We have already mentioned that the first step of penetration testing traditionally begins by collecting information about the target system in order to get to know about the system as much as we can.
So, we have been given a domain name. Let's translate this domain name to an IP address. There are many ways of getting the IP address from the domain name. We will be using the host
command as follows:
ostendali@stefan:~$ host example.com example.com has address 192.168.136.35 example.com has address 192.168.136.36 example.com mail is handled by 10 mail.example.com. ostendali@stefan:~$
Well, we have just performed the host
command and as a result, we have the IP addresses (they are two), the first one is for the web server and the second one is for the mail server.
We can also run the host
command with the -a
option to have more information:
ostendali@stefan:~$ host -a example.com Trying "example.com" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56629...