第43篇-IT邦 的 DNS 、凭证都快过期了?!

今天进度 : 鸟哥私房菜 - 第十九章、主机名称控制者: DNS 服务器

今天使用 whois 指令尝试查询 it home 收集详尽的 DNS 主机资讯
发现居然归在 PCHOME 底下注册 XD,而且是从 1993 年就购买,到现在有 22 年了,真厉害!
但,过期时间怎麽怪怪的,2021-04,不就代表在几个月就过期?
看网上的前辈说,最好要三个月前就续订,否则会被抢走

test@test:~$ whois ithelp.ithome.com.tw

Domain Name: ithome.com.tw
   Domain Status: clientTransferProhibited
   Registrant:
      iThome Weekly
      DomainAdministrator  [email protected]
      +886.0227000898
      
      12F No.105, Sec.2 Tun-Hwa South Road. Taipei,Taiwan, R.O.C Taipei,106,TW 
      Taipei, TW
      TW

   Administrative Contact:
      DomainAdministrator  [email protected]
      +886.0227000898
      

   Technical Contact:
      DomainAdministrator  [email protected]
      +886.0227000898
      

   Record expires on 2021-04-12 (YYYY-MM-DD)
   Record created on 1999-12-31 (YYYY-MM-DD)

   Domain servers in listed order:
      ns1.ithome.com.tw     220.130.119.129 
      ns2.ithome.com.tw     210.59.230.252 

Registration Service Provider: PCHOME
Registration Service URL: http://myname.pchome.com.tw

使用 openssl 查询凭证资料
发现凭证时间在 12 月也要过期了...

test@test:~$ echo | openssl s_client -showcerts -servername ithome.com.tw -connect ithome.com.tw:443 2>/dev/null | openssl x509 -inform pem -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:88:95:f4:42:7e:92:c7:c5:5d:6e:46
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = BE, O = GlobalSign nv-sa, CN = GlobalSign Organization Validation CA - SHA256 - G2
        Validity
            Not Before: Nov  1 09:32:34 2018 GMT
            Not After : Dec 19 09:14:42 2020 GMT
        Subject: C = TW, ST = Taipei, L = Taipei, OU = IT Dept., O = \E9\9B\BB\E9\80\B1\E6\96\87\E5\8C\96\E4\BA\8B\E6\A5\AD\E8\82\A1\E4\BB\BD\E6\9C\89\E9\99\90\E5\85\AC\E5\8F\B8, CN = *.ithome.com.tw
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:46:49:87:fe:9f:c1:9e:66:63:fd:05:3d:e5:
                    38:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            Authority Information Access: 
                CA Issuers - URI:http://secure.globalsign.com/cacert/gsorganizationvalsha2g2r1.crt
                OCSP - URI:http://ocsp2.globalsign.com/gsorganizationvalsha2g2

            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.4146.1.20
                  CPS: https://www.globalsign.com/repository/
                Policy: 2.23.140.1.2.2

            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl

            X509v3 Subject Alternative Name: 
                DNS:*.ithome.com.tw, DNS:owa.ithome.com.tw, DNS:mail.ithome.com.tw, DNS:autodiscover.ithome.com.tw, DNS:www.ithome.com.tw, DNS:ithome.com.tw
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Subject Key Identifier: 
            X509v3 Authority Key Identifier: 
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 
                    Timestamp : Nov  1 09:32:36.635 2018 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 
                    Timestamp : Nov  1 09:32:36.630 2018 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 
                    Timestamp : Nov  1 09:32:37.000 2018 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
    Signature Algorithm: sha256WithRSAEncryption

xxx

查询it邦主机的资讯

test@test:~$ nslookup ithome.com.tw
Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
Name:	ithome.com.tw
Address: 220.130.119.130

host 查询 IP 地址

test@test:~$ host ithome.com.tw
ithome.com.tw has address 220.130.119.130

dig 查询 详细的主机资讯

test@test:~$ dig ithome.com.tw

; <<>> DiG 9.16.1-Ubuntu <<>> ithome.com.tw
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9020
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;ithome.com.tw.			IN	A

;; ANSWER SECTION:
ithome.com.tw.		0	IN	A	220.130.119.130

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Oct 16 00:46:06 UTC 2020
;; MSG SIZE  rcvd: 58

<<:  30天Lua重拾笔记33】Java + Lua计算机

>>:  Sass 连接词(&)基础介绍 DAY32

30-10 之Presentation Layer - MVVM ( Model-View-ViewModel )

这个东东主要的概念来自 Martin Fowler 所写的 《 Presentation Model...

Day50. 范例:十二生肖

本文同步更新於blog 情境:玉皇大帝要举办渡河比赛,动物选手各显神通。 <?php na...

Day 25 优化你的广告帐户

(一)建立主打品牌的搜寻广告活动 让使用者在搜索商家时可以直接进到你的官网,避免当使用者在搜索商品或...

案例:在AWS上透过SageMaker跟CodePipeline驾驭MLOps的参考架构(上)

在经历了几篇的MLOps基础概念之後,想在後面的文章带大家看看几个案例。透过案例来学习,会对专案在技...

许多有趣的变数!如何使用 Postman 尝试 Nutanix 的 API

那些具有使用API经验的人将听说过并熟悉无处不在的API测试和开发工具。但是,Nutanix De...