Bug Bounty Hunting — Complete Guide (Part-26)

Photo by Digital Buggu: https://www.pexels.com/photo/monitor-displaying-computer-application-374559/

Web hosting is like renting space on the internet where you can store your website so that anyone can access it online. Here’s how it works:

Creating Your Website: First, you design and build your website, much like decorating and furnishing a house to make it look nice and inviting.Finding a Home (Hosting Service): Once your website is ready, you need a hosting service. Think of this like finding a place to park your website on the internet so people can visit it. Some schools let students and teachers do this for free, like letting you use a classroom to display your school project.What Hosting Companies Do: Companies that offer web hosting provide secure buildings (data centers) where your website lives. They have super-fast internet connections and special computers just for hosting websites. It’s like having a super-powered garage that keeps your car safe and ready to go whenever you need it.What You Get with Hosting: When you sign up for web hosting, you get a certain amount of space to store your website’s files, a limit on how many visitors can come to your site each month, and tools to help you manage your site. It’s like renting an apartment where you have space for your stuff and tools to fix things if something breaks.Connecting Your Site: To make your website easy to find on the internet, your hosting service connects your website’s name (like www.yourwebsite.com) to a special number (called an IP address) that points to your site. It’s like putting a sign with your name on the street so people can find your house.Making Your Site Faster: For really big websites that people visit from all over the world, some hosting services can make copies of your site in different countries. This makes it load faster for people no matter where they are. It’s like having a store that delivers its goods from local warehouses instead of one far away, so customers get what they want quicker.

Imagine your website is a cool clubhouse you built with your friends. Web hosting is like finding a clubhouse manager who keeps it safe and open for friends to visit anytime. They make sure everything works well and even help you put up a sign so everyone knows where your clubhouse is. If lots of friends from different places want to come, the manager can make copies of your clubhouse nearby so everyone gets there faster.

Getting a domain name involves using a service called a domain name registrar. These companies are happy to help you register a new domain name for a small yearly fee. Once you register a domain name, it belongs to you, and no one else can use it as long as you keep renewing the registration.

ICANN, the organization that oversees domain names on the internet, accredits commercial registrars for popular domain endings like .com, .net, and .org. They also manage newer domain endings such as .biz, .info, .pro, .aero, .name, and .museum.

Some registrars, like VeriSign (previously known as Network Solutions), can even register domains like .edu. However, special entities handle domains with restricted endings such as .gov (handled by nic.gov) and .us (handled by nic.us).

Country-specific domain endings (like .uk for the United Kingdom or .fr for France) are managed by registries within those countries. This system ensures that each domain name is unique and properly managed according to its specific rules and regulations.

When you register a domain name, the registration details become publicly accessible through the WHOIS service on the internet. This service provides a summary of information about the domain, such as who owns it and how to contact them. Here’s how it works:

Accessing WHOIS: To find out about a domain, you can use the WHOIS command on UNIX systems. For instance, typing whois example.com retrieves information from a major network information center like nic. This shows details like the registrar (e.g., Network Solutions), name servers (servers that manage the domain’s internet traffic), and update history.Detailed Records: For more specific information, querying a registrar’s WHOIS server directly provides a more detailed registration record. For example, using whois -h whois.example.edu or whois example.edu reveals comprehensive data, including contact information for administrative, technical, and billing contacts associated with the domain.Operating System Tools: Different operating systems have various tools for networking tasks. On Linux, WHOIS is sometimes called fwhois, while Mac OS X includes networking utilities like Ping, DNS Lookup, Trace IP Route, and WHOIS within packages such as NetProbe. On Windows, third-party WHOIS programs are available for download.Online Access: Beyond local commands, WHOIS searches are also available online through websites. These platforms provide convenient access to domain registration details without needing to use command-line tools.

Understanding WHOIS helps ensure transparency and accountability in domain ownership, allowing individuals and organizations to verify information related to any registered domain name on the internet.

Name servers are essential programs that manage the domain-to-IP address mapping across the internet. The Domain Name System (DNS) facilitates this by providing a distributed database service, supporting dynamic retrieval of information from the name space. Here’s a breakdown of how it works:

Role of DNS: DNS ensures web browsers and other internet applications can find the IP address of a target host before establishing a connection. This system is crucial for translating human-readable domain names (like example.com) into machine-readable IP addresses (like 192.0.2.1).Name Servers: These servers are crucial as they hold and distribute DNS information across the internet. Each domain’s information is divided into zones, with each zone managed by one or more name servers. A name server authoritative for a zone has complete information about that zone and shares this information with other servers for redundancy.Resolvers: DNS resolvers are programs that send queries to name servers and retrieve responses. Typically integrated into networking libraries on UNIX systems, resolvers translate domain names into IP addresses. They use information from local resolver configuration files (like /etc/resolv.conf) to direct queries appropriately.Database Structure: The DNS database handles various types of queries beyond just IP addresses, including network addresses, mail exchange records, and host configurations.Root Servers: Managed by organizations like ICANN, root servers are pivotal as they provide foundational information necessary for routing queries across the entire DNS hierarchy.Management and Authority: Each zone in the DNS is managed independently, allowing zone administrators to designate which name servers host their zone’s data and make authoritative changes as needed.Collaborative Mapping: All name servers on the internet work together seamlessly to ensure efficient and accurate domain-to-IP mappings globally. This cooperation ensures that users can access websites and services reliably regardless of their location.

Understanding the structure and operation of name servers and DNS is fundamental to how the internet functions, enabling the seamless browsing and connectivity experiences we rely on daily.

On UNIX and MS/Windows systems, several commands — host, dig, and nslookup — provide direct user access to the Domain Name System (DNS). These tools help retrieve information such as domain names, IP addresses, and aliases associated with hosts. Here’s how nslookup, a simpler output tool, operates:

Purpose of nslookup: Nslookup allows users to query a name server and obtain information about a specified host, including its domain name, IP address, and any aliases. The name server used for the query is typically configured in the resolv.conf file on the system.Functionality: Nslookup is valuable for verifying the existence of hosts and discovering IP addresses or domain name aliases associated with them. It provides essential information along with identifying the name server that supplied the data.Ping Command: Once you have a host’s name, you can use the ping command to test if the host is responsive over the network. For instance, ping www.example.com sends a message to the host and requests an echo response if it’s operational.Command Location: If these commands are not directly accessible from your system’s command path, you might need to specify their location, such as /etc/ping or /usr/etc/ping, depending on your setup.

Understanding and using these DNS commands is crucial for troubleshooting network connectivity, verifying DNS configurations, and ensuring reliable access to internet resources across different operating systems.