-
June 23rd, 2005, 07:23 PM
#1
nslookup more than one name
If I do and nslookup on an IP or use nmap –sL for a range it only returns the fist DNS name it finds for that IP, anyone know a quick way to find more than one?
For example, lets say IP 111.111.111.111 maps to srv.myorg.com. Some use also used a dynamic DNS service to map the same IP to myownedbox.dyndns.org. If it do an nsloookup on just 111.111.111.111 I just see the srv.myorg.com, is there a way to use nslookup or dig to look for more than just the first mapping?
-
June 23rd, 2005, 07:40 PM
#2
nslookup
Server: 192.168.0.1
Address: 192.168.0.1#53
> set query=any
111.111.111.111
Any CNAME record would be the alternative name.
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
-
June 23rd, 2005, 07:45 PM
#3
Thanks, but that just gives me a Non-existent domain error on an IP I know maps to something.
-
June 23rd, 2005, 07:47 PM
#4
Ok, on my Linux box it gave me an answer, but only the first one and not both.
-
June 23rd, 2005, 08:21 PM
#5
Got my stuff backwards...a PTR can only point to one name (which is what you are querying if you lookup an IP). If you were then to try to look up the name, your mileage may vary (depending on if they did multiple A records or CNAMES).
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
-
June 23rd, 2005, 08:49 PM
#6
Junior Member
Take a look at http://www.dnsstuff.com/info/revdns.htm.
If you direct your query to a dyndns.org DNS server, it should give you the dyndns.org host name for your IP because it knows the answer from its own table of entries. But any other DNS server won't know the answer, so it will go through the DNS hierarchy to find it, and that will end up pointing it to the DNS server registered for that IP address, which is going to give you the myorg.com host name.
So, I think to find any hostname other than the primary one, you'd need to know some other DNS server that has an entry for that IP...which would basically mean knowing the domain name of the full host name you're trying to find. That or querying thousands of DNS servers and hoping to find one.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|