Solved

How to get the FQDN of a list of IP servers?

Posted on 2011-02-10
8
1,554 Views
Last Modified: 2012-06-22
Is there a script which can give the FQDN of servers from a file that contains their IP adr?
0
Comment
Question by:SAM2009
  • 5
  • 3
8 Comments
 
LVL 7

Expert Comment

by:SterlingMcClung
Comment Utility
something like this should work
For /f %L in (file-with-ip-addresses.txt) do ping -a %L

Open in new window

0
 
LVL 7

Expert Comment

by:SterlingMcClung
Comment Utility
Combine that with some unxutils and you can do:

 
for /f %L in (temp.txt) do @ping -a -n 1 %L | head -n2 | tail -n1 | cut -d" " -f2,3

Open in new window


Hope that works.
0
 
LVL 1

Author Comment

by:SAM2009
Comment Utility
Is it in vbs?
0
 
LVL 7

Expert Comment

by:SterlingMcClung
Comment Utility
Sorry, no.  This is just a command line.  Run it from a command prompt or place in it a .bat/.cmd file.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 7

Expert Comment

by:SterlingMcClung
Comment Utility
The head, tail and cut commands are not built into windows, but are very useful tools from Unix.  Many of these useful programs have been ported to native Windows applications in the unxutils project at sourceforge.  You can obtain them from:

http://unxutils.sourceforge.net/

I tend to put these in a bin folder in my C:\ on all of my computers and add the directory to the systemwide Path variable.  They are very useful in solving problems like this.
0
 
LVL 1

Author Comment

by:SAM2009
Comment Utility
With that cmd NS LOOKUP ZONE should be added in DNS right to get a result?
0
 
LVL 7

Accepted Solution

by:
SterlingMcClung earned 500 total points
Comment Utility
I am not sure what you are referring to.  I will describe what each part of the command does and then if you still have more questions, please ask away.

The first part of the command:
 
for /f %L in (temp.txt) do

Open in new window

Reads each line of the temp.txt file, on at a time, places the contents of that line in the %L variable and executes the command after "do" for each line it reads.  As psuedo-code:
 
For each line in temp.txt
   do 
Next

Open in new window


The file "temp.txt" must have a single IP address for which you want the FQDN on each line of the file.

Next portion of the command:
 
@ping -a -n 1 %L

Open in new window

The "@" symbol at the beginning tells the command processor to not echo the command line.  This is done just to keep things looking nice.  The "-a" parameter for ping, tells ping to perform a reverse DNS lookup on the address.  This is what gives you the FQDN of the IP address.  The "-n1" parameter tells it to just send one echo request instead of the default 4.  This is just to speed of the process.  The "%L" is the contents of the temp.txt line read on this iteration of the command.  Ping will use the DNS servers that are listed with the network adapters of the computer.  If you have multiple network adapters, you can add a "-S sourceaddr" parameter to the command in order to specify which network card and DNS settings to use.  If you would like to use a different DNS server than is listed in your adapter settings, this script will not work.

The results of the ping command are piped to:
 
| head -n2 | tail -n1 |

Open in new window

Which take the first 2 lines of text, then only the last line of those lines, or in other words take the second line and pipe it to the next command:
 
cut -d" " -f2,3

Open in new window

which tells it to split the text with a space character as the delimiter and then return only the second and third fields.

As I mentioned partway through this post, the DNS servers that you wish to use to obtain the FQDN must be listed in your network adapters DNS settings.  As long as the domains are public domains and not an internal domain, such as domain.local, it shouldn't matter which DNS servers are used to obtain the FQDN, as they should all provide the same name.  Some DNS services, like opendns and some ISPs, filter and modify DNS requests and answers in order to block access to what they feel are bad sites or destinations.  If you would like to run this for an internal domain, you will have to have the internal DNS server setup in the adpater settings.
0
 
LVL 1

Author Closing Comment

by:SAM2009
Comment Utility
Thank you for the explanation and help!
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Microsoft Windows Server Update Service (WSUS) is free for everyone, but it lacks of some desirable features like send an e-mail to the administrator with the status of all computers on the WSUS server. This article is based on my PowerShell script …
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now