V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
ZYong
V2EX  ›  DNS

dig 同一个域名的 txt 记录,结果不一样,这种现象正常吗

  •  
  •   ZYong · 84 天前 · 1751 次点击
    这是一个创建于 84 天前的主题,其中的信息可能已经有所发展或是发生改变。

    1 使用 114 的结果 dig -t txt github.com @114.114.114.114 ;; Truncated, retrying in TCP mode.

    ; <<>> DiG 9.16.23-RH <<>> -t txt github.com @114.114.114.114 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27471 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;github.com. IN TXT

    ;; ANSWER SECTION: github.com. 3600 IN TXT "google-site-verification=82Le34Flgtd15ojYhHlGF_6g72muSjamlMVThBOJpks" github.com. 3600 IN TXT "facebook-domain-verification=39xu4jzl7roi7x0n93ldkxjiaarx50" github.com. 3600 IN TXT "miro-verification=d2e174fdb00c71e0bcf58f8e58c3da2dd80dcfa9" github.com. 3600 IN TXT "adobe-idp-site-verification=b92c9e999aef825edc36e0a3d847d2dbad5b2fc0e05c79ddd7a16139b48ecf4b" github.com. 3600 IN TXT "atlassian-domain-verification=jjgw98AKv2aeoYFxiL/VFaoyPkn3undEssTRuMg6C/3Fp/iqhkV4HVV7WjYlVeF8"

    ;; Query time: 908 msec ;; SERVER: 114.114.114.114#53(114.114.114.114) ;; WHEN: Wed Aug 28 04:16:58 CST 2024 ;; MSG SIZE rcvd: 475

    2 使用 1.1.1.1 的结果 dig -t txt github.com @1.1.1.1 ;; Warning: Message parser reports malformed message packet.

    ; <<>> DiG 9.16.23-RH <<>> -t txt github.com @1.1.1.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25176 ;; flags: qr rd ra; QUERY: 1, ANSWER: 17, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: Message has 326 extra bytes at end

    ;; QUESTION SECTION: ;github.com. IN TXT

    ;; ANSWER SECTION: github.com. 2688 IN TXT "MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805" github.com. 2688 IN TXT "MS=ms44452932" github.com. 2688 IN TXT "MS=ms58704441" github.com. 2688 IN TXT "adobe-idp-site-verification=b92c9e999aef825edc36e0a3d847d2dbad5b2fc0e05c79ddd7a16139b48ecf4b" github.com. 2688 IN TXT "apple-domain-verification=RyQhdzTl6Z6x8ZP4" github.com. 2688 IN TXT "atlassian-domain-verification=jjgw98AKv2aeoYFxiL/VFaoyPkn3undEssTRuMg6C/3Fp/iqhkV4HVV7WjYlVeF8" github.com. 2688 IN TXT "beautifulai-site-verification=e478d764-9335-4af3-ac7a-2d5ab61b59aa" github.com. 2688 IN TXT "calendly-site-verification=at0DQARi7IZvJtXQAWhMqpmIzpvoBNF7aam5VKKxP" github.com. 2688 IN TXT "docusign=087098e3-3d46-47b7-9b4e-8a23028154cd" github.com. 2688 IN TXT "facebook-domain-verification=39xu4jzl7roi7x0n93ldkxjiaarx50" github.com. 2688 IN TXT "google-site-verification=82Le34Flgtd15ojYhHlGF_6g72muSjamlMVThBOJpks" github.com. 2688 IN TXT "google-site-verification=UTM-3akMgubp6tQtgEuAkYNYLyYAvpTnnSrDMWoDR3o" github.com. 2688 IN TXT "krisp-domain-verification=ZlyiK7XLhnaoUQb2hpak1PLY7dFkl1WE" github.com. 2688 IN TXT "loom-site-verification=f3787154f1154b7880e720a511ea664d" github.com. 2688 IN TXT "miro-verification=d2e174fdb00c71e0bcf58f8e58c3da2dd80dcfa9" github.com. 2688 IN TXT "stripe-verification=f88ef17321660a01bab1660454192e014defa29ba7b8de9633c69d6b4912217f"

    ;; Query time: 4 msec ;; SERVER: 1.1.1.1#53(1.1.1.1) ;; WHEN: Wed Aug 28 04:17:17 CST 2024 ;; MSG SIZE rcvd: 1500

    3 使用 223.5.5.5 的结果 dig -t txt github.com @223.5.5.5

    ; <<>> DiG 9.16.23-RH <<>> -t txt github.com @223.5.5.5 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 37986 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1408 ;; QUESTION SECTION: ;github.com. IN TXT

    ;; Query time: 3004 msec ;; SERVER: 223.5.5.5#53(223.5.5.5) ;; WHEN: Wed Aug 28 04:17:38 CST 2024 ;; MSG SIZE rcvd: 39

    3 条回复    2024-08-29 01:11:37 +08:00
    xiaket
        1
    xiaket  
       84 天前
    `dig +trace -t txt github.com` 拿权威结果, 各级 DNS 的行为不权威而且不可控.
    totoro625
        2
    totoro625  
       84 天前
    参考 /t/1061846
    记得有一种攻击方式就是频繁查询 txt 记录进行放大攻击 DNS 服务器
    zyyongsfi2
        3
    zyyongsfi2  
       83 天前
    @xiaket 如果缺失 TXT 记录算 DNS 污染吗? 为发现阿里和 114 都有缺失的情况,google 和 CF 都正常,和权威的一样
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   5220 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 26ms · UTC 09:26 · PVG 17:26 · LAX 01:26 · JFK 04:26
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.