💾 Archived View for jean.ribes.ovh › instant-subdomains captured on 2022-04-28 at 17:25:04. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2022-03-01)

➡️ Next capture (2022-06-11)

-=-=-=-=-=-=-

Do you know the tool https://nip.io/, or the defunct xip.io?

Those tools allow you to use a wildcard domain for any IP, notably local and private ones. They work by including the wanted IP destination in the domain, like a.subdomain.192.168.1.2.nip.io, which points to 192.168.1.2!

This can come in handy when you want to use a reverse proxy on your local machine.

So yeah, I made my own.

You see, nip.io is very nice, but it's not exactly a profitable business even though it probably doesn't cost very much.

Furthermore, having such a service across Internet introduces an issue: DNS Rebinding protection. An attacker gaining access to a domain could modify it to point to a local address, potentially sending traffic to an unwanted destination.

Anyway this protection is often enabled on network equipments, it isn't always possible to disable it, and even works if you use alternative DNS server, like Cloudflare's 1.1.1.1 or Google's 8.8.8.8!

So, running this DNS software on you workstation is a plausible use-case.

Introducing - my software

Available at https://github.com/JeanRibes/dns-go, it's a simple implementation that relies on miekg/dns [1]

You can configure the address it listens on, and it doesn't depend on a preconfigured domain.

[1] miekg/dns

Setup

If you want to run that server on your domain, I don't recommend using it as your primary server. You should use it as a delegated subdomain.

For that, just setup an NS record

subdomain   IN   NS   <that server's ip>

Features

time over dns

the server will respond to TXT and A records on time.some.subdomain.domain.tld (has to begin with time)

Zone file

create a file zone.db in the workding directory. On startup, the file will be read, and upon sucessful parsing,

will echo back on the command-line.

You can reload the zone with a lookup on reload-zone.your.subdomain.your.domain.tld

$ORIGIN example.com.     ; designates the start of this zone file in the namespace
$TTL 3600                ; default expiration time (in seconds) of all RRs without their own TTL value
@	IN	SOA	localhost. root.localhost. (
			      1		; Serial
			 604800		; Refresh
			  86400		; Retry
			2419200		; Expire
			  86400 )	; Negative Cache TTL
;
@	IN	NS	localhost.
example.com.  IN  SOA   ns.example.com. username.example.com. ( 2020091025 7200 3600 1209600 3600 )
example.com.  IN  NS    ns                    ; ns.example.com is a nameserver for example.com
example.com.  IN  NS    ns.somewhere.example. ; ns.somewhere.example is a backup nameserver for example.com
example.com.  IN  MX    10 mail.example.com.  ; mail.example.com is the mailserver for example.com
@             IN  MX    20 mail2.example.com. ; equivalent to above line, "@" represents zone origin
@             IN  MX    50 mail3              ; equivalent to above line, but using a relative host name
example.com.  IN  A     192.0.2.1             ; IPv4 address for example.com
             IN  AAAA  2001:db8:10::1        ; IPv6 address for example.com
ns            IN  A     192.0.2.2             ; IPv4 address for ns.example.com
             IN  AAAA  2001:db8:10::2        ; IPv6 address for ns.example.com
www           IN  CNAME example.com.          ; www.example.com is an alias for example.com
wwwtest       IN  CNAME www                   ; wwwtest.example.com is another alias for www.example.com
mail          IN  A     192.0.2.3             ; IPv4 address for mail.example.com
mail2         IN  A     192.0.2.4             ; IPv4 address for mail2.example.com
mail3         IN  A     192.0.2.5             ; IPv4 address for mail3.example.com