D
DevynCJohnson
Guest
When testing servers, websites, networks, etc., some developers and administrators need to get some piece of information about a server or network node. Linux has many commands available that can be used to gather various network-node data or test remote nodes and verify that they have the correct information.
host
To know the IP-address (both version 4 and 6) of a domain-name and vice-versa, type "host DOMAIN" or "host IP_ADDRESS", respectively. Use the "-v" flag to get additional (verbose) output. For instance, the authoritative name servers for the particular remote host can be viewed. Using the "-C" flag (host -C dcjtech.info) reveals the Start of Authority (SOA) records. An example SOA record is seen below.
Each of the seven fields has a special meaning.
primary name server for the domain
responsible party for the domain
domain update timestamp
number of seconds before the zone should be refreshed
number of seconds before a failed refresh should be retried
upper limit in seconds until a zone is no longer considered authoritative
negative result TTL for subdomains
nslookup
Typing "nslookup DOMAIN" returns the IP-address of the specified domain (under "Non-authoritative answer") and where the information originated (i.e. the DNS server's IP-address). Typing an IP-address rather than a domain-name acts as a reverse-domain-lookup by returning the domain-name. The command "nslookup -query=ns DOMAIN" is the same as "nslookup DOMAIN". The command returns what is known as the "Name Server record".
"nslookup" can also be used to get the Mail Exchange (MX) record. This record indicates where emails are sent and received for the specified domain-name or IP-address. For illustration, to know where "@gmail.com" addresses are sent and received, type "nslookup -query=mx gmail.com" to see something like the below output.
To get the Start of Authority (SOA) record, type "nslookup -type=soa DOMAIN". This command returns some of the information seen in "host -C dcjtech.info".
To find all or any DNS record for a particular domain or IP-address, type "nslookup -query=any HOST".
NOTE: "Authoritative Answer" is displayed if the DNS server has the whole zone-file, and "Non-Authoritative Answer" is shown if the DNS server uses a cached zone-file that may not be complete.
dig
The "dig" command is similar (or the same) to many of the previously mentioned commands. However, "dig" returns information that most users will not need (such as version info, query time, etc.). In other words, "dig" is verbose by default. To perform a simple domain-name lookup, type "dig +short DOMAIN".
The "dig" command can get other records just like nslookup.
To get information by IP-address using "dig", include the "-x" flag after "dig" and place all flags with a plus-sign (+) after the IP-address. For example, to do a reverse-domain-name-lookup, type "dig -x IP_ADDRESS +short".
traceroute
The "traceroute" command traces the connection path between the client (where "traceroute" executed) and the specified remote host. "traceroute" requires Root privileges, so login as Root or use "sudo" to execute traceroute commands.
ping
The "ping" command can be used to send a ping (or multiple pings) to the specified host. Type "ping -c 5 HOST" to send five pings to the desired host.
whois
The "whois" command allows people to get a lot of information about a domain name. Such information includes the phone number, fax number, address, email address, and name of the registrant, admin, technician, and bill-payer of the domain name. For instance, execute "whois dcjtech.info" in a terminal to see the contact information and address of the owner of DCJTech.
Further Reading
host
To know the IP-address (both version 4 and 6) of a domain-name and vice-versa, type "host DOMAIN" or "host IP_ADDRESS", respectively. Use the "-v" flag to get additional (verbose) output. For instance, the authoritative name servers for the particular remote host can be viewed. Using the "-C" flag (host -C dcjtech.info) reveals the Start of Authority (SOA) records. An example SOA record is seen below.
Code:
ns25.domaincontrol.com. dns.jomax.net. 2015062500 28800 7200 604800 600primary name server for the domain
responsible party for the domain
domain update timestamp
number of seconds before the zone should be refreshed
number of seconds before a failed refresh should be retried
upper limit in seconds until a zone is no longer considered authoritative
negative result TTL for subdomains
nslookup
Typing "nslookup DOMAIN" returns the IP-address of the specified domain (under "Non-authoritative answer") and where the information originated (i.e. the DNS server's IP-address). Typing an IP-address rather than a domain-name acts as a reverse-domain-lookup by returning the domain-name. The command "nslookup -query=ns DOMAIN" is the same as "nslookup DOMAIN". The command returns what is known as the "Name Server record".
"nslookup" can also be used to get the Mail Exchange (MX) record. This record indicates where emails are sent and received for the specified domain-name or IP-address. For illustration, to know where "@gmail.com" addresses are sent and received, type "nslookup -query=mx gmail.com" to see something like the below output.
Code:
Non-authoritative answer:
gmail.com mail exchanger = 5 gmail-smtp-in.l.google.com.
gmail.com mail exchanger = 10 alt1.gmail-smtp-in.l.google.com.
gmail.com mail exchanger = 30 alt3.gmail-smtp-in.l.google.com.
gmail.com mail exchanger = 40 alt4.gmail-smtp-in.l.google.com.
gmail.com mail exchanger = 20 alt2.gmail-smtp-in.l.google.com.To get the Start of Authority (SOA) record, type "nslookup -type=soa DOMAIN". This command returns some of the information seen in "host -C dcjtech.info".
To find all or any DNS record for a particular domain or IP-address, type "nslookup -query=any HOST".
NOTE: "Authoritative Answer" is displayed if the DNS server has the whole zone-file, and "Non-Authoritative Answer" is shown if the DNS server uses a cached zone-file that may not be complete.
dig
The "dig" command is similar (or the same) to many of the previously mentioned commands. However, "dig" returns information that most users will not need (such as version info, query time, etc.). In other words, "dig" is verbose by default. To perform a simple domain-name lookup, type "dig +short DOMAIN".
The "dig" command can get other records just like nslookup.
- Answer - dig +nocomments +noquestion +noauthority +noadditional +nostats DOMAIN
- Any Record - dig ANY +noall +answer DOMAIN
- Mail Exchange (MX) - dig +short MX DOMAIN
- Start of Authority (SOA) - dig +short SOA DOMAIN
- TTL - dig +short TTL DOMAIN
To get information by IP-address using "dig", include the "-x" flag after "dig" and place all flags with a plus-sign (+) after the IP-address. For example, to do a reverse-domain-name-lookup, type "dig -x IP_ADDRESS +short".
traceroute
The "traceroute" command traces the connection path between the client (where "traceroute" executed) and the specified remote host. "traceroute" requires Root privileges, so login as Root or use "sudo" to execute traceroute commands.
- To trace the path using ICMP Probes - "traceroute -I HOST"
- To trace the path using TCP SYN Probes - "traceroute -T HOST"
- To trace the path using DCCP Request packets as probes - "traceroute -D HOST"
ping
The "ping" command can be used to send a ping (or multiple pings) to the specified host. Type "ping -c 5 HOST" to send five pings to the desired host.
whois
The "whois" command allows people to get a lot of information about a domain name. Such information includes the phone number, fax number, address, email address, and name of the registrant, admin, technician, and bill-payer of the domain name. For instance, execute "whois dcjtech.info" in a terminal to see the contact information and address of the owner of DCJTech.
Further Reading
- Official Linux.org Reading Guide/Index - http://www.linux.org/threads/reading-guides-indexes.6034/
- Cryptography Reading Guide - http://www.linux.org/threads/cryptography-reading-guide.6231/
