nslookup
servername (if you can remotely log on to another name server)
set type=any
set d2 //super verbose
set all //show what options are set
yahoo.com //shows requests, responses: all records & ip addresses
?
ls -d domainname //simulates a zone transfer - needs authentication/permission
/**********************************************************/
C:\>nslookup -q=mx google.com
Server:
Address: 10.0.0.2
Non-authoritative answer:
google.com MX preference = 10, mail exchanger = smtp2.google.com
google.com MX preference = 10, mail exchanger = smtp3.google.com
google.com MX preference = 10, mail exchanger = smtp4.google.com
smtp3.google.com internet address = 64.233.183.25
smtp4.google.com internet address = 72.14.215.25
smtp2.google.com internet address = 64.233.167.25
/**********************************************************/
nslookup -q=mx domainquery servertouserforquery
C:\>nslookup
Default Server:
Address: 10.0.0.2
> ?
Commands: (identifiers are shown in uppercase, [] means optional)
NAME - print info about the host/domain NAME using default server
NAME1 NAME2 - as above, but use NAME2 as server
help or ? - print info on common commands
set OPTION - set an option
all - print options, current server and host
[no]debug - print debugging information
[no]d2 - print exhaustive debugging information
[no]defname - append domain name to each query
[no]recurse - ask for recursive answer to query
[no]search - use domain search list
[no]vc - always use a virtual circuit
domain=NAME - set default domain name to NAME
srchlist=N1[/N2/.../N6] - set domain to N1 and search list to N1,N2, etc.
root=NAME - set root server to NAME
retry=X - set number of retries to X
timeout=X - set initial time-out interval to X seconds
type=X - set query type (ex. A,ANY,CNAME,MX,NS,PTR,SOA,SRV)
querytype=X - same as type
class=X - set query class (ex. IN (Internet), ANY)
[no]msxfr - use MS fast zone transfer
ixfrver=X - current version to use in IXFR transfer request
server NAME - set default server to NAME, using current default server
lserver NAME - set default server to NAME, using initial server
finger [USER] - finger the optional NAME at the current default host
root - set current default server to the root
ls [opt] DOMAIN [> FILE] - list addresses in DOMAIN (optional: output to FILE)
-a - list canonical names and aliases
-d - list all records
-t TYPE - list records of the given type (e.g. A,CNAME,MX,NS,PTR etc.)
view FILE - sort an 'ls' output file and view it with pg
exit - exit the program
/**********************************************************/
C:\>nslookup
> set type=any
> google.com
Server:
Address: 10.0.0.2
Non-authoritative answer:
google.com internet address = 64.233.187.99
google.com internet address = 64.233.167.99
google.com internet address = 72.14.207.99
google.com nameserver = ns4.google.com
google.com nameserver = ns1.google.com
google.com nameserver = ns2.google.com
google.com nameserver = ns3.google.com
google.com MX preference = 10, mail exchanger = smtp3.google.com
google.com MX preference = 10, mail exchanger = smtp4.google.com
google.com MX preference = 10, mail exchanger = smtp2.google.com
ns1.google.com internet address = 216.239.32.10
ns2.google.com internet address = 216.239.34.10
ns3.google.com internet address = 216.239.36.10
ns4.google.com internet address = 216.239.38.10
smtp4.google.com internet address = 72.14.215.25
/**********************************************************/
C:\>nslookup
> set type=mx
> set d2
> google.com
Server:
Address: 10.0.0.2
------------
SendRequest(), len 50
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
google.com.WilliamsCollege.local, type = MX, class = IN
------------
------------
Got answer (125 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
google.com.WilliamsCollege.local, type = MX, class = IN
AUTHORITY RECORDS:
-> (root)
type = SOA, class = IN, dlen = 64
ttl = 10800 (3 hours)
primary name server = A.ROOT-SERVERS.NET
responsible mail addr = NSTLD.VERISIGN-GRS.COM
serial = 2008020701
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 86400 (1 day)
------------
------------
SendRequest(), len 28
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
google.com, type = MX, class = IN
------------
------------
Got answer (142 bytes):
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 3, authority records = 0, additional = 3
QUESTIONS:
google.com, type = MX, class = IN
ANSWERS:
-> google.com
type = MX, class = IN, dlen = 10
MX preference = 10, mail exchanger = smtp3.google.com
ttl = 2919 (48 mins 39 secs)
-> google.com
type = MX, class = IN, dlen = 10
MX preference = 10, mail exchanger = smtp4.google.com
ttl = 2919 (48 mins 39 secs)
-> google.com
type = MX, class = IN, dlen = 10
MX preference = 10, mail exchanger = smtp2.google.com
ttl = 2919 (48 mins 39 secs)
ADDITIONAL RECORDS:
-> smtp4.google.com
type = A, class = IN, dlen = 4
internet address = 72.14.215.25
ttl = 3454 (57 mins 34 secs)
-> smtp2.google.com
type = A, class = IN, dlen = 4
internet address = 64.233.167.25
ttl = 3598 (59 mins 58 secs)
-> smtp3.google.com
type = A, class = IN, dlen = 4
internet address = 64.233.183.25
ttl = 3527 (58 mins 47 secs)
------------
Non-authoritative answer:
google.com
type = MX, class = IN, dlen = 10
MX preference = 10, mail exchanger = smtp3.google.com
ttl = 2919 (48 mins 39 secs)
google.com
type = MX, class = IN, dlen = 10
MX preference = 10, mail exchanger = smtp4.google.com
ttl = 2919 (48 mins 39 secs)
google.com
type = MX, class = IN, dlen = 10
MX preference = 10, mail exchanger = smtp2.google.com
ttl = 2919 (48 mins 39 secs)
smtp4.google.com
type = A, class = IN, dlen = 4
internet address = 72.14.215.25
ttl = 3454 (57 mins 34 secs)
smtp2.google.com
type = A, class = IN, dlen = 4
internet address = 64.233.167.25
ttl = 3598 (59 mins 58 secs)
smtp3.google.com
type = A, class = IN, dlen = 4
internet address = 64.233.183.25
ttl = 3527 (58 mins 47 secs)
>