Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
By the way unless your dns server has reverse dns lookup implemented dig will not get the infomation your looking for. This is quite likely the case if your using a windows server with the out of the box implementation of dns running. Up to server 2003 versions. I dont know about server 08 Im not running that one in my organization at all.
nslookup %ip address% will still resolve the hostname for you though.
I know this is an old post but I was looking for information and this page cam up. Thought others might want to know why dig has add results at times.
All of the solutions propsoed so far presume the answer is held in DNS. What the questioner was really asking though, is how to do the equivalent of a NETBIOS broadcast for an IP host name. Of course there a slight problem with that, i.e. there ain't no NETBIOS here! I suppose the equivalent would be...
Given an ip address which is not present in your local hosts file and is not in your DNS server's database, is there a way to query a machine for it's hostname?
That is a question I would like to know the answer to, and is the question that brought me to this thread.
Thanks for the nmbd reference, though it's not quite what I'm after. What I'm trying to determine is whether there is a way to do this without adding a new protocol to the mix.
It seems that the ip suite, sans NBT, does not offer anything like NBT's broadcast-based name to IP address resolution (or the reverse). Looking at nsswitch.conf seems to support this, as all proposed name resolution techniques require the use of local or server-based files.
Here's the scenario that prompted the question...
I'm in a classroom with 20+ Linux installations. All machines get addresses from a DHCP server which no one in the classroom has admin access to, and which does not register leases with a DNS server. All students are using the same root password, thereby enabling the instructor to access their machines when necessary. All machines are configured with unique host names which can be used to identify the location of the PC in the classroom, and consequently the student sitting there.
A student learns about ssh and starts messing with his classmates' machines. In the victims' machines, the ip address of the attacker is viewable in the log files, but there is no way to easily determine which machine the ip address belongs to. In this situation with no NBT and no local DNS already in place, the only way I can see to find the attacker is to use arp to determine the machine's hardware address, then go to each machine and do a PC by PC search for it.
In that scenario, is there a better (more efficient) way to find the attacker?
You can also setup a quasi static addresses on the machines. This will mean no changes on the server end and only a minor edit to each machine's /etc/sysconfig/networking/devices/ifcfg-eth0 (assuming eth0).
Get out of the habit of using ping for anything is my vote.
The above help needs to be viewed as two parts basically. One is the normal Fully Qualified Domain Name and the other help is for MS client names. There are also other names that have ways to resolve depending on what you need.