User Tools

Site Tools


berkeleylug:digital_resources

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
berkeleylug:digital_resources [2019-03-15T05:24:11-0700]
michael_paoli more work on "local" hosting of [temp.]berkeleylug.com
berkeleylug:digital_resources [2019-05-07T03:51:57-0700] (current)
michael_paoli DNS information
Line 8: Line 8:
  
 DNS: DNS:
-$ TZ=GMT0 date -Iseconds && (for d in berkeleylug.com. berkeleylug.org.;​ do NS=$(dig +short "​$d"​ NS | sort -R | head -n 1); n=$(dig +short "​$NS"​ A "​$NS"​ AAAA | sort -R | head -n 1); for s in ''​ '​*.'​ calendar. docs. mail. sites. temp. www.; do for t in A AAAA CNAME SOA NS MX TXT SPF ANY; do dig @"​$n"​ +norecurse +noall +answer "​$s$d"​ "​$t";​ done; done; done) | grep '​^[^ ​      ​]*[Bb][Ee][Rr][Kk][Ee][Ll][Ee][Yy][Ll][Uu][Gg]\.'​ | sort -u +berkeleylug.com (canonicaland berkelelylug.org - data is publicly accessible via AXFR from one or more of the public authoritative nameservers.
-2019-03-09T21:​15:​20+00:​00 +
-*.berkeleylug.com. ​     14400   ​IN ​     CNAME   ​berkeleylug.com. +
-berkeleylug.com. ​       14400   ​IN ​     MX      10 aspmx.l.google.com. +
-berkeleylug.com. ​       14400   ​IN ​     MX      20 alt1.aspmx.l.google.com. +
-berkeleylug.com. ​       14400   ​IN ​     MX      30 alt2.aspmx.l.google.com. +
-berkeleylug.com. ​       14400   ​IN ​     MX      40 aspmx2.googlemail.com. +
-berkeleylug.com. ​       14400   ​IN ​     MX      50 aspmx3.googlemail.com. +
-berkeleylug.com. ​       21600   ​IN ​     NS      ns-cloud-a1.googledomains.com. +
-berkeleylug.com. ​       21600   ​IN ​     NS      ns-cloud-a2.googledomains.com. +
-berkeleylug.com. ​       21600   ​IN ​     NS      ns-cloud-a3.googledomains.com. +
-berkeleylug.com. ​       21600   ​IN ​     NS      ns-cloud-a4.googledomains.com. +
-berkeleylug.com. ​       21600   ​IN ​     SOA     ​ns-cloud-a1.googledomains.com. cloud-dns-hostmaster.google.com. 6 21600 3600 1209600 300 +
-berkeleylug.com. ​       300     ​IN ​     A       ​192.0.78.24 +
-berkeleylug.com. ​       300     ​IN ​     A       ​192.0.78.25 +
-berkeleylug.org.        21600   ​IN ​     NS      ns-cloud-b1.googledomains.com. +
-berkeleylug.org. ​       21600   ​IN ​     NS      ns-cloud-b2.googledomains.com. +
-berkeleylug.org. ​       21600   ​IN ​     NS      ns-cloud-b3.googledomains.com. +
-berkeleylug.org. ​       21600   ​IN ​     NS      ns-cloud-b4.googledomains.com. +
-berkeleylug.org. ​       21600   ​IN ​     SOA     ​ns-cloud-b1.googledomains.com. dns-admin.google.com. 10 21600 3600 1209600 300 +
-berkeleylug.org. ​       3600    IN      A       ​216.239.32.21 +
-berkeleylug.org. ​       3600    IN      A       ​216.239.34.21 +
-berkeleylug.org. ​       3600    IN      A       ​216.239.36.21 +
-berkeleylug.org. ​       3600    IN      A       ​216.239.38.21 +
-berkeleylug.org. ​       3600    IN      AAAA    2001:​4860:​4802:​32::​15 +
-berkeleylug.org. ​       3600    IN      AAAA    2001:​4860:​4802:​34::​15 +
-berkeleylug.org. ​       3600    IN      AAAA    2001:​4860:​4802:​36::​15 +
-berkeleylug.org. ​       3600    IN      AAAA    2001:​4860:​4802:​38::​15 +
-calendar.berkeleylug.com. 3600  IN      CNAME   ​ghs.googlehosted.com. +
-docs.berkeleylug.com. ​  ​3600 ​   IN      CNAME   ​ghs.googlehosted.com. +
-mail.berkeleylug.com. ​  ​3600 ​   IN      CNAME   ​ghs.googlehosted.com. +
-sites.berkeleylug.com. ​ 3600    IN      CNAME   ​ghs.googlehosted.com. +
-temp.berkeleylug.com. ​  ​300 ​    ​IN ​     A       ​198.144.194.238 +
-temp.berkeleylug.com. ​  ​300 ​    ​IN ​     AAAA    2001:​470:​1f05:​19e::​4 +
-www.berkeleylug.com. ​   14400   ​IN ​     CNAME   ​berkeleylug.com. +
-www.berkeleylug.org. ​   3600    IN      CNAME   ​ghs.googlehosted.com. +
-+
  
-.org not primary: +.org not primary, redirector in place
-curl --I http://berkeleylug.org/​ | sed -ne '/^HTTP/p;/^[Ll]ocation:​/p'+(for protocol_port in 'http 80' 'https 443'; do set -- $protocol_port;​ protocol="​$1";​ port="​$2";​ for host in www.berkeleylug.org ​berkeleylug.org;​ do for path in '' ​/// /​foo/​bar/​baz;​ do t="​$protocol://​$host$path";​ echo "​$t";​ curl -s -I "​$t" ​grep -'​^HTTP/​' -e '^[Ll]ocation:​ '; done; done done) 
 +http://​www.berkeleylug.org
 HTTP/1.1 301 Moved Permanently HTTP/1.1 301 Moved Permanently
-Location: ​http://​berkeleylug.com/​ +Location: ​https://​berkeleylug.com/​ 
-$ curl -s -I http://​www.berkeleylug.org/ ​| sed -ne '/​^HTTP/​p;/​^[Ll]ocation:/​p'​+http://​www.berkeleylug.org/​
 HTTP/1.1 301 Moved Permanently HTTP/1.1 301 Moved Permanently
-Location: http://​berkeleylug.com/​ +Location: ​https://​berkeleylug.com/​ 
-$ curl -s -I https://​berkeleylug.org/ ​| sed -ne '/^HTTP/p;/^[Ll]ocation:/p' +http://​www.berkeleylug.org///​ 
-HTTP/301  +HTTP/1.1 301 Moved Permanently 
-location: http://​berkeleylug.com/​ +Location: https://​berkeleylug.com/​ 
-$ curl -s -I https://​www.berkeleylug.org/ ​| sed -ne '/^HTTP/p;/^[Ll]ocation:/p' +http://​www.berkeleylug.org/​foo/​bar/​baz 
-HTTP/301  +HTTP/1.1 301 Moved Permanently 
-locationhttp://​berkeleylug.com/​+Location: ​https://​berkeleylug.com/​foo/​bar/​baz 
 +http://​berkeleylug.org 
 +HTTP/1.1 301 Moved Permanently 
 +Location: https://​berkeleylug.com/​ 
 +http://​berkeleylug.org/​ 
 +HTTP/1.1 301 Moved Permanently 
 +Location: https://​berkeleylug.com/​ 
 +http://​berkeleylug.org///​ 
 +HTTP/1.1 301 Moved Permanently 
 +Locationhttps://​berkeleylug.com/​ 
 +http://​berkeleylug.org/​foo/​bar/​baz 
 +HTTP/1.1 301 Moved Permanently 
 +Location: https://​berkeleylug.com/​foo/bar/baz 
 +https://​www.berkeleylug.org 
 +HTTP/1.1 301 Moved Permanently 
 +Location: https://​berkeleylug.com/​ 
 +https://​www.berkeleylug.org/​ 
 +HTTP/1.1 301 Moved Permanently 
 +Location: https://​berkeleylug.com/​ 
 +https://​www.berkeleylug.org///​ 
 +HTTP/1.1 301 Moved Permanently 
 +Locationhttps://​berkeleylug.com/​ 
 +https://​www.berkeleylug.org/​foo/​bar/​baz 
 +HTTP/1.1 301 Moved Permanently 
 +Location: https://​berkeleylug.com/​foo/​bar/​baz 
 +https://​berkeleylug.org 
 +HTTP/1.1 301 Moved Permanently 
 +Location: https://​berkeleylug.com/​ 
 +https://​berkeleylug.org/​ 
 +HTTP/1.1 301 Moved Permanently 
 +Location: https://​berkeleylug.com/​ 
 +https://​berkeleylug.org///​ 
 +HTTP/1.1 301 Moved Permanently 
 +Location: https://​berkeleylug.com/​ 
 +https://​berkeleylug.org/​foo/​bar/​baz 
 +HTTP/1.1 301 Moved Permanently 
 +Location: https://​berkeleylug.com/​foo/​bar/​baz
  
-@berkeleylug.org ​does not accept ​email (no MX, A/​AAAA ​times out on TCP port 25 even from known good email sender IP)+@berkeleylug.org ​neither accepts nor sends email (no MX, A/AAAA on TCP port 25 rejects connection or rejects SMTP attempts to domain, SPF - none sends, hard fail all: 
 +berkeleylug.org. IN SPF "​v=spf1 -all"​ 
 +berkeleylug.org. IN TXT "​v=spf1 -all"​ 
 +)
  
 canonical/​primary is: https://​berkeleylug.com/​ canonical/​primary is: https://​berkeleylug.com/​
Line 77: Line 81:
  
 TLS(/"​SSL"​) - Web - handful of (separate) Web certs only*: TLS(/"​SSL"​) - Web - handful of (separate) Web certs only*:
-$ nmap -Pn -r -sT -p 443 --script=ssl-cert berkeleylug.com calendar.berkeleylug.com docs.berkeleylug.com mail.berkeleylug.com sites.berkeleylug.com www.berkeleylug.com ​berkeleylug.org www.berkeleylug.org | perl -e '​while(<>​){print if /Not valid after: /o; if(/^\| Subject Alternative Name: /){chomp; s/​DNS:​(?:​(?​i)(?​![^,​ ]*berkeleylug\.))[^,​ ]+(?:, |$)//go; s/, ?$//o; print "​$_\n";​};​};'​+$ nmap -Pn -r -sT -p 443 --script=ssl-cert berkeleylug.com calendar.berkeleylug.com docs.berkeleylug.com mail.berkeleylug.com sites.berkeleylug.com www.berkeleylug.com ​ perl -e '​while(<>​){print if /Not valid after: /o; if(/^\| Subject Alternative Name: /){chomp; s/​DNS:​(?:​(?​i)(?​![^,​ ]*berkeleylug\.))[^,​ ]+(?:, |$)//go; s/, ?$//o; print "​$_\n";​};​};'​
 | Subject Alternative Name: DNS:​berkeleylug.com | Subject Alternative Name: DNS:​berkeleylug.com
 | Not valid after: ​ 2019-04-28T02:​29:​40 | Not valid after: ​ 2019-04-28T02:​29:​40
 | Subject Alternative Name: DNS:​www.berkeleylug.com | Subject Alternative Name: DNS:​www.berkeleylug.com
 | Not valid after: ​ 2019-06-01T14:​37:​18 | Not valid after: ​ 2019-06-01T14:​37:​18
-| Subject Alternative Name: DNS:​berkeleylug.org 
-| Not valid after: ​ 2019-06-03T05:​26:​39 
-| Subject Alternative Name: DNS:​www.berkeleylug.org 
-| Not valid after: ​ 2019-06-03T05:​22:​56 
  
 *ignoring domains that WordPress.com lumps in there that aren't at all BerkeleyLUG *ignoring domains that WordPress.com lumps in there that aren't at all BerkeleyLUG
Line 91: Line 91:
 ########################################################################​ ########################################################################​
 various bits to test on temp.berkeleylug.com - to presumably later be various bits to test on temp.berkeleylug.com - to presumably later be
-berkeleylug.com+berkeleylug.com, cert also for [www.]berkeleylug.org
 Created key and obtained (non-Google) CA signed cert also covering: Created key and obtained (non-Google) CA signed cert also covering:
 *.berkeleylug.com,​berkeleylug.com,​*.berkeleylug.org,​berkeleylug.org expires: 2019-06-07T02:​07:​58Z *.berkeleylug.com,​berkeleylug.com,​*.berkeleylug.org,​berkeleylug.org expires: 2019-06-07T02:​07:​58Z
-$ dig +noall +answer +nottl temp.berkeleylug.com. A temp.berkeleylug.com. AAAA 
-temp.berkeleylug.com. ​  ​IN ​     A       ​198.144.194.238 
-temp.berkeleylug.com. ​  ​IN ​     AAAA    2001:​470:​1f05:​19e::​4 
-$ </​dev/​null openssl s_client -servername temp.berkeleylug.com -starttls smtp -connect 198.144.194.238:​25 2>>/​dev/​null | sed -ne '/​^-----BEGIN CERTIFICATE-----$/,/​^-----END CERTIFICATE-----$/​p'​ | openssl x509 -text -noout | sed -ne '/Not After : /p;/Subject Alternative Name:/​{N;​p;​q;​}'​ 
-            Not After : May 22 11:41:24 2019 GMT 
-            X509v3 Subject Alternative Name: 
-                DNS:​*.balug.org,​ DNS:​*.lists.balug.org,​ DNS:​balug.org 
- 
 ... install the newer cert for SMTP (will likely end up needed for at ... install the newer cert for SMTP (will likely end up needed for at
 least postmaster@berkeleylug.com,​ for WordPress site to, e.g. send least postmaster@berkeleylug.com,​ for WordPress site to, e.g. send
Line 122: Line 114:
                 DNS:​*.balug.org,​ DNS:​*.berkeleylug.com,​ DNS:​*.berkeleylug.org,​ DNS:​*.lists.balug.org,​ DNS:​balug.org,​ DNS:​berkeleylug.com,​ DNS:​berkeleylug.org                 DNS:​*.balug.org,​ DNS:​*.berkeleylug.com,​ DNS:​*.berkeleylug.org,​ DNS:​*.lists.balug.org,​ DNS:​balug.org,​ DNS:​berkeleylug.com,​ DNS:​berkeleylug.org
  
 +Also installed on https://​[www.]berkeleylug.org/:​ 
 +$ (TZ=GMT0 export TZ; hosts='​www.berkeleylug.org berkeleylug.org';​ { nmap -Pn -r -sT -p 443 --script=ssl-cert $hosts; nmap -6 -Pn -r -sT -p 443 --script=ssl-cert $hosts; } | grep -e '^Nmap scan report for ' -e '^PORT ' -e '​^[0-9]*/​tcp open' -e '^| Subject Alternative Name: ' -e '^| Not valid after: ') 
 +Nmap scan report for www.berkeleylug.org (198.144.194.238) 
 +PORT    STATE SERVICE 
 +443/tcp open  https 
 +| Subject Alternative Name: DNS:​*.balug.org,​ DNS:​*.berkeleylug.com,​ DNS:​*.berkeleylug.org,​ DNS:​*.lists.balug.org,​ DNS:​balug.org,​ DNS:​berkeleylug.com,​ DNS:​berkeleylug.org 
 +| Not valid after: ​ 2019-06-07T02:​07:​58 
 +Nmap scan report for berkeleylug.org (198.144.194.238) 
 +PORT    STATE SERVICE 
 +443/tcp open  https 
 +| Subject Alternative Name: DNS:​*.balug.org,​ DNS:​*.berkeleylug.com,​ DNS:​*.berkeleylug.org,​ DNS:​*.lists.balug.org,​ DNS:​balug.org,​ DNS:​berkeleylug.com,​ DNS:​berkeleylug.org 
 +| Not valid after: ​ 2019-06-07T02:​07:​58 
 +Nmap scan report for www.berkeleylug.org (2001:​470:​1f05:​19e::​4) 
 +PORT    STATE SERVICE 
 +443/tcp open  https 
 +| Subject Alternative Name: DNS:​*.balug.org,​ DNS:​*.berkeleylug.com,​ DNS:​*.berkeleylug.org,​ DNS:​*.lists.balug.org,​ DNS:​balug.org,​ DNS:​berkeleylug.com,​ DNS:​berkeleylug.org 
 +| Not valid after: ​ 2019-06-07T02:​07:​58 
 +Nmap scan report for berkeleylug.org (2001:​470:​1f05:​19e::​4) 
 +PORT    STATE SERVICE 
 +443/tcp open  https 
 +| Subject Alternative Name: DNS:​*.balug.org,​ DNS:​*.berkeleylug.com,​ DNS:​*.berkeleylug.org,​ DNS:​*.lists.balug.org,​ DNS:​balug.org,​ DNS:​berkeleylug.com,​ DNS:​berkeleylug.org 
 +| Not valid after: ​ 2019-06-07T02:​07:​58 
 +
 ########################################################################​ ########################################################################​
  
berkeleylug/digital_resources.1552652651.txt.bz2 · Last modified: 2019-03-15T05:24:11-0700 by michael_paoli