[ Table Of Contents ][ Answer Guy Current Index ] greetings   bios   1   2   3   4   5   6   7   8   9   10   11   12 [ Index of Past Answers ]

(?) The Answer Gang (!)


By Jim Dennis, Ben Okopnik, Dan Wilder, Breen, Chris, and the Gang, the Editors of Linux Gazette... and You!
Send questions (or interesting answers) to tag@lists.linuxgazette.net

There is no guarantee that your questions here will ever be answered. Readers at confidential sites must provide permission to publish. However, you can be published anonymously - just let us know!


(?) reverse dns

From Iskandar Awall

Answered By Mike Orr

Do you know a step by step guide in doing reverse dns lookup in unix. I have done a reverse dns lookup but it doesn't seem to be able to resolve.

(!) [Mike] You've got a choice of several commands. 'dig' seems to provide the most information.
$ host 1.2.3.4
$ host domain.com
$ dig 1.2.3.4
$ dig domain.com
$ dig 1.2.3.4 ANY
$ dig domain.com ANY
$ nslookup
> set type=any
> 1.2.3.4
> domain.com
> [ctrl-d]
$
If a reverse lookup fails, it probably means there is no reverse record for that IP. There's no technical connection between forward and reverse records. Indeed, they may even be maintained by different organizations, so keeping them in sync may be impossible. The forward record (name -> number) is maintained by whoever hosts your domain name--your ISP, another company, or you on your own server. The reverse record (number -> name) is maintained by whoever maintains your IP number; i.e., your ISP. My ISP, For instance, refuses to change my reverse record from a long ugly DSL name because they say their billing system depends on that name. I have my own domain which I host myself (to avoid the $5-$20/month the ISP would charge, which is an outrageous rip-off for one minute's worth of labor when it changes, and no cost in months it doesn't change--except the cost to run their DNS server, which they'd have to do anyway), but since I cannot get the reverse record changed, the forward and reverse records don't match. There are also some ISPs out there who don't have reverse records at all, because they think that setting reverse records for their customers' IPs is not worth the time.
Users are caught in the middle of a debate over whether reverse records should be used for identification. The pro argument is that it helps identify spammers and abusers. The con argument (which I believe) is that the purpose of domain names is convenience: so you don't have to remember a number, and so that a site can maintain a "permanent" identifier even if they move to another server or a different ISP. You shouldn't have to have a domain name, much less have it set to any particular value. And to identify scRipT kIddyZ, just do a simple traceroute. The second-last hop is their ISP (or part of their own network), and ISPs always have their own domain name showing. And what if a computer has several domain names, each hosted at a different organization? There can be only one reverse record, so all the other names will be left out in the cold.


This page edited and maintained by the Editors of Linux Gazette Copyright © 2001
Published in issue 68 of Linux Gazette July 2001
HTML script maintained by Heather Stern of Starshine Technical Services, http://www.starshine.org/



[ Table Of Contents ][ Answer Guy Current Index ] greetings   bios   1   2   3   4   5   6   7   8   9   10   11   12 [ Index of Past Answers ]