Internet Address Tools
Three tools play essential roles in helping us query the databases
and names and numbers as well as explore the structure of the network
around those machines. dig , whois, and traceroute are all included in standard Unix
and Mac OS X distributions. Windows users will find variants of all of
these, available for free or as shareware. Unfortunately there are so
many of these that it is hard to make any specific recommendations. Look
them up on your favorite search engine and try a few of them out. Web
page interfaces to the tools can also be found on a number of
sites.
dig
dig (domain information
groper) is a DNS lookup utility that I will use extensively in the course of this book.
dig can help you find the IP
address for a given hostname and the hostname, if any, for a given IP
address.
You may already be familiar with a similar tool called nslookup . A precursor of dig, its use is now discouraged, even though
it is still included in most Unix distributions. The same applies to
host, which is also widely
available. You may find that you prefer the command syntax or output
format of one tool over another. I am only going to describe dig in detail here.
Hostname lookups
In its simplest form, dig
will get the IP address for the supplied hostname. Here is a typical
example:
1 % dig www.craic.com 2 ; <<>> DiG 9.2.3 <<>> www.craic.com 3 ;; global options: printcmd 4 ;; Got answer: 5 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57325 6 ;; flags: qr rd ra; QUERY: ...Get Internet Forensics now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
