Wireshark display filter reverse dns6/11/2023 ![]() ![]() >HEADER<<- opcode: QUERY, status: NOERROR, id: 36351 The final DNS lookup utility is called dig – a flexible tool for interrogating DNS name servers. Is it too complicated? Fret not! There is another simpler way to do it using nslookup! Here you go:Īnother DNS lookup utility commonly found in UNIX and Linux is the host utility.Ĥ.4.8.8.in-addr.arpa domain name pointer. The nslookup command is available in UNIX, Linux and Windows.Ĥ.4.8.8.in-addr.arpa name =. The first way is by using nslookup, a DNS query tool. Now, let’s look at ways to perform reverse DNS lookups. Now we have the necessary info to perform reverse DNS lookup. ![]() So if the IP address is 8.8.4.4, then the query becomes 4.4.8.8.in-addr.arpa“ in-addr.arpa is added to the end of the IP address. The IP address is first reversed and the string.While trying to get the DNS name of the IP address of 8.8.4.4 (one of Google’s public DNS servers), I performed a packet capture.Īfter some reading up, I managed to find out how reverse DNS lookup or reverse IP lookup works. To find out, I decided to analyse the DNS lookup query by using Wireshark, a network protocol analyzer. I had no clue how the reverse DNS query was performed by the ping command. Minimum = 22ms, Maximum = 31ms, Average = 25ms Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Īpproximate round trip times in milli-seconds: I am not a DNS guru, but I do know that the ping command in Windows can be used to resolve IP addresses to hostnames by using the -a option. Everyone knows that DNS is used to translate hostnames to IP addresses, but do you know that DNS can also be used to retrieve the domain name when the IP address is known?
0 Comments
Leave a Reply. |