I know it is possible to resolve IP addresses to host names but can IPs be resolved to domain names?
Add a comment
|
7 Answers
Yes, you can (sometimes) resolve an IP Address back to a hostname.
Within DNS, an IP Address can be stored against a PTR record. You can use nslookup to resolve both hostnames and IP addresses, though use of nslookup has been deprecated for quite some time.
For best results, you should really get a hold of the dig tool. If you're a linux user, this is available as part of dnsutils (debian), or similar package. If you're a windows user, you can follow instructions such as these to install dig.
You can then do:
dig A <hostname>
To lookup the IPv4 address for a host, or:
dig AAAA <hostname>
To lookup the IPv6 address for a host, or:
dig PTR ZZZ.YYY.XXX.WWW.in-addr.arpa.
To lookup the hostname for IPv4 address WWW.XXX.YYY.ZZZ (note the octets are reversed), or:
dig PTR b.a.9.8.7.6.5.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.
To get the hostname for the IPv6 address 2001:db8::567:89ab.
-
4Just figured it'd be good to mention: When you ask a DNS server to resolve an IP to a hostname, the technical name for it is a reverse lookup.LawrenceC– LawrenceC2011-07-27 11:12:15 +00:00Commented Jul 27, 2011 at 11:12
-
Indeed - the reverse lookup is achieved via a
PTRResource Record, PTR being shorthand forpointer.Mike Insch– Mike Insch2011-07-27 11:18:23 +00:00Commented Jul 27, 2011 at 11:18 -
6What's wrong with
dig -x <ipaddress>? On my Linux system, it speaks both IPv4 and IPv6.dig -x 169.254.0.1anddig -x fe80::1.user– user2011-07-27 11:22:13 +00:00Commented Jul 27, 2011 at 11:22 -
1@hyperslug, ping's
-aoption is listed asResolve addresses to hostnameson Win7 at least, so I don't see why it wouldn't work. However,nslookupor even betterdigare actually meant for things like this.Pingisn't.user– user2011-07-28 06:26:45 +00:00Commented Jul 28, 2011 at 6:26 -
1@TheLQ: I quote from the BIND 9.4 Administrators Reference Manual, "Due to its arcane user interface and frequently inconsistent behavior, we do not recommend the use of nslookup. Use dig instead.". In many cases, use of
nslookupalso results in "nslookupis deprecated and may be removed from future releases. Consider using thedigorhostprograms instead". Google could easily have informed you of this had you cared to look.Mike Insch– Mike Insch2011-08-01 17:15:24 +00:00Commented Aug 1, 2011 at 17:15
nslookup <ipaddress> or nslookup <hostname>
You can use nslookup, dig, or other network tool to possibly get a domain name for an IP address, but it's not necessarily going to be the one you're expecting.
Unlike normal DNS lookups, where many names can resolve to a single IP address, reverse DNS lookups can only resolve to a single name, and that's handled by whomever controls the reverse DNS information for the IP block in question. Nobody else can set up a PTR record on a random IP address block. This is in contrast to "normal" DNS lookups, where anyone can set up a domain name and create A records pointing at whatever IP addresses they'd like.
This ServerFault question has a bit more info on this topic.
My point is that just because you can do it doesn't mean that you'll get what you're expecting or that it will be useful.
-
2+1: This had to be said. Often for well-known internet sites where the
Arecord and thePTRrecord are both under control of the same person, thePTRrecord still refers to some internal machine name. ThePTRrecord may also be nonexistant, for example if you try todig www.google.comthendig -xone of the IP addresses thatwww.google.commaps to.Ken Bloom– Ken Bloom2011-07-27 14:03:41 +00:00Commented Jul 27, 2011 at 14:03 -
It should be said that a common situation is shared servers, where the reverse lookup will be the domain assigned by whatever company owns the server. Or, for shared IPs, whatever company owns the ISP. for example, if you do a reverse lookup on a website's IP, you might get something odd like "host123.somecompany.com". You're probably seeing a shared server. If you do a reverse on a random IP, you might see something like "c-12-34-56-78.hsd1.or.comcast.net". This is an IP belonging to comcast.net, an ISP, so it must be some random home user.jcrawfordor– jcrawfordor2011-08-16 07:57:32 +00:00Commented Aug 16, 2011 at 7:57
-
There is no technical limit on how many PTR records a single IP address can resolve to; the one PTR is just a convention (also security/privacy reasons).grawity– grawity2011-08-21 20:35:02 +00:00Commented Aug 21, 2011 at 20:35
dig has the -x addr option:
Reverse lookups -- mapping addresses to names -- are simplified by the
-xoption.addris an IPv4 address in dotted-decimal notation, or a colon-delimited IPv6 address. When this option is used, there is no need to provide thename,classandtypearguments
For example:
dig -x 82.165.8.211
As an aside: the IP address was in the journalctl log of an ARTIK 710 dev board, and I thought it had been hacked. I couldn't remember the dig option to do this without using the tedious PTR method, but then I saw Michael's comment.
And the manpage for dig just mentions it in passing; I didn't even notice it until I found the answer here and went back and searched for it.
p.s. the address resolved to ipv4.connman.net, and then I found it; I wasn't hacked.
[root@artik ~]# grep -r '\<ipv4.connman.net\>' /etc /usr/bin /usr/sbin
Binary file /usr/sbin/connmand matches
the log entries that caused concern were:
Jul 15 04:41:11 artik connmand[1870]: wlan0 {add} route 82.165.8.211 gw 192.168.251.1 scope 0 <UNIVERSE>
Jul 15 04:41:12 artik connmand[1870]: wlan0 {del} route 82.165.8.211 gw 192.168.251.1 scope 0 <UNIVERSE>
Another way to "resolve" IP-addresses to hostnames is possible using the bing search engine. If the host runs a public webserver and some sites served by the host are indexed, you can query it using the ip: prefix.
Just enter ip:64.34.119.12 into the search form to get a list of hostnames behind that ip.
How about host? I use it on a daily basis at work
#host speakeasy.net
speakeasy.net has address 69.17.117.156
speakeasy.net mail is handled by 5 mx.speakeasy.net.
speakeasy.net mail is handled by 10 mx01.speakeasy.net.
speakeasy.net mail is handled by 15 mx02.speakeasy.net.
#host 69.17.117.156
156.117.17.69.in-addr.arpa domain name pointer www.speakeasy.net.
-
But this is for Linux.Boris_yo– Boris_yo2011-09-06 17:56:30 +00:00Commented Sep 6, 2011 at 17:56
-
@boris_yo, here is one for windows: softpedia.com/get/Network-Tools/Misc-Networking-Tools/… - I know there is a better one out there, I just need to find it.MaQleod– MaQleod2011-09-06 18:21:44 +00:00Commented Sep 6, 2011 at 18:21
You can get the host name either IPv4 or IPv6 address by making use of the gethostbyaddr() function in sockets.
Link: https://beej.us/guide/bgnet/html/multi/gethostbynameman.html
Regards,
SSuman185
