This is based on a question asked in the book "Computer Networking: Principles, Protocols and Practice" by Olivier Bonaventure. I've read the man pages of both dig and curl on my Linux terminal, but I can't seem to understand how it will help in finding out the physical host of a given website. Do we use both statements separately? Or do we pipe them into one statement?
Asked
Active
Viewed 140 times
1 Answers
0
I'm pretty sure what is meant here is finding out what IP is being used.
You would use dig to get the A record:
~ → dig www.info.ucl.ac.be
; <<>> DiG 9.10.6 <<>> www.info.ucl.ac.be
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58340
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.info.ucl.ac.be. IN A
;; ANSWER SECTION:
www.info.ucl.ac.be. 7200 IN A 130.104.228.160
;; Query time: 459 msec
;; SERVER: 2001:558:feed::1#53(2001:558:feed::1)
;; WHEN: Wed Oct 06 12:27:23 PDT 2021
;; MSG SIZE rcvd: 63
That would give you the physical host of: 130.104.228.160
You can do the same with curl:
~ → curl -svo /dev/null https://www.info.ucl.ac.be
* Trying 130.104.228.160...
* TCP_NODELAY set
* Connected to www.info.ucl.ac.be (130.104.228.160) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [232 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [108 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [6286 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [300 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [37 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
{ [1 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=BE; postalCode=1348; ST=Brabant wallon; L=Louvain-la-Neuve; street=Place de l'Universit�, 1; O=Universit� catholique de Louvain; OU=INGI; CN=www.info.ucl.ac.be
* start date: Jul 13 00:00:00 2020 GMT
* expire date: Jul 13 23:59:59 2022 GMT
* subjectAltName: host "www.info.ucl.ac.be" matched cert's "www.info.ucl.ac.be"
* issuer: C=NL; O=GEANT Vereniging; CN=GEANT OV RSA CA 4
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: www.info.ucl.ac.be
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 302 Found
< Date: Wed, 06 Oct 2021 19:27:40 GMT
< Server: Apache/2.4.37 (centos) OpenSSL/1.1.1g
< X-Powered-By: PHP/7.2.24
< Location: http://www.uclouvain.be/ingi.html
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
<
* Connection #0 to host www.info.ucl.ac.be left intact
* Closing connection 0
Pay special attention to the the output:
Connected to www. info. ucl. ac. be (130.104.228.160) port 443 (#0)
Elizabeth
- 87
- 5