second edition of Hacking Linux Exposed, I learned of a simple yet useful tool called Pluf Simple Hostname Scanner, or plushs. I downloaded version 1.2 and installed it without problems on FreeBSD 5.0 REL. You can use plushs to rapidly find PTR records for specified IP ranges. This example returns all PTR records from IPs in the 195.5.3.0/24 block.

hawke# plushs 195.5.3.0-255

[a] 195-0
[b] 5-0
[c] 3-0
195.5.3.1 ==> dns1.sf.ukrtel.net
195.5.3.5 ==> dev.sf.ukrtel.net
195.5.3.7 ==> kep.sf.ukrtel.net
195.5.3.9 ==> cit.sf.ukrtel.net
195.5.3.10 ==> oplot.sf.ukrtel.net
195.5.3.13 ==> mailer.sf.ukrtel.net
195.5.3.65 ==> router.ylt.sf.ukrtel.net
195.5.3.66 ==> ns.ylt.sf.ukrtel.net
195.5.3.67 ==> name67.ylt.sf.ukrtel.net
...edited for brevity...
195.5.3.187 ==> westcrimea.net
195.5.3.190 ==> evpatoria.com.ua
195.5.3.201 ==> kmk.oaokmk.com

========| Network Statistics |====================

Ip range to scan 195.5.3.0-255

Successfull: [ 34.0%]
Unsuccessfull: [ 66.0%]
Timeouts: [ 0.0%]

=-----------------------------------------------=

Total ips to check: 256
Successfull checks: 87
Unsuccessfull checks: 169
Timeouts: 0
Aliases found: 0
Successfull searchs: 0

=-----------------------------------------------=

String format:
Timeout set to: 9 seconds
Wait second set to: 0 seconds

I was also introduced to dnstrace and dnstracesort, part of the djbdns package.

Comments

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics