Often when I want to find a domain or country of origin based on an IP, or find such kinds of information based on a domain name, I'll use a handy little website called DNSgoodies, but it occurs to me that on a typical Linux system there are already commands available to provide such information as it is available from the DNS servers being used (and that's assuming there isn't a well-informed DNS service running on the local system, which makes it even easier or less network-intensive to perform such a query locally.)
The good old command "nslookup" is usually available in Linux as well as in Windows, though it's much more useful for finding the IP address based on a known domain name, or for testing whether or not DNS-lookup functions are working properly, and less useful for finding information about a domain or origin based on a known IP address (at least as far as I know.)
One command for doing it the other way, e.g. for finding an unknown domain name from a known IP address, is simply "host." Host works both ways, it can provide an IP from an inputted name, or it can provide a name from an inputted IP. Typing a command such as the following should return a relevant domain name:
host 98.138.252.30
It returns something with:
ir2.fp.vip.ne1.yahoo.com
I found that IP address with the command:
nslookup www.yahoo.com
Another command that can be used this way is "dig," commonly used with an "-x" switch and sometimes with some switches to shorten the results etc. like "+noall" and "+answer" as well, like so:
dig +noall +answer -x 98.138.252.30
To be honest I'm not entirely clear on all of the subtle differences between all these commands nor about the exact meanings of all the possible information they provide, at this time, but for my purposes it's good enough info to make note of.
No comments:
Post a Comment