Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi there
Now i want to know which command you run in linux to discover if a website is virtually hosted or not.
For instance, if i have a 196.x.x.x and it hosts multiple site, is there a way in linux or a tool available to enumerate the sites hosted as virtual domains??
no, it's really none of your business (from a technical perspective i mean...) the closest you *could* get would be to do a reverse lookup on the ip address to get all A records pointing to it. from then though, you'd still want the CNAME's pointing to the A's and neither of those jumps are possible (AFAIK). you can get the PTR record for the IP, but that's only one address, usually the name for a physical box, which wouldn't relate the the domains held on it.
as far as virtual hosting in itself... it's really not an interesting thing. there's no difference if an apache instance has 1 default server or 1 virtual host or 1000 virtual hosts.
Given one domain name you can get somewhere using Robtex, though admittedly that's not a local tool. Here's an example query for mrtgglds dot nf (which was either scam or spam, can't remember). I vaguely remember recon possibilities using the Google API but I can't find any clues right now.
Quote:
as far as virtual hosting in itself... it's really not an interesting thing. there's no difference if an apache instance has 1 default server or 1 virtual host or 1000 virtual hosts.
If it's interesting is for the OP to decide. Why else would he be asking? Besides, given the recent infections of certain webfarms hosting hundreds of sites *I* find it interesting.
Thanks alot......
Yeah i mean why wouldnt it be my business if i had like say 1000 virtual hosts and i need to map them out for some reason?
Away from that...i think i found a way to do though its a bit quick and dirty. I wrote a simple perl script and it workin just fine for now..
Another question i had was how do i protect my webserver from being discovered as one that hosts multiple site?
I have done pen tests myself and once you realize that a certain address maps to over 30 websites then its kinda easy to take them down...
why is it easier to take them down?? i don't understand why you seem to think that a virtual host is somehow deficient... 30 small secure sites with little content are a lot harder to take down that one huge one littered with holes.
how do you stop them being "discovered"? stop running them i guess. if you run a website, it's pretty obvious you want it to be used. as above we're assuming that the tool there just uses a very large dns cache to search through, so as long as you have valid dns records in order to get the traffic, you would be "susceptible" to being cross referenced. still don't see it as a problem in the slightest.
If what I understood is correct, you want all the sites on an IP address. Use this site, I use it to understand which all sites are being hosted on the server to get a decent idea of how the host is...
well there's a good example of how vague it is to find this info. I put one of my sites in there, and it's shown a totally different set to unspawns link... the second one appears to state it's comprehensive too, which is clearly isn't.
well there's a good example of how vague it is to find this info. I put one of my sites in there, and it's shown a totally different set to unspawns link... the second one appears to state it's comprehensive too, which is clearly isn't.
Heh. I didn't even test it. Any DN that has "SEO" in it is usually marketing something and "searchengine optimization" is way overrated anyway.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.