DIG.exe Usage for HTTPS Site

[TheJax2010]

Hi All..

We are using Websense to filter our Internet traffic. The only problem I have with it is when a user accesses a secure site (HTTPS), I don't get the domain name in the report, but the IP (https://1.1.1.1)

When I used DIG to try and find the domain, it came back with a verisign site which makes me think the secure site is messing up the domain lookup. I've tried this on several IP's and they mostly find the verisign.com site and I know that's not the site the user is trying to reach. Most of the time it's a secure proxy site.

Can DIG be used to identify the domain name of a site being accessed over SSL? If not, are there any tools that do it (or websites)?

Thanks.

[rconner]

Hi All..

We are using Websense to filter our Internet traffic. The only problem I have with it is when a user accesses a secure site (HTTPS), I don't get the domain name in the report, but the IP (https://1.1.1.1)

When I used DIG to try and find the domain, it came back with a verisign site which makes me think the secure site is messing up the domain lookup. I've tried this on several IP's and they mostly find the verisign.com site and I know that's not the site the user is trying to reach. Most of the time it's a secure proxy site.

Can DIG be used to identify the domain name of a site being accessed over SSL? If not, are there any tools that do it (or websites)?

Thanks.

Sorry for the tardy response. I am not sure what you are trying to do with this information, but you may not be aware that the mapping between host names (domain names) and IP addreses is not necessarily one-to one in either direction.

When you use dig to do a "reverse lookup" (i.e., to get a host name from an IP address), you will get the host name that is recorded in the DNS "PTR" (pointer) record. However, it's possible that other host names will resolve to this address as well. I don't know off the top of my head whether there is any tool that can give you this information, it is very dynamic.

-- rick