Wednesday, 6 November 2013

4 Information gathering commands for linux

DIG :

      dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.


     # dig google.com    

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38479
;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.com.            IN    A

;; ANSWER SECTION:
google.com.        62    IN    A    74.125.236.73
google.com.        62    IN    A    74.125.236.65
google.com.        62    IN    A    74.125.236.68
google.com.        62    IN    A    74.125.236.78
google.com.        62    IN    A    74.125.236.67
google.com.        62    IN    A    74.125.236.66
google.com.        62    IN    A    74.125.236.72
google.com.        62    IN    A    74.125.236.70
google.com.        62    IN    A    74.125.236.71
google.com.        62    IN    A    74.125.236.69
google.com.        62    IN    A    74.125.236.64

;; Query time: 53 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Thu Nov  7 10:40:52 2013
;; MSG SIZE  rcvd: 204

 

NSLOOKUP :

      Nslookup is a program to query Internet domain name servers. Examples of issueing a simple query: nslookup name nslookup IP_address nslookup name server nslookup IP_address server 


     # nslookup google.com    

Server:        192.168.30.50
Address:    192.168.30.50#53

Non-authoritative answer:
Name:    google.com Address: 74.125.236.70
Name:    google.com Address: 74.125.236.65
Name:    google.com Address: 74.125.236.73
Name:    google.com Address: 74.125.236.69
 

HOST :

     host is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa. 
When no arguments or options are given,host prints a short summary of its command line arguments and options.

     # host google.com    

google.com has address 74.125.236.35
google.com has address 74.125.236.46
google.com has address 74.125.236.38
google.com has address 74.125.236.39
google.com has address 74.125.236.33
google.com has address 74.125.236.37
google.com has address 74.125.236.32
google.com has address 74.125.236.34
google.com has address 74.125.236.41
google.com has address 74.125.236.36
google.com has address 74.125.236.40
google.com has IPv6 address 2404:6800:4007:800::1004
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.

 

PING :

    ping uses the ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (``pings'') have an IP and ICMP header, followed by a struct timeval and then an arbitrary number of ``pad'' bytes used to fill out the packet.

     # ping -c 5 google.com    

PING google.com (74.125.236.67) 56(84) bytes of data.
64 bytes from maa03s05-in-f3.1e100.net (74.125.236.67): icmp_seq=1 ttl=54 time=29.4 ms
64 bytes from maa03s05-in-f3.1e100.net (74.125.236.67): icmp_seq=2 ttl=54 time=28.7 ms
64 bytes from maa03s05-in-f3.1e100.net (74.125.236.67): icmp_seq=3 ttl=54 time=29.3 ms
64 bytes from maa03s05-in-f3.1e100.net (74.125.236.67): icmp_seq=4 ttl=54 time=29.2 ms
64 bytes from maa03s05-in-f3.1e100.net (74.125.236.67): icmp_seq=5 ttl=54 time=28.8 ms

--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4030ms
rtt min/avg/max/mdev = 28.757/29.136/29.442/0.348 ms

No comments:

Post a Comment