LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 09-04-2007, 01:33 AM   #1
daemonkl
LQ Newbie
 
Registered: Aug 2007
Posts: 28

Rep: Reputation: 15
Basic command to resolve ip to hostname


hi!

i'm just wondering if in a shell we can do name resolving from IP address to hostname

in Windows, usually I performed:

C:\ ping -a 64.233.189.104
Pinging www.google.com [64.233.189.104] with 32 bytes of data:
Reply from 64.233.189.104: bytes=32 time=46ms TTL=245

but when I tried the same in linux shell:

$ ping -a 64.233.189.104
PING 64.233.189.104 (64.233.189.104): 56 data bytes
64 bytes from 64.233.189.104: icmp_seq=0 ttl=237 time=223.405 ms

any idea how do i get ping to resolve hostname working in linux?

appreciate your advice.. thanks!
 
Old 09-04-2007, 01:48 AM   #2
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,261

Rep: Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028
nslookup <ip>
 
Old 09-04-2007, 02:17 AM   #3
daemonkl
LQ Newbie
 
Registered: Aug 2007
Posts: 28

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by chrism01 View Post
nslookup <ip>
so there is no similarities to ping in Linux & windows
have to use nslookup instead?
 
Old 09-04-2007, 05:35 AM   #4
nx5000
Senior Member
 
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 52
Yep. Ping is used for checking a host, not for resolving its name.
You can also use 2 commands:
* host
* dig
 
1 members found this post helpful.
Old 09-05-2007, 08:38 AM   #5
restless
Member
 
Registered: Feb 2003
Location: Belgium
Distribution: Debian
Posts: 166

Rep: Reputation: 31
and there is also the command resolveip (at least there is in debian)
 
Old 09-05-2007, 08:58 AM   #6
farslayer
Guru
 
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,231
Blog Entries: 5

Rep: Reputation: 189Reputation: 189
learn dig, it's the most versatile and useful, imho.

Code:
it-etch:~# dig -x 64.233.189.104

; <<>> DiG 9.3.4 <<>> -x 64.233.189.104
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41992
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;104.189.233.64.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
104.189.233.64.in-addr.arpa. 86400 IN   PTR     hk-in-f104.google.com.

;; Query time: 144 msec
;; SERVER: 192.168.0.25#53(192.168.0.25)
;; WHEN: Wed Sep  5 09:56:34 2007
;; MSG SIZE  rcvd: 80
 
Old 12-17-2008, 09:12 AM   #7
halbert5150
LQ Newbie
 
Registered: May 2006
Posts: 3

Rep: Reputation: 0
Gatcha's for dig

By the way unless your dns server has reverse dns lookup implemented dig will not get the infomation your looking for. This is quite likely the case if your using a windows server with the out of the box implementation of dns running. Up to server 2003 versions. I dont know about server 08 Im not running that one in my organization at all.

nslookup %ip address% will still resolve the hostname for you though.

I know this is an old post but I was looking for information and this page cam up. Thought others might want to know why dig has add results at times.

Hal
 
Old 12-17-2008, 10:45 AM   #8
farslayer
Guru
 
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,231
Blog Entries: 5

Rep: Reputation: 189Reputation: 189
If you configured DNS properly on your Windows 2K+ server it handles reverse lookups just fine. If your Windows DNS server is not handling rDNS then it's configuration is either wrong or incomplete.

The DNS server queried in my example 192.168.0.25 is a Windows 2003 Server, and it does rDNS for both internal zones and external zones.

Dig provides much better and more complete results than nslookup ever did imho.
 
Old 12-17-2008, 07:16 PM   #9
bit_head
LQ Newbie
 
Registered: Dec 2008
Posts: 4

Rep: Reputation: 0
All of the solutions propsoed so far presume the answer is held in DNS. What the questioner was really asking though, is how to do the equivalent of a NETBIOS broadcast for an IP host name. Of course there a slight problem with that, i.e. there ain't no NETBIOS here! I suppose the equivalent would be...

Given an ip address which is not present in your local hosts file and is not in your DNS server's database, is there a way to query a machine for it's hostname?

That is a question I would like to know the answer to, and is the question that brought me to this thread.

--bh
 
Old 12-17-2008, 08:40 PM   #10
farslayer
Guru
 
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,231
Blog Entries: 5

Rep: Reputation: 189Reputation: 189
This may be a place for you to start..


nmbd(8) - Linux man page

nmbd - NetBIOS name server to provide NetBIOS over IP naming services to clients

http://linux.die.net/man/8/nmbd
 
Old 12-18-2008, 08:36 AM   #11
bit_head
LQ Newbie
 
Registered: Dec 2008
Posts: 4

Rep: Reputation: 0
Thanks for the nmbd reference, though it's not quite what I'm after. What I'm trying to determine is whether there is a way to do this without adding a new protocol to the mix.

It seems that the ip suite, sans NBT, does not offer anything like NBT's broadcast-based name to IP address resolution (or the reverse). Looking at nsswitch.conf seems to support this, as all proposed name resolution techniques require the use of local or server-based files.

Here's the scenario that prompted the question...

I'm in a classroom with 20+ Linux installations. All machines get addresses from a DHCP server which no one in the classroom has admin access to, and which does not register leases with a DNS server. All students are using the same root password, thereby enabling the instructor to access their machines when necessary. All machines are configured with unique host names which can be used to identify the location of the PC in the classroom, and consequently the student sitting there.

A student learns about ssh and starts messing with his classmates' machines. In the victims' machines, the ip address of the attacker is viewable in the log files, but there is no way to easily determine which machine the ip address belongs to. In this situation with no NBT and no local DNS already in place, the only way I can see to find the attacker is to use arp to determine the machine's hardware address, then go to each machine and do a PC by PC search for it.

In that scenario, is there a better (more efficient) way to find the attacker?
 
Old 12-18-2008, 08:43 AM   #12
farslayer
Guru
 
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,231
Blog Entries: 5

Rep: Reputation: 189Reputation: 189
Yes install italc on the teachers machine and then they can monitor what the students are doing.

Have the IT department implement dDNS on their network to resolve the name resolution issues,
quit handing out the root passwords for machines.
give all students a unique login.

Looks to me like the problem is being caused by the way the implementation was done, and unless you actually address the root cause you won't solve your security issues. .

That is surely less work for the IT department as opposed to repairing machines that have had their configurations 'modified' by students.

Last edited by farslayer; 12-18-2008 at 08:45 AM.
 
Old 12-18-2008, 11:08 AM   #13
lazlow
Senior Member
 
Registered: Jan 2006
Posts: 4,362

Rep: Reputation: 171Reputation: 171
You can also setup a quasi static addresses on the machines. This will mean no changes on the server end and only a minor edit to each machine's /etc/sysconfig/networking/devices/ifcfg-eth0 (assuming eth0).
 
Old 08-29-2011, 02:25 AM   #14
Freedeveloper
LQ Newbie
 
Registered: Aug 2011
Posts: 2

Rep: Reputation: Disabled
Basic command to resolve ip to hostname

list of commands to gather information about the host:
#complete list of ports & macaddress
nmap -v 10.10.10.5
nmap -sP 10.10.10.5
# ms-info
smbclient -L 10.10.10.5
....Usually lack information ..
 
Old 08-29-2011, 07:22 PM   #15
jefro
Guru
 
Registered: Mar 2008
Posts: 11,416

Rep: Reputation: 1398Reputation: 1398Reputation: 1398Reputation: 1398Reputation: 1398Reputation: 1398Reputation: 1398Reputation: 1398Reputation: 1398Reputation: 1398
Get out of the habit of using ping for anything is my vote.

The above help needs to be viewed as two parts basically. One is the normal Fully Qualified Domain Name and the other help is for MS client names. There are also other names that have ways to resolve depending on what you need.
 
  


Reply

Tags
command, dig, host, nslookup, ping


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
resolve hostname linuxtesting2 Solaris / OpenSolaris 5 03-20-2007 12:27 AM
A script to thoroughly resolve a hostname into IP addresses ahz10 Programming 1 08-23-2006 04:40 PM
Unable to resolve hostname adirock2 Linux - Networking 14 07-06-2005 02:08 AM
windows does not resolve linux hostname abrb220 Linux - Networking 6 05-18-2004 04:11 AM
Cannot resolve hostname problem for IglooFTP smc_one Linux - Networking 0 08-18-2003 10:33 AM


All times are GMT -5. The time now is 06:53 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration