Domain Information

Domain Information

---

We use domain information to get a general idea of how the company is structured from a technical standpoint. It is essential to understand the basics of network technology, which we have discussed in Module Introduction to Networking to be able to dig into how a company is structured on a technical level.

Here we work our way piece by piece from rough to detailed information. Therefore we first have to get a technical overview of the company. Since we usually already know the name of the company or even the domain name, this information is generally sufficient to determine how the company is structured.

![[infra-domain-info.png]]

It is important to note that the illustration above is only the generalized illustration that applies to most companies and scenarios and should not limit us. Each company is individually set up and structured, which can lead to the fact that we can get the required information via the other information resources to which the arrows in this illustration do not point.

We can classify the rough structure into three categories:

Public Records	Third Parties	Domains

We need to keep this phase's goal in mind since we will be coming across many different sources and resources. After all, we are only now beginning to get an overview of the company's infrastructure. We have to be careful not to go into detail for now while we work through the following three categories, but to get an overview of how the company is positioned on the Internet.

The element we focus on in the first phase of the company's infrastructure investigation is the domain names we can find (SLD and TLD, i.e., "target-company.com"). After all, these are the primary nodes on which the company's presence on the Internet is based. We then go into each domain and get an overview of the subordinate structure that contains Netblocks, Name Servers, Mail Servers, subdomains, and hosts/IP addresses for each domain.

![[infra-domains.png]]