User Tools

Site Tools


berkeleylug:digital_resources

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Next revisionBoth sides next revision
berkeleylug:digital_resources [2019-03-29T07:31:30+0000] – updated DNS for redirector (should be fully effective within an hour) michael_paoliberkeleylug:digital_resources [2019-05-07T10:51:57+0000] – DNS information michael_paoli
Line 8: Line 8:
  
 DNS: DNS:
-$ TZ=GMT0 date -Iseconds && (for d in berkeleylug.com. berkeleylug.org.; do NS=$(dig +short "$d" NS | sort -R | head -n 1); n=$(dig +short "$NS" A "$NS" AAAA | sort -R | head -n 1); for s in '' '*.' calendar. docs. mail. sites. temp. www.; do for t in A AAAA CNAME SOA NS MX TXT SPF ANY; do dig @"$n" +norecurse +noall +answer "$s$d" "$t"; done; done; done) | grep '^[^       ]*[Bb][Ee][Rr][Kk][Ee][Ll][Ee][Yy][Ll][Uu][Gg]\.' | sort -u +berkeleylug.com (canonicaland berkelelylug.org - data is publicly accessible via AXFR from one or more of the public authoritative nameservers.
-2019-03-29T07:27:36+00:00 +
-*.berkeleylug.com.      14400   IN      CNAME   berkeleylug.com. +
-berkeleylug.com.        14400   IN      MX      10 aspmx.l.google.com. +
-berkeleylug.com.        14400   IN      MX      20 alt1.aspmx.l.google.com. +
-berkeleylug.com.        14400   IN      MX      30 alt2.aspmx.l.google.com. +
-berkeleylug.com.        14400   IN      MX      40 aspmx2.googlemail.com. +
-berkeleylug.com.        14400   IN      MX      50 aspmx3.googlemail.com. +
-berkeleylug.com.        21600   IN      NS      ns-cloud-a1.googledomains.com. +
-berkeleylug.com.        21600   IN      NS      ns-cloud-a2.googledomains.com. +
-berkeleylug.com.        21600   IN      NS      ns-cloud-a3.googledomains.com. +
-berkeleylug.com.        21600   IN      NS      ns-cloud-a4.googledomains.com. +
-berkeleylug.com.        21600   IN      SOA     ns-cloud-a1.googledomains.com. cloud-dns-hostmaster.google.com. 6 21600 3600 1209600 300 +
-berkeleylug.com.        300     IN      A       192.0.78.24 +
-berkeleylug.com.        300     IN      A       192.0.78.25 +
-berkeleylug.org.        21600   IN      NS      ns-cloud-b1.googledomains.com. +
-berkeleylug.org.        21600   IN      NS      ns-cloud-b2.googledomains.com. +
-berkeleylug.org.        21600   IN      NS      ns-cloud-b3.googledomains.com. +
-berkeleylug.org.        21600   IN      NS      ns-cloud-b4.googledomains.com. +
-berkeleylug.org.        21600   IN      SOA     ns-cloud-b1.googledomains.com. dns-admin.google.com. 15 21600 3600 1209600 300 +
-berkeleylug.org.        3600    IN      A       198.144.194.238 +
-berkeleylug.org.        3600    IN      AAAA    2001:470:1f05:19e::+
-calendar.berkeleylug.com. 3600  IN      CNAME   ghs.googlehosted.com. +
-docs.berkeleylug.com.   3600    IN      CNAME   ghs.googlehosted.com. +
-mail.berkeleylug.com.   3600    IN      CNAME   ghs.googlehosted.com. +
-sites.berkeleylug.com.  3600    IN      CNAME   ghs.googlehosted.com. +
-temp.berkeleylug.com.   300     IN      A       198.144.194.238 +
-temp.berkeleylug.com.   300     IN      AAAA    2001:470:1f05:19e::+
-www.berkeleylug.com.    14400   IN      CNAME   berkeleylug.com. +
-www.berkeleylug.org.    3600    IN      A       198.144.194.238 +
-www.berkeleylug.org.    3600    IN      AAAA    2001:470:1f05:19e::+
-$  +
- +
-.org not primary: +
-$ curl -s -I http://berkeleylug.org/ | sed -ne '/^HTTP/p;/^[Ll]ocation:/p' +
-HTTP/1.1 301 Moved Permanently +
-Location: http://berkeleylug.com/ +
-$ curl -s -I http://www.berkeleylug.org/ | sed -ne '/^HTTP/p;/^[Ll]ocation:/p' +
-HTTP/1.1 301 Moved Permanently +
-Location: http://berkeleylug.com/ +
-$ curl -s -I https://berkeleylug.org/ | sed -ne '/^HTTP/p;/^[Ll]ocation:/p' +
-HTTP/2 301  +
-location: http://berkeleylug.com/ +
-$ curl -s -I https://www.berkeleylug.org/ | sed -ne '/^HTTP/p;/^[Ll]ocation:/p' +
-HTTP/2 301  +
-location: http://berkeleylug.com/ +
-$  +
-@berkeleylug.org does not accept email (no MX, A/AAAA times out on TCP port 25 even from known good email sender IP)+
  
------------------------------------------------------------------------- +.org not primary, redirector in place
-[www.]berkeleylug.org - set up redirector - but still need to repoint DNS+$ (for protocol_port in 'http 80' 'https 443'; do set -- $protocol_port; protocol="$1"; port="$2"; for host in www.berkeleylug.org berkeleylug.org; do for path in '' / /// /foo/bar/baz; do t="$protocol://$host$path"; echo "$t"; curl -s -I "$t" | grep -e '^HTTP/' -e '^[Ll]ocation: '; done; done done)
-$ (for protocol_port in 'http 80' 'https 443'; do set -- $protocol_port; protocol="$1"; port="$2"; for host in www.berkeleylug.org berkeleylug.org; do for path in '' / /// /foo/bar/baz; do t="$protocol://$host$path"; echo "$t"; curl -s -I --resolve "$host":"$port":198.144.194.238 "$t" | grep -e '^HTTP/' -e '^Location: '; done; done done)+
 http://www.berkeleylug.org http://www.berkeleylug.org
 HTTP/1.1 301 Moved Permanently HTTP/1.1 301 Moved Permanently
Line 109: Line 61:
 Location: https://berkeleylug.com/foo/bar/baz Location: https://berkeleylug.com/foo/bar/baz
  
-------------------------------------------------------------------------+@berkeleylug.org neither accepts nor sends email (no MX, A/AAAA on TCP port 25 rejects connection or rejects SMTP attempts to domain, SPF none sends, hard fail all: 
 +berkeleylug.org. IN SPF "v=spf1 -all" 
 +berkeleylug.org. IN TXT "v=spf1 -all" 
 +)
  
 canonical/primary is: https://berkeleylug.com/ canonical/primary is: https://berkeleylug.com/
Line 126: Line 81:
  
 TLS(/"SSL") - Web - handful of (separate) Web certs only*: TLS(/"SSL") - Web - handful of (separate) Web certs only*:
-$ nmap -Pn -r -sT -p 443 --script=ssl-cert berkeleylug.com calendar.berkeleylug.com docs.berkeleylug.com mail.berkeleylug.com sites.berkeleylug.com www.berkeleylug.com berkeleylug.org www.berkeleylug.org | perl -e 'while(<>){print if /Not valid after: /o; if(/^\| Subject Alternative Name: /){chomp; s/DNS:(?:(?i)(?![^, ]*berkeleylug\.))[^, ]+(?:, |$)//go; s/, ?$//o; print "$_\n";};};'+$ nmap -Pn -r -sT -p 443 --script=ssl-cert berkeleylug.com calendar.berkeleylug.com docs.berkeleylug.com mail.berkeleylug.com sites.berkeleylug.com www.berkeleylug.com  perl -e 'while(<>){print if /Not valid after: /o; if(/^\| Subject Alternative Name: /){chomp; s/DNS:(?:(?i)(?![^, ]*berkeleylug\.))[^, ]+(?:, |$)//go; s/, ?$//o; print "$_\n";};};'
 | Subject Alternative Name: DNS:berkeleylug.com | Subject Alternative Name: DNS:berkeleylug.com
 | Not valid after:  2019-04-28T02:29:40 | Not valid after:  2019-04-28T02:29:40
 | Subject Alternative Name: DNS:www.berkeleylug.com | Subject Alternative Name: DNS:www.berkeleylug.com
 | Not valid after:  2019-06-01T14:37:18 | Not valid after:  2019-06-01T14:37:18
-| Subject Alternative Name: DNS:berkeleylug.org 
-| Not valid after:  2019-06-03T05:26:39 
-| Subject Alternative Name: DNS:www.berkeleylug.org 
-| Not valid after:  2019-06-03T05:22:56 
  
 *ignoring domains that WordPress.com lumps in there that aren't at all BerkeleyLUG *ignoring domains that WordPress.com lumps in there that aren't at all BerkeleyLUG
Line 140: Line 91:
 ######################################################################## ########################################################################
 various bits to test on temp.berkeleylug.com - to presumably later be various bits to test on temp.berkeleylug.com - to presumably later be
-berkeleylug.com+berkeleylug.com, cert also for [www.]berkeleylug.org
 Created key and obtained (non-Google) CA signed cert also covering: Created key and obtained (non-Google) CA signed cert also covering:
 *.berkeleylug.com,berkeleylug.com,*.berkeleylug.org,berkeleylug.org expires: 2019-06-07T02:07:58Z *.berkeleylug.com,berkeleylug.com,*.berkeleylug.org,berkeleylug.org expires: 2019-06-07T02:07:58Z
-$ dig +noall +answer +nottl temp.berkeleylug.com. A temp.berkeleylug.com. AAAA 
-temp.berkeleylug.com.   IN      A       198.144.194.238 
-temp.berkeleylug.com.   IN      AAAA    2001:470:1f05:19e::4 
-$ </dev/null openssl s_client -servername temp.berkeleylug.com -starttls smtp -connect 198.144.194.238:25 2>>/dev/null | sed -ne '/^-----BEGIN CERTIFICATE-----$/,/^-----END CERTIFICATE-----$/p' | openssl x509 -text -noout | sed -ne '/Not After : /p;/Subject Alternative Name:/{N;p;q;}' 
-            Not After : May 22 11:41:24 2019 GMT 
-            X509v3 Subject Alternative Name: 
-                DNS:*.balug.org, DNS:*.lists.balug.org, DNS:balug.org 
- 
 ... install the newer cert for SMTP (will likely end up needed for at ... install the newer cert for SMTP (will likely end up needed for at
 least postmaster@berkeleylug.com, for WordPress site to, e.g. send least postmaster@berkeleylug.com, for WordPress site to, e.g. send
Line 171: Line 114:
                 DNS:*.balug.org, DNS:*.berkeleylug.com, DNS:*.berkeleylug.org, DNS:*.lists.balug.org, DNS:balug.org, DNS:berkeleylug.com, DNS:berkeleylug.org                 DNS:*.balug.org, DNS:*.berkeleylug.com, DNS:*.berkeleylug.org, DNS:*.lists.balug.org, DNS:balug.org, DNS:berkeleylug.com, DNS:berkeleylug.org
  
 +Also installed on https://[www.]berkeleylug.org/: 
 +$ (TZ=GMT0 export TZ; hosts='www.berkeleylug.org berkeleylug.org'; { nmap -Pn -r -sT -p 443 --script=ssl-cert $hosts; nmap -6 -Pn -r -sT -p 443 --script=ssl-cert $hosts; } | grep -e '^Nmap scan report for ' -e '^PORT ' -e '^[0-9]*/tcp open' -e '^| Subject Alternative Name: ' -e '^| Not valid after: ') 
 +Nmap scan report for www.berkeleylug.org (198.144.194.238) 
 +PORT    STATE SERVICE 
 +443/tcp open  https 
 +| Subject Alternative Name: DNS:*.balug.org, DNS:*.berkeleylug.com, DNS:*.berkeleylug.org, DNS:*.lists.balug.org, DNS:balug.org, DNS:berkeleylug.com, DNS:berkeleylug.org 
 +| Not valid after:  2019-06-07T02:07:58 
 +Nmap scan report for berkeleylug.org (198.144.194.238) 
 +PORT    STATE SERVICE 
 +443/tcp open  https 
 +| Subject Alternative Name: DNS:*.balug.org, DNS:*.berkeleylug.com, DNS:*.berkeleylug.org, DNS:*.lists.balug.org, DNS:balug.org, DNS:berkeleylug.com, DNS:berkeleylug.org 
 +| Not valid after:  2019-06-07T02:07:58 
 +Nmap scan report for www.berkeleylug.org (2001:470:1f05:19e::4) 
 +PORT    STATE SERVICE 
 +443/tcp open  https 
 +| Subject Alternative Name: DNS:*.balug.org, DNS:*.berkeleylug.com, DNS:*.berkeleylug.org, DNS:*.lists.balug.org, DNS:balug.org, DNS:berkeleylug.com, DNS:berkeleylug.org 
 +| Not valid after:  2019-06-07T02:07:58 
 +Nmap scan report for berkeleylug.org (2001:470:1f05:19e::4) 
 +PORT    STATE SERVICE 
 +443/tcp open  https 
 +| Subject Alternative Name: DNS:*.balug.org, DNS:*.berkeleylug.com, DNS:*.berkeleylug.org, DNS:*.lists.balug.org, DNS:balug.org, DNS:berkeleylug.com, DNS:berkeleylug.org 
 +| Not valid after:  2019-06-07T02:07:58 
 +
 ######################################################################## ########################################################################
  
berkeleylug/digital_resources.txt · Last modified: 2020-05-18T11:31:53+0000 by michael_paoli

Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki