How can one verify Wildcard DNS is setup for a domain ?

How can one verify Wildcard DNS is setup for a domain ?

680
Created On 02/08/23 19:03 PM - Last Modified 10/29/25 19:42 PM


Question


Question : How can one manually verify Wildcard DNS is enabled for a domain ?

Environment


Windows
Linux
DNS Security
PANOS 10.0 or later

Answer


Answer : One can check a wildcard DNS record by using the command line tool "nslookup" or "dig".

Note : The domain used in the example is selected for demonstration purpose to be used in lab environment only and not to be shared externally.
Example :

1. using "nslookup":

    On a command prompt or terminal windows, type "nslookup" followed by the domain name and a subdomain that doesn't exist, such as "nslookup nonexistent.domaintobechecked.com".  If the wildcard DNS record is set up, you should see the IP address that it points to. If not, you'll see an error message indicating that the domain couldn't be found.

Wildcard DNS - Nslookup

2. using "dig":

    On a command prompt or terminal window, type "dig" followed by the domain name and a subdomain that doesn't exist, such as "dig nonexistent.domaintobechecked.com".  Look for the "ANSWER SECTION" in the output. If the wildcard DNS record is set up, you should see the IP address that it points to listed under "A" records. If not, you'll see an error message indicating that the domain couldn't be found.

Wildcard DNS - Dig

Additional Information


https://live.paloaltonetworks.com/t5/blogs/new-wildcard-dns-abuse-detection-for-dns-security/ba-p/459632
https://unit42.paloaltonetworks.com/wildcard-dns-abuse/
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sapwCAA&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail