Open ghost opened 3 years ago
I get quite a lot as well. I ended up writing my script to go through the list of domains multiple times. If after 10 times it still hasn't got an IP, then chances are its dead. Not very efficient though :(
I'm having same problem and inconsistency between scans as well on my digitalocean VPS.
To debug the issue, I suggest the following:
-o Je
output option and --error-log /tmp/error.log
. This will log all input as well as output failures.grep -E '^Illegal|^Duplicate' /tmp/error.log
should add up exactly to the number of supplied input domains. If they don't, there is a bug in MassDNS.jq '. | select(.error != null)'
on the MassDNS output. This will show all output failures failures (e.g. due to timeouts or when the last packet received has an unacceptable return code). In case you see many TIMEOUT
and MAXRETRIES
errors, you hit network congestion, resolver rate limits or both.In addition, I suggest performing reconnaissance scans for single domains against authoritative nameservers without leveraging third-party resolvers directly like so:
./bin/massdns -r <(./scripts/auth-addrs.sh example.com) --norecurse -o Je --error-log /tmp/error.log /tmp/names.txt
Hey there,
I noticed quite a lot of lost lookups with massdns. In the example below, it roughly misses about 1900 names out of 10k domains.
I am not sure what these false negatives come from though, apologies for not trying to find where the bug is in massdns.
I made a screen recording https://asciinema.org/a/415235 of the reproduction steps below: