alt Hacker NewsShow HN: Browse Internet Infrastructure
I'm launching Wirewiki.com today!
Wirewiki makes the internet’s hidden infrastructure browsable.
I quit my job 5 years ago to scale Nslookup.io. But after reaching 600k monthly users, I hit a ceiling. I couldn't naturally expand beyond DNS because of the domain name.
So I went back to the drawing board: how would I make it today? Not as a collection of tools, but as a browsable graph.
I've spent hundreds of hours and commits building that. It's not even at 10% of what I want it to be, but more than enough to be useful, and (in my biased opinion) much better than what's out there.
Wirewiki launches with DNS lookup, propagation, zone transfer and SPF checking. It also scans the entire IPv4 space for DNS servers and indexes them. I'm working on adding more data and tools.
I feel like I've developed tunnel vision, so if you see anything that feels off, let me know!
I'll keep Wirewiki open and free. Once it has a substantial amount of users, I'll open it up to sponsorship / brand integration from hosting providers, registrars and CDNs, as users will likely be in the market for those. But my goal is to keep Wirewiki free from display ads. I'm confident that's viable.
Comments
Nicely done. I poke at DNS a bit over at StackFox (https://stackfox.co/site/wirewiki.com), and anyone who’s spent time looking at DNS knows how much work goes into this.
A couple thoughts:
1) Nameserver “redundancy” that isn’t. All the ns1/ns2 setups that collapse onto the same provider or ASN once you follow the trail.
2) Authoritative drift. One server quietly serving an older serial or odd TTL for a while — invisible until something breaks. With global data, quirks like that become obvious.
Anyway, inspiring job. Wirewiki already feels like something that should have existed but somehow didn’t.
Great site. If you don't mind I have feature requests, but feel free to ignore them because OSS is OSS and you shouldn't feel obligated.
1) Include a link to dnsviz.net to check on the DNSSEC status of domains. They've already done all the work and it would be a nice integration.
2) Something that I wish more DNS operators understood is the concept of shared fate between authoritative name servers. Shared fate can come in the form of same AS, same upstream, same parent domain, etc. Operators might think they have redundancy when in fact all their servers are located in the same AS, for example. If there is any way you can highlight this or show this it would be useful.
3) I didn't try looking up a phishing domain, but displaying whether a domain exists on popular block lists would be awesome.
I love your attempt at understanding all the TXT RRs that have spread across the DNS in the last 10 years. What a mess.
You're right in that this is a rabbit hole. You could spend the rest of your life building this and never actually completing it, be careful!
Nice website, but I feel like calling it "wire wiki" is quite ambitious. Currently, it's a (beautiful) DNS lookup tool, but that's about it. I expected something like RIPE Stat [0], or something like the undersea cable map [1] (based on the "wire" in the name). Also, if you're doing DNS, take a look at resolve.rs [2], they have some nice DNS tools, though not as pretty as yours :)
And since you mentioned scanning the IPv4 address space for DNS servers - I did that as well at a some point for a product I've built (and even have a patent on). The list of servers you're going to get with a naive scanning approach is not what you want. It won't include the servers you probably want (such as the customer-facing DNS servers of ISPs) and will include an insane amount of junk like home routers or weird IoT devices that expose their port 53. Hit me up via the email in my profile if you want to chat.
[0]: https://stat.ripe.net/
[1]: https://www.submarinecablemap.com/
[2]: https://resolve.rs/