Using nslookup in Java

3.8.2 Using nslookup
nslookup is a program for querying the Domain Name Service (DNS). The name service provides a mapping or relationship between Internet numbers and Internet names, and contains useful information about domains: both our own and others. The first thing we need to know is the domain name. This is the suffix part of the internet names for the network. For instance, suppose our domain is called example . org. Hosts in this domain have names like hostname . example . org. If you don't know your DNS domain name, it can probably be found by looking at the file /etc/r esolv. conf on Unix hosts. For instance: b o r g % m o r e / e t c / r e s o l v . conf domain e x a m p l e . o r g nameserver nameserver nameserver 1 9 2 . 0 . 2 . 2 4 4 Also, most UNIX systems have a command called domainname. This prints the name of the local Network Information Service (NIS) domain, which is not the same thing as the DNS domain name (though, in practice, many sites would use the same name for both). Do not confuse the output of this command with the DNS domain name. Once we know the domain name, we can find out the hosts which are registered in your domain by running the name service lookup program ns lookup , or dig. borg% nslookup Default Server: Address: nslookup always prints the name and address of the server from which it obtains its information. Then we get a new prompt > for typing commands. Typing help provides a list of the commands which nslookup understands. hostname/IP lookup Type the name of a host or Internet (IP) address and nslookup returns the equivalent translation. For example:
Networked Communities
dax% nslookup Default Server: Address: > Server: Address: Name: Address: > Server: Address: Name: Address: In this example we look up the Internet address of the host called www. gnu . o r g and the name of the host which has Internet address In both cases, the default server is the name server mother . example . o r g which has Internet address 192 . 0 . 2 .10. Note that the default server is the first server listed in the file /etc/resolv.conf which answers for queries on starting nslookup . Special Information The domain name service identifies certain special hosts which perform services like the name service itself and mail-handlers (called mail exchangers). These servers are identified by special records so that people outside of a given domain can find out about them. After all, the mail service in one domain needs to know how to send mail to a neighbouring domain. It also needs to know how to find out the names and addresses of hosts for which it does not keep information personally. We can use ns lookup to extract this information by setting the 'query type' of a request. For instance, to find out about the mail exchangers in a domain we write > set q=mx > domain name For example > set q=mx > Server: Address: Non-authoritative answer: preference = 0, mail exchanger = Authoritative answers can be found from: nameserver nameserver = internet address = internet address =
Network Analysis
Here we see that the only mail server for otherdomain. org is m e r c u r y , Another example, is to obtain information about the name servers in a domain. This will allow us to find out information about hosts which is not contained in our local database (see section 3.8.2). To get this, we set the query-type to ns: > set q=ns > Server: Address: N o n - a u t h o r i t a t i v e answer: nameserver = d e l i l a h . o t h e r d o m a i n . o r g nameserver = m e r c u r y . o t h e r d o m a i n . o r g A u t h o r i t a t i v e answers can be found f r o m : d e l i l a h . o t h e r d o m a i n . o r g internet address = 1 9 2 . 0 . 2 . 7 8 internet address = 1 9 2 . 0 . 2 . 8 0 > Here we see that there are two authoritative name servers for this domain, called delilah. otherdomain. org and m e r c u r y , otherdomain. org. Finally, if we set the query type to 'any', we get a summary of all this information. Listing Hosts Belonging to a Domain To list every registered Internet address and hostname for a given domain one can use the Is command inside nslookup . For instance > Is e x a m p l e . o r g [] pc61 pc59 pc59 pc196 etc...
server = m o t h e r . e x a m p l e . o r g server = m e r c u r y . o t h e r d o m a i n . o r g
Newer name servers can restrict access to prevent others from obtaining this list all in one go, since it is now considered a potential security hazard. First, the name servers are listed and then the host names and corresponding IP addresses are listed. If we try to look up hosts in a domain for 'which the default name server has no information, we get an error message. For example, suppose we try to list the names of the hosts in the domain over ours: > Is [] *** Can't list domain Query refused > This does not mean that it is not possible to get information about other domains, only that we cannot find out information about other domains from the local server (see section 3-8.2).
