Tutorial - DNS reverse lookups

Reverse DNS lookup/resolution is probably the most common method of trying to determine the DNS (forward lookup entry) of a host - that is if you only have the IP address. In DNS terms, we'll be attempting to retrieve the PTR (pointer DNS record type) for that IP address.

For a more detailed read on reverse DNS check out this link, (Reverse DNS lookup - Wikipedia).

Ok, now typically how one would go along and do it is to use a command line utility like dig, host etc. Something like this "host <some ip address>" and I'll (hopefully) get the reverse entry for the IP address.
Simple yes? Now the problem again comes in when you are faced with a potentially large netblock/network eg a /24 (254 hosts) or even a /16 (65k hosts).

So what we did with Yeti was, to give the user the ability to specify a list of IP addresses, or a netblock/ip ranges, and Yeti will go a long and fairly quickly retrieve the reverse entries for you...


As input you can either specify a list of single IP addresses or an list of IP blocks/ranges in either notation. Press the start button and a second or 2 later....
... all 254 reverse lookups are done and ready for your inspection :)

Remember, often the DNS and rDNS records don't match up and shared hosting is in a large part to blame for this. Several hundreds of virtual hosts can be hosted on a single server (IP) and hosting companies would often only register that server's name as the rDNS record. That is why Yeti's forward look-up brute-forcer is so important. But more about that in another tutorial.

Subscribe to: Posts (Atom)