nslookup more than one name
Results 1 to 6 of 6

Thread: nslookup more than one name

  1. #1
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897

    nslookup more than one name

    If I do and nslookup on an IP or use nmap –sL for a range it only returns the fist DNS name it finds for that IP, anyone know a quick way to find more than one?

    For example, lets say IP 111.111.111.111 maps to srv.myorg.com. Some use also used a dynamic DNS service to map the same IP to myownedbox.dyndns.org. If it do an nsloookup on just 111.111.111.111 I just see the srv.myorg.com, is there a way to use nslookup or dig to look for more than just the first mapping?

  2. #2
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    nslookup

    Server: 192.168.0.1
    Address: 192.168.0.1#53

    > set query=any
    111.111.111.111

    Any CNAME record would be the alternative name.
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  3. #3
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    Thanks, but that just gives me a Non-existent domain error on an IP I know maps to something.

  4. #4
    King Tutorial-ankhamun
    Join Date
    Jul 2004
    Posts
    897
    Ok, on my Linux box it gave me an answer, but only the first one and not both.

  5. #5
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    Got my stuff backwards...a PTR can only point to one name (which is what you are querying if you lookup an IP). If you were then to try to look up the name, your mileage may vary (depending on if they did multiple A records or CNAMES).
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  6. #6
    Junior Member
    Join Date
    Jun 2005
    Location
    Richmond, VA
    Posts
    5
    Take a look at http://www.dnsstuff.com/info/revdns.htm.

    If you direct your query to a dyndns.org DNS server, it should give you the dyndns.org host name for your IP because it knows the answer from its own table of entries. But any other DNS server won't know the answer, so it will go through the DNS hierarchy to find it, and that will end up pointing it to the DNS server registered for that IP address, which is going to give you the myorg.com host name.

    So, I think to find any hostname other than the primary one, you'd need to know some other DNS server that has an entry for that IP...which would basically mean knowing the domain name of the full host name you're trying to find. That or querying thousands of DNS servers and hoping to find one.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •