Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
09-04-2007, 01:33 AM
|
#1
|
|
LQ Newbie
Registered: Aug 2007
Posts: 28
Rep: 
|
Basic command to resolve ip to hostname
hi!
i'm just wondering if in a shell we can do name resolving from IP address to hostname
in Windows, usually I performed:
C:\ ping -a 64.233.189.104
Pinging www.google.com [64.233.189.104] with 32 bytes of data:
Reply from 64.233.189.104: bytes=32 time=46ms TTL=245
but when I tried the same in linux shell:
$ ping -a 64.233.189.104
PING 64.233.189.104 (64.233.189.104): 56 data bytes
64 bytes from 64.233.189.104: icmp_seq=0 ttl=237 time=223.405 ms
any idea how do i get ping to resolve hostname working in linux?
appreciate your advice.. thanks! |
|
|
|
|
09-04-2007, 01:48 AM
|
#2
|
|
Guru
Registered: Aug 2004
Location: Brisbane
Distribution: Centos 6.4, Centos 5.9
Posts: 15,278
|
nslookup <ip>
|
|
|
|
|
09-04-2007, 02:17 AM
|
#3
|
|
LQ Newbie
Registered: Aug 2007
Posts: 28
Original Poster
Rep:
|
Quote:
Originally Posted by chrism01
nslookup <ip>
|
so there is no similarities to ping in Linux & windows
have to use nslookup instead? |
|
|
|
|
09-04-2007, 05:35 AM
|
#4
|
|
Senior Member
Registered: Sep 2005
Location: Out
Posts: 3,307
Rep:
|
Yep. Ping is used for checking a host, not for resolving its name.
You can also use 2 commands:
* host
* dig
|
|
|
1 members found this post helpful.
|
|
09-05-2007, 08:38 AM
|
#5
|
|
Member
Registered: Feb 2003
Location: Belgium
Distribution: Debian
Posts: 166
Rep:
|
and there is also the command resolveip (at least there is in debian)
|
|
|
|
|
09-05-2007, 08:58 AM
|
#6
|
|
Guru
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,231
Rep:
|
learn dig, it's the most versatile and useful, imho.
Code:
it-etch:~# dig -x 64.233.189.104
; <<>> DiG 9.3.4 <<>> -x 64.233.189.104
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41992
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;104.189.233.64.in-addr.arpa. IN PTR
;; ANSWER SECTION:
104.189.233.64.in-addr.arpa. 86400 IN PTR hk-in-f104.google.com.
;; Query time: 144 msec
;; SERVER: 192.168.0.25#53(192.168.0.25)
;; WHEN: Wed Sep 5 09:56:34 2007
;; MSG SIZE rcvd: 80
|
|
|
|
|
12-17-2008, 09:12 AM
|
#7
|
|
LQ Newbie
Registered: May 2006
Posts: 3
Rep: 
|
Gatcha's for dig
By the way unless your dns server has reverse dns lookup implemented dig will not get the infomation your looking for. This is quite likely the case if your using a windows server with the out of the box implementation of dns running. Up to server 2003 versions. I dont know about server 08 Im not running that one in my organization at all.
nslookup %ip address% will still resolve the hostname for you though.
I know this is an old post but I was looking for information and this page cam up. Thought others might want to know why dig has add results at times.
Hal
|
|
|
|
|
12-17-2008, 10:45 AM
|
#8
|
|
Guru
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,231
Rep:
|
If you configured DNS properly on your Windows 2K+ server it handles reverse lookups just fine. If your Windows DNS server is not handling rDNS then it's configuration is either wrong or incomplete.
The DNS server queried in my example 192.168.0.25 is a Windows 2003 Server, and it does rDNS for both internal zones and external zones.
Dig provides much better and more complete results than nslookup ever did imho.
|
|
|
|
|
12-17-2008, 07:16 PM
|
#9
|
|
LQ Newbie
Registered: Dec 2008
Posts: 2
Rep:
|
All of the solutions propsoed so far presume the answer is held in DNS. What the questioner was really asking though, is how to do the equivalent of a NETBIOS broadcast for an IP host name. Of course there a slight problem with that, i.e. there ain't no NETBIOS here! I suppose the equivalent would be...
Given an ip address which is not present in your local hosts file and is not in your DNS server's database, is there a way to query a machine for it's hostname?
That is a question I would like to know the answer to, and is the question that brought me to this thread.
--bh
|
|
|
|
|
12-17-2008, 08:40 PM
|
#10
|
|
Guru
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,231
Rep:
|
This may be a place for you to start..
nmbd(8) - Linux man page
nmbd - NetBIOS name server to provide NetBIOS over IP naming services to clients
http://linux.die.net/man/8/nmbd |
|
|
|
|
12-18-2008, 08:36 AM
|
#11
|
|
LQ Newbie
Registered: Dec 2008
Posts: 2
Rep:
|
Thanks for the nmbd reference, though it's not quite what I'm after. What I'm trying to determine is whether there is a way to do this without adding a new protocol to the mix.
It seems that the ip suite, sans NBT, does not offer anything like NBT's broadcast-based name to IP address resolution (or the reverse). Looking at nsswitch.conf seems to support this, as all proposed name resolution techniques require the use of local or server-based files.
Here's the scenario that prompted the question...
I'm in a classroom with 20+ Linux installations. All machines get addresses from a DHCP server which no one in the classroom has admin access to, and which does not register leases with a DNS server. All students are using the same root password, thereby enabling the instructor to access their machines when necessary. All machines are configured with unique host names which can be used to identify the location of the PC in the classroom, and consequently the student sitting there.
A student learns about ssh and starts messing with his classmates' machines. In the victims' machines, the ip address of the attacker is viewable in the log files, but there is no way to easily determine which machine the ip address belongs to. In this situation with no NBT and no local DNS already in place, the only way I can see to find the attacker is to use arp to determine the machine's hardware address, then go to each machine and do a PC by PC search for it.
In that scenario, is there a better (more efficient) way to find the attacker?
|
|
|
|
|
12-18-2008, 08:43 AM
|
#12
|
|
Guru
Registered: Oct 2005
Location: Willoughby, Ohio
Distribution: linuxdebian
Posts: 7,231
Rep:
|
Yes install italc on the teachers machine and then they can monitor what the students are doing.
Have the IT department implement dDNS on their network to resolve the name resolution issues,
quit handing out the root passwords for machines.
give all students a unique login.
Looks to me like the problem is being caused by the way the implementation was done, and unless you actually address the root cause you won't solve your security issues. .
That is surely less work for the IT department as opposed to repairing machines that have had their configurations 'modified' by students.
Last edited by farslayer; 12-18-2008 at 08:45 AM.
|
|
|
|
|
12-18-2008, 11:08 AM
|
#13
|
|
Senior Member
Registered: Jan 2006
Posts: 4,362
Rep:
|
You can also setup a quasi static addresses on the machines. This will mean no changes on the server end and only a minor edit to each machine's /etc/sysconfig/networking/devices/ifcfg-eth0 (assuming eth0).
|
|
|
|
|
08-29-2011, 02:25 AM
|
#14
|
|
LQ Newbie
Registered: Aug 2011
Posts: 2
Rep: 
|
Basic command to resolve ip to hostname
list of commands to gather information about the host:
#complete list of ports & macaddress
nmap -v 10.10.10.5
nmap -sP 10.10.10.5
# ms-info 
smbclient -L 10.10.10.5
....Usually lack information .. |
|
|
|
|
08-29-2011, 07:22 PM
|
#15
|
|
Guru
Registered: Mar 2008
Posts: 8,724
|
Get out of the habit of using ping for anything is my vote.
The above help needs to be viewed as two parts basically. One is the normal Fully Qualified Domain Name and the other help is for MS client names. There are also other names that have ways to resolve depending on what you need.
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 07:25 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
