Tag Archives: DNS

How can I make full use of my MxToolbox account? Part 4, DNS

This is the fourth in our series of making the most of your MxToolbox account.  Today, we’ll discuss DNS tools that make it easy to see your DNS configuration.

DNS

DNS is the backbone of the internet.  If your DNS is not setup properly, no one will find you dns_exampleonline, send you email or be able to access your online store.  Checking DNS is incredibly important, so MxToolbox has created a number of lookups dedicated to checking your DNS configuration.  All of these are accessible from our SuperTool interface.

  • DNS (Name servers) – Check your DNS name servers for configuration issues.
  • DNS Propagation – Check DNS records across your name servers to verify they are propagating when updated.  DNS Propagation has its own page.
  • A, MX, CNAME, TXT, etc – Check individual record types to ensure they are setup and responding correctly.

If you want to know more about DNS, there are many resources on our blog.

Our next installment in this series will go over Website lookups for HTTP/HTTPS.

How reliable is DNS?

DNS is the backbone of the Internet.  It contains all the information to properly route a customer to your site and begin the transaction, when properly configured.  For example:

  • The A record translates your domain, like mxtoolbox.com, to an IP address of the server.
  • The MX record tells your customers’ email servers what IP address to use when sending email.
  • CNAME records associate one domain name with another domain, which can be used to associate one brand with another.
  • SOA specifies what DNS servers are authoritative for a domain

There are many different record types for different purposes, but the beauty of DNS is that it just works.

Until recently…

In May, hackers added a domain to the St Louis Federal Reserve’s research website and setup a clone of the website that was virtually identical to the existing page.  Using this new page, they grabbed a number of logins from unwitting researchers.

In March, hackers targeted 10000+ GoDaddy customers by adding hidden subdomains.  While at the time of the article only a third of the subdomains had been used, it indicates a new type of attack that leverages Small Businesses and their brands for nefarious purposes.

So, what is this attack?

Think of DNS as a phone book for your online presence.  It contains everything a customer needs to find you: your name, address and telephone number.  What if a criminal could call up the Yellow Pages and change your address without you knowing?  Or, change a digit on your phone number?  You might not even notice at first, but new and existing customers might go to the new location or call the new phone number.

What if the criminal made a store front that looked like yours but instead of providing your quality product, the sold cheap knock offs for the same price?  Your brand would suffer and you might go out of business.

Unfortunately, this costs a lot of money and is pretty easy to spot.  However, with DNS, criminals can hack 10000 domains at a single registrar and go undetected.  This type of attack is becoming more common and everyone from a small business to a large enterprise needs to be aware of the possibility that their DNS is at risk.

Monitor your DNS for Changes

MxToolbox recently launched DNS Zone Protect, a monitoring solution for all your DNS, that gives you immediate warning when any change is made to your DNS.  With DNS Zone Protect, you get instant notification of changes to your domain’s DNS.  This new monitor uses AXFR to monitor your domain’s DNS and compares it to previous DNS configurations.  When a change is made, we flag it and notify you.  You get peace of mind knowing that changes to your DNS are being externally monitored by MxToolbox.

DZPStatus

 

DZPChangeSummary

How do you API – Real Life Examples, Part 2

Here’s another example from our series on API’s of how one customer is using MxToolbox’s API to simplify their day-to-day work.

The Security Team

Imagine a a security incident:

There are dozens of systems affected.  Each system has dozens of logs containing hundreds of entries for both good traffic and bad traffic.  And you have to sift through it all to find common entries before you can back track it and analyze it.

Wouldn’t it be easier if you had some automated way of doing reverse DNS on IP addresses?  Would your system be faster if you could supply DNS records for domain entries and check IPs for blacklisting to highlight potential bad actors?

That’s exactly what our customer has done.  By integrated Blacklist and DNS lookups with their threat analysis tools, they have dramatically shortened the time it takes to analyze traffic pattern, determine emerging threats and diagnose past issues.

MxToolbox’s API

MxToolbox provides an API to our paid and free customers that allows you to perform lookups, control and poll monitors and check your API status.  Depending on your account, Free, Basic or Pro, you may have different access to Local or Network lookups or access to your monitors.  Many customers use our API on a daily basis to integrate their internal systems with our technology to make the work days easier.  To learn more about the MxToolbox API, click here.

How do you API – Real Life Examples, Part 1

I’ve talked a little bit about API integrations and some questions you should ask yourself before digging in and coding.  Now, I’d like to discuss some unique and interesting examples of how our customers have integrated with MxToolbox to make their daily lives easier.

The Email Service

One of our customers has a consolidated email server management platform for small businesses.  Sold as-a-service, this includes email server status and performance.  As blacklist issues are naturally important as a blocker for email performance and delivery, this company contacted us about using the API to integrate our blacklist lookup technology into their centralized management console.  Now, paid users of MxToolbox can view complete Domain Health information in their mail console, including blacklist information on all their email servers.

The ISP

Another MxToolbox customer is a regional Internet Service Provider with many small online business clients, both web and email hosting.  Because they have a limited IP space, they’re using our Blacklist monitors rather than our Service Provider product for large IP spaces.  Rather than using the API, they utilize our Callback Hooks to connect to their network monitoring servers.  When one of their customers is blacklisted, our monitors call their systems, where they connect it to their customer’s account.  The ISP’s techs then reach out to their customer to notify them of the blacklisting and work with them on security practices that will enable them to stay off of blacklists in the future.  Since websites can be blacklisted due to a hack or malware infection and email servers can be blacklisted for spam, this integration gives them realtime insight into potential security and reputation issues that could affect their entire network.  Further, because incidents are connected to their internet customer management systems, they have a history of which customers are problematic and can work to segregate them from “good” customers.

MxToolbox’s API

MxToolbox provides an API to our paid and free customers that allows you to perform lookups, control and poll monitors and check your API status.  Depending on your account, Free, Basic or Pro, you may have different access to Local or Network lookups or access to your monitors.  Many customers use our API on a daily basis to integrate their internal systems with our technology to make the work days easier.  To learn more about the MxToolbox API, click here.

New!

Everything is New!  Okay, not everything but quite a few things…  You might have noticed that in the last 6 months we have added a number of new lookups, monitors and premium monitors.  Here’s a brief list to refresh your memory:

new_prosummary

New features in the Professional interface.

With all the new features, we decided we needed to share the good news.  So, we’ve added a way that everyone can see our new features as we add them.  Clicking on “New!” either on the “More” Tools page or in the Professional interface will give you access to a list of tools we added in the last 90 days.

New features on the More Tools page.

New features on the More Tools page.

How do I test my DNS resolution?

DNS setup and resolution is important for your on-going business.  Without properly configured DNS, your customers cannot find you online.  It’s a pretty common story: You setup a new server and configure the DNS and you can see it on your network, but can anyone else get to your server?   Everything isn’t setup and running until you check DNS resolution with an external 3rd party.

Free Tools

Fortunately, MxToolbox provides free tools that allow you to check your DNS resolution externally, so you can verify what your customers see.

Our DNS Lookup tool will return all the authoritative A records for a domain.  This is useful to ensure basic DNS configuration.

Our SuperTool contains a number of useful DNS lookups.  Most often our users check on DNS records for mail like MX, SPF, DMARC, and DKIM.  However, we support the most common DNS lookups, including A, AAAA (for IPv6), PTR, SOA, TXT, LOC and others.supertool

SuperTool also includes a lookup (DNS:) for all the name servers authoritative to your domain so you can see them all at-a-glance.  This lookup includes an analysis of the name server configuration compared to relevant RFCs.dnslookup

MxToolbox Premium Services

A la carte, DNS monitoring with MxWatch Monitoring packages.

Starting at $20/month, you can setup custom DNS monitors for your systems and domains.  These monitors alert you immediately if a record changes or servers fail to respond.  Learn More.

Turn-key DNS monitoring with Domain Health Monitoring.

Domain Health analyzes your domain’s configuration and automatically creates the appropriate DNS, SMTP, and HTTP monitors for your domain.  You get one free Domain Health Monitor with an MxWatch Monitoring package.  Learn More

Comprehensive DNS Change Management and Security Monitoring with DNS Zone Protect.

Our latest product constantly scans  the entire DNS setup for your domain and alerts you when any change is made.  Unlike traditional DNS monitors, DNS Zone Protect can detect the addition of new subdomains that could be the start of a Domain Shadow attack.  Learn More.