AnyZone is a service which provides delegated DNS zones without having to mess around in configuration files or panels.

It’s like nip.io but, instead of generating A records, it generates NS records.

One example use for a delegated zone can be to host a DNS tunneling server such as iodine, without needing to configure a domain or needing to wait for DNS propagation. You would simply point iodine to <your-server-ip>.anyz.one.

Another example is when pesky requirements demand two name servers but you have only one server,
that’s how this service already proved useful to run itself! See:

dig ns anyz.one. @a.nic.one

How to use

Imagine your server is at 10.0.1.2 and you’d like a DNS resolver to talk to you for whatever reason. Use this domain:

10.0.1.2.anyz.one

AnyZone then generates an NS record that points to itself, and ‘glues’ on an A record which points that to 10.0.1.2. This is how DNS referrals work, and so the target DNS resolver will be referred and, next, asks your server for the requested record.

Everything below this domain is also delegated to you, so you can also use:

server19.dungeon4.X41-HQ.10.0.1.2.anyz.one

Maybe you say: meh, old IPv4, where’s the fun in that? We got you covered:

there.is.no.place.like.ii1.anyz.one

This will resolve to ::1 (localhost). The letter i was chosen because it looks like a colon. Kinda. If you squint and take off your glasses.

The longest v6 address is shorter than the maximum DNS label length, so you don’t need to split it up with dots or anything. (Dots would have been prettier, but 2001.db8..1.anyz.one is not possible due to how the DNS protocol’s label encoding works.)

Finally, there is also a little gimmick where ip.anyz.one returns the IP address of the system asking (that is, you or your resolver).

Can anyone use it?

Yes! The project was started during a company research week and we will host the service free for everyone. (If you are also interested in doing this sort of work, we are hiring!)

What’s more, the project is open source and freely licensed. Hosting your own version is a matter of installing one Debian package (which is pure Python without further dependencies) and running the main file. See https://github.com/x41sec/AnyZone

Please be aware that this service comes with no warranties. Hypothetically, we might find a security bug and shut it down for a day (without notice) until we had time to fix it. You shouldn’t rely on it for critical uptime-sensitive processes.

Where can I find more information?

https://anyz.one as well as the AnyZone GitHub repository.

About X41 D-SEC GmbH

(If you are between GMT and GMT+3, we are hiring!)

X41 is an expert provider for application security services. Having extensive industry experience and expertise in the area of information security, a strong core security team of world class security experts enables X41 to perform premium security services.

Fields of expertise in the area of application security are security centered code reviews, binary reverse engineering and vulnerability discovery. Custom research and IT security consulting and support services are core competencies of X41.