Jack Bloke
asked on
Reverse lookup for IP's
I use 3 to 4 websites to verify IP addresses and I keep receiving comflicting information as to knowing where a specific IP originates when doing security analytics. Is there a trustworthy website for this?
The truth can be found using the following brutal dig commands...
1) Lookup all NS records using dig (or equivalent tool or code on your OS)... for example...
2) Then lookup each A record against each specific NS record...
3) All IPs (or IP lists) should return the exact same values from each NS record.
4) If there's ever a mismatch, then DNS is munged + requires fixing, prior to proceeding with your next action.
1) Lookup all NS records using dig (or equivalent tool or code on your OS)... for example...
imac> dig +short davidfavor.com ns
net11.wpfastsites.com.
net10.wpfastsites.com.
net12.wpfastsites.com.
2) Then lookup each A record against each specific NS record...
imac> dig +short davidfavor.com a @net10.wpfastsites.com
144.217.34.8
imac> dig +short davidfavor.com a @net11.wpfastsites.com
144.217.34.8
imac> dig +short davidfavor.com a @net12.wpfastsites.com
144.217.34.8
3) All IPs (or IP lists) should return the exact same values from each NS record.
4) If there's ever a mismatch, then DNS is munged + requires fixing, prior to proceeding with your next action.
Note: You must use dig or a DNS equivalent to get true values.
The only truth is to query global DNS yourself + check all the responses, per above.
Many Website tools will show problems with zero diagnostics.
The above dig commands provide you with exact diagnostics, just remove the +short option for detail.
The only truth is to query global DNS yourself + check all the responses, per above.
Many Website tools will show problems with zero diagnostics.
The above dig commands provide you with exact diagnostics, just remove the +short option for detail.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
You can find the RIR quickly by first running an Internet Assigned Numbers Authority (IANA) WHOIS lookup.
https://www.iana.org/whois
Then check the relevant Regional Internet Registries (RIRs), such as ARIN Whois-RWS search.
There are various command line WHOIS tools that do this automatically for you.
rirmap.png