What is nslookup?
Nslookup is a program that lets users enter a hostname and find the corresponding Internet Protocol address or Domain Name System record. Users can also enter a command in nslookup to do a reverse DNS lookup and find the hostname for a specified IP address.
The ping command is a more limited alternative to nslookup.
Uses for nslookup
Network administrators use nslookup to troubleshoot server connections or for security reasons.
For example, network pros might use nslookup to guard against phishing attacks, in which attackers alter domain names. An attacker might substitute the numeral 1 for a lowercase l to make a malicious site look friendly and familiar, e.g., joes1owerprices.com vs. joeslowerprices.com. Network admins use nslookup to troubleshoot such attacks.
It also helps deter cache poisoning, in which attackers distribute data to caching resolvers that pose as authoritative origin servers.
Examples of nslookup commands
Popular nslookup commands include the following:
- /name. Queries the current name server for the specified name.
- /server name. Sets the current name server to the server the user specifies.
- /root. Sets the root server as the current server.
- /set type=X. Specifies the type of records to be displayed, such as A, CNAME, MX, NS, PTR or SOA. Specify ANY to display all records.
- /set debug. Turns on debug mode, which displays detailed information about each query.
- /set recurse. Tells the DNS name server to query other servers if it does not have the information.
- /exit. Exits nslookup and returns the user to a command prompt.
Nslookup has two modes: interactive and noninteractive. To look up only a single piece of data, use noninteractive mode. To look up more than one piece of data, use interactive mode.
Nslookup sends a domain name query packet to a designated -- or defaulted -- DNS server. Based on the system, the default could be the service provider's local DNS server, an intermediate name server or the root server system for the entire DNS hierarchy.
Public vs. private DNS
DNS records can be public or private. In the past, DNS helped users find things on the internet. Websites needed IP addresses and corresponding DNS records in public view for users to locate them.
However, organizations realized that they didn't want outside users to know the company's internal processes. They began using private DNS servers to store IP addresses for internal file servers, domain controllers, database servers, mail servers and application servers.
