View host DNS servers

1. Nslookup (name server lookup): a tool used to query Internet domain name information or diagnose DNS server problems. Nslookup can specify the query type. You can check the DNS record survival time and specify the DNS server to be used for explanation. Nslookup is a command line tool that monitors whether the DNS server in the network can correctly implement domain name resolution. It can be used in Windows NT/2000/XP, but it is not integrated in Windows 98. Nslookup must be installed in a TCP/IP network environment before it can be used.

Example:

[Root @ mongotop40 Desktop] # nslookup 15.201.49.136

Server: 192.168.0.254
Address: 192.168.0.254 #53

** Server can't find 136.49.201.15.in-addr. arpa: SERVFAIL

[Root @ mongotop40 Desktop] # nslookup 210.192.113.214
Server: 192.168.0.254
Address: 192.168.0.254 #53

** Server can't find 214.113.192.210.in-addr. arpa: SERVFAIL

[Root @ mongotop40 Desktop] # nslookup 192.168.0.254
Server: 192.168.0.254
Address: 192.168.0.254 #53

254.0.168.192.in-addr. arpa name = instructor.example.com.

[Root @ mongotop40 Desktop] #

Ii. Format

Nslookup [IP Address/domain name]

3. Application Instances

(1) Use the nslookup command on the Local Computer

$ Nslookup

Default Server: name.cao.com.cn

Address: 192.168.1.9

>

Enter the Domain Name of the IP address to be queried after the symbol ">" and press Enter. To exit the command, enter "exit" and press Enter.

(2) run the nslookup command named.

Enter the following command:

Nslookup

Then, we enter the nslookup environment. If named is started normally, nslookup will display the address and domain name of the current DNS server. Otherwise, named cannot be started properly.

The following describes some basic DNS diagnostics.

◆ Check for forward DNS resolution. Enter a host name with a domain name at the nslookup prompt, for example, hp712.my.com. nslookup should be able to display the IP address corresponding to this host name. For example

If only hp712 is entered, nslookup automatically adds the my.com domain name according to the definition of/etc/resolv. conf and answers the corresponding IP address.

◆ Check reverse DNS resolution. Enter an IP address at the nslookup prompt, for example, 192.22.33.20. nslookup should be able to answer the host name corresponding to the IP address.

◆ Check the MX Email Address Record and enter at the nslookup prompt:

Set q = mx

Enter a domain name, my.com and mail.my.com, and nslookup should be able to answer the corresponding email server address, that is, support.my.com and support2.my.com.

Iv. Exercises

1. the development of dangerous network life makes it a problem that cannot be ignored. finger, ftp, rcp, and telnet are essentially not because they transmit passwords and data in plain text on the network, the sniffer can easily intercept these passwords and data. In addition, the security authentication methods of these service programs are also vulnerable to attacks by "Intermediate servers. Here I will list some unsafe commands according to the hazard level, as shown in table 3. Currently, ftp and telnet can be bound to port 22 by Using SSH commands. The connection is negotiated and RSA encryption is used. After the authentication is complete, all subsequent traffic is encrypted using IDEA. The SSH (Secure Shell) program can log on to the remote host over the network and execute commands. Remote Call commands such as rcp and rlogin are gradually replaced by VNC software.

2. bind multiple IP addresses to a network card

In Linux, you can use ifconfig to easily bind multiple IP addresses to one Nic. For example, if the original IP address of the eth0 interface is 192.168.0. 254, run the following command:

Ifconfig eth0: 0 192.168.0.253 netmask 255.255.255.0

Ifconfig eth0: 1 192.168.0.252 netmask 255.255.255.0

......

3. Modify the MAC address of the NIC

First, you must disable the NIC device. The command is as follows:

/Sbin/ifconfig eth0 down

Run the following command to modify the MAC address:

/Sbin/ifconfig eth0 hw ether 00: AA: BB: CC: DD: EE

Enable Nic again:

/Sbin/ifconfig eht0 up

The MAC address of the NIC is changed. The MAC address of each network adapter is unique, but cannot be modified. You only need to ensure the uniqueness of the MAC address in the network.

4. initial deployment of IPv6

IPv4

Technology has played a huge role in the development of the network. However, over time, it becomes increasingly inadequate in terms of network address provision, service quality, and security. Linux is the first to support IPv6 in all operating systems. Generally, IPv6 can be used directly in Linux versions based on the 2.4 kernel. However, IPv6 modules are not loaded in the main release versions, you can use commands to manually attach a file, which requires the permissions of the Super User.

(1) load the IPv6 Module

Run the command to check whether the IPv6 address of eth0 Nic is inet6 addr: fe80: 5054: abff: fe34: 5b09/64.

# Modprobe IPv6

# Ifconfig

Eth0 Link encap: Ethernet HWaddr 52: 54: AB: 34: 5B: 09

Inet addr: 192.168.1.2 Bcast: 192.168.1.255 Mask: 255.255.255.0

Inet6 addr: fe80: 5054: abff: fe34: 5b09/64 Scope: Link

Up broadcast running multicast mtu: 1500 Metric: 1

RX packets: 0 errors: 0 dropped: 0 overruns: 0 frame: 0

TX packets: 21 errors: 0 dropped: 0 overruns: 0 carrier: 0

Collisions: 0 FIG: 100

RX bytes: 0 (0.0 B) TX bytes: 1360 (1.3 Kb)

Interrupt: 5 Base address: 0xec00

(2) Use the ping command to check whether the IPv6 address of the NIC is valid.

# Ping6-I eth0-c 2 fe80 :: 200: e8ff: fea0: 2586

Unlike IPv4, you must specify a NIC interface when using the ping6 command. Otherwise, the system does not know which data packet to send. I indicates that Interface and eth0 are the first NICs,-c indicates a loop, and 2 indicates ping6 is operated twice.

(3) Use the ip command to add an ip address for eth0 in IPv6

# Ip-6 addr add 3ffe: ffff: 0: f101 :: 1/64 dev eth0

Run the ifconfig command to check whether the second IPv6 address appears on the NIC.

The main advantage of Linux network is that it can share resources and information, and users can access information remotely. Linux provides a powerful set of network commands to serve users, these tools help users set the network, check the network conditions, log on to a remote computer, transfer files, and execute remote commands. The above describes the important network commands in Linux. In fact, there are still many commands to learn about in Linux. One of the features of Linux network operating commands is that there are many Command Parameter options that do not need to be fully remembered. The key is to understand the main purpose of the command and learn to use help information.