[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Reverse DynDns from IP

Posted on 2009-12-27
15
Medium Priority
?
2,192 Views
Last Modified: 2012-05-08
Hello,

is there a way to find out which dyndns service and hostname is used for the current IP address?

I got a router which handles no-ip.org DynamicDNS, and since I forgot my dyndns address, I would like to find it again. I know I forwarded ports necessary but can not access the router anymore.

My current IP is xxx.xxx.xxx.xxx and would like to, somehow, find out which dyndns hostname is registered to my current IP address.

Any way of doing that?

Thanks
0
Comment
Question by:daky
  • 6
  • 5
  • 4
15 Comments
 
LVL 57

Accepted Solution

by:
giltjr earned 200 total points
ID: 26129083
Not really.  Looking up a host name based on an IP address is called reverse lookup, and there are special DNS record types call PTR records that need to be setup to do this.

However, unless you have a static IP address and your ISP has delegated the IP address zone to you or your ISP setup a PTR record for you, then looking up the IP address will not give you the host name that you assigned it.

You can try by using nslookup from command line doing the following:

nslookup
set type=PTR
xxx.xxx.xxx.xxx

 
0
 
LVL 1

Expert Comment

by:jane_doe
ID: 26129130
you can always try
ping -a xxx.xxx.xxx.xxx , easier to use then nslookup
other then that , you can always logon to your dyndns or no-ip account and see what hostnames you got.
just to make my point i tried nslookup and ping -a on a no-ip host i got, and it gave me the hostname i got from my isp.. soo no luck there ..
eventually going to your account at dyndns.org seems like the best option, if you cant remember the user name and password for your dyndns account you wont be able to configure it on the router with that hostname.

hope it helps

Roy


0
 
LVL 1

Author Comment

by:daky
ID: 26129155
@ jane_doe
I can not login into my dyndns account because I don't know the login/password for it. Neither the email or the hostname.

Just need to find dyndns hostname, can I use wireshark or similar utility to find out that information?
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 57

Expert Comment

by:giltjr
ID: 26129176
Do you know what domain name the host name is in?

Do you know the IP address of the authoritative server for that domain name?

If so then you can do:

nslookup - x.x.x.x
ls -d yourdomain.com

The x.x.x.x is the IP address of the name server that is authoritative for your domain.  There is a dash between nslookup and x.x.x.x.

The ls -d says to list all records in the domain yourdomain.com.  If the name server allows this, then you will get a list of all hosts within that domain.

However some DNS servers prevent the ls function.
0
 
LVL 1

Expert Comment

by:jane_doe
ID: 26130464
hi daki
i think the best solution is to look through your emails and look for mails from dyndns in order to recover your password.
if you have physical access to that router maybe you could extract the user name and password from it, though most of the "astrix revealing software" will not work with web browser, but at least you can see the user name or the email you registered with dyndns.

try it out and tell me how it went
0
 
LVL 1

Author Comment

by:daky
ID: 26130505
You guys are missing the whole point.

I don't have a domain name, nor can access the router. I can only connect to the internet through that router. Domain name is maintained by dynamic DNS server, and I don't know which one is it. I don't have a static IP address - if I had it, I wouldn't ask this question anyway.

Since there is no way of doing that because our ISP does not have a PTR record for the dynamic IP, and since reverse lookup can't be done, I'll have to accept the first answer.

Thank you both,
Daky
0
 
LVL 1

Expert Comment

by:jane_doe
ID: 26130572
if you want i can try and mine some information about that ip address for you

0
 
LVL 1

Author Comment

by:daky
ID: 26130604
I can't tell you right now the IP which is used on my work, but will tell you later today.

So, if I have my address, 78.2.64.xxx, how do I get "abcdefgh.no-ip.org" from inside?
0
 
LVL 1

Expert Comment

by:jane_doe
ID: 26130698
you can use tools like sam's spade to try and dig, look for the ns records of your that sub domain that you have and try to mine information from there.
you should know this is basically hacking and im not sure it is compliant with any service EULA
0
 
LVL 57

Expert Comment

by:giltjr
ID: 26131299
There are no tools that will help, as they prevent the listing of all hosts names within the no-ip.org zone and thus you would have to guess at what host name you choose.

O.K., I've looked at no-ip.org and basically you need to talk to them and prove to them that you are who you say you are.  This will be tough as I am assuming you are using the free service, which means you can't send them a copy of the bill.

You have forgotten the host name you chose and you have some how forgotten the e-mail you used to register with them.

Now, I have not used that DynamicDNS service, but on my router that supports two other dynamic DNS services, I have to enter unique information that my router uses to identify "me".  Either my e-mail address and a password or my user-id with a password.

I would assume that your Dynamic DNS service would require some type of identification to be passed from your router and that information would be stored in your router.  So you should be able to look at the configuration in your router to see what information you pass to them and use that.  In fact in most Dynamic DNS services, you tell them what host name to use and this is configured in your router.

Have you looked at your router configuration?




0
 
LVL 1

Author Comment

by:daky
ID: 26131979
@ giltjr:

I've looked into a router config and on dyndns page, everything is empty. Although, on the NAT page, there is a forwarded port 8245 to 192.168.10.6. Since no-ip updater uses this port, I must assume that on host located there, there is a dyn-dns updater running. I can't access that host via port 80 (web).

It must have config for dyndns...

As I asked before, can I use Wireshark or similar utility to "find out" which packets is router sending and find out the hostname from there?
0
 
LVL 1

Author Comment

by:daky
ID: 26131988
@ jane_doe : I don't have the subdomain, as I already said that.... Only IP address.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 26133105
I am assuming that 192.168.10.6 is one of your computers.  Can you see what process is listening on 8245?  Check it out and see how it is configured.

You might be able to use Wireshark on 192.168.10.6 if you can't find the configuration for no-ip and that is the computer that is updating no-ip when you get new IP addresses.  You would want to look for traffic on port 8245.
0
 
LVL 1

Author Comment

by:daky
ID: 26160005
I found out which dyndns hostname is used by looking at a router config, which i overseen at first... hehe
0
 
LVL 57

Expert Comment

by:giltjr
ID: 26160073
So, you should now not only know what the host name is, but the user-id/account name and password to manage it.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question