Sistemas Distribuidos

UNIVERSIDAD NACIONAL ABIERTA Y A DISTANCIA

Escuela de Ciencias Bsicas, Tecnologa e Ingeniera

Programa: Ingeniera de Sistemas

Curso: Sistemas Distribuidos

Actividad 14: Trabajo Colaborativo 3.

Alumno:

GUILLERMO ALONSO ARCHILA GUALDRON

CODIGO 13721517

Grupo:

302090_1

Tutor:

Gerardo Granados Acua

Universidad Nacional Abierta Y A Distancia

Escuela De Ciencias Bsicas De Tecnologa E Ingeniera De Sistemas

CEAD MALAGA

Situacin 3:

Investiguen acerca del uso del comando NSLOOKUP (Hace consultas interactivas a

Servidores que corren un DNS).

_ Qu formatos y opciones utiliza (indique ejemplos representativos con direcciones

del Colombia) ?

_ Qu tipo de informacin se puede recopilar acerca de un Host en la red?

_ Utilice NSLOOKUP para encontrar un servidor Web que tenga mltiples

direcciones IP. Tiene el servidor web de www.tucarro.com mltiples direcciones

IP?

nslookup obtener IP de un dominio, servidores de nombres DNS, DNS inverso y servidores de mail de dominios

Cmo obtener la IP pblica de un dominio de Internet? cmo saber a que dominio corresponde cierta IP pblica (DNS inverso)? cmo saber si nuestro servidor de nombres DNS est trabajando correctamente? cmo saber la IP o el nombre completo del servidor de email de un dominio?En muchas ocasiones resulta necesario obtener este tipo de informacin por diversos motivos, uno de ellos puede ser que estamos configurando el firewall de Vyatta y necesitamos saber la IP pblica de determinado dominio de Internet para crear una regla de firewall para dicho dominio.En casos como este la herramienta nslookup puede sernos muy til. nslookup est disponible en lnea de comandos tanto en Linux como en Windows y su funcionamiento es muy sencillo.

El funcionamiento de nslookup tanto en Windows como en Linux es el mismo. La sintaxis de nslookup es:

nslookup [-option ...] [host-to-find | -[server]]

Podemos trabajar con nslookup de dos formas, en modo interactivo y no interactivo, la diferencia es que en modo no interactivo hacemos una consulta al servidor DNS y este nos devuelve el resultado; en el modo interactivo entramos en un modo de consulta continua al DNS.Para hacer una consulta en modo no interactivo lo hacemos poniendo el comando nslookup seguido del nombre de dominio que queremos resolver, podemos hacer algo as:

openredes@julia-desktop:~$ nslookup google.es

Server:10.0.0.20

Address:10.0.0.20#53

Non-authoritative answer:

Name:google.es

Address: 209.85.229.99

Name:google.es

Address: 209.85.229.104

Name:google.es

Address: 209.85.229.147

openredes@julia-desktop:~$

Con lo que estamos haciendo una consulta al servidor DNS que tenemos configurado en la mquina que usamos para lanzar el comando (10.0.0.20 en este caso) preguntndole cual/es es/son la/s direccin/es IP pblicas del dominio google.es.Podemos tambin utilizar otro servidor DNS al que tengamos acceso (nuestro ISP, google) y preguntarle sobre los registros de direcciones IP que tiene almacenados para cierto dominio y poder comparar o ampliar informacin, por ejemplo:

openredes@julia-desktop:~$ nslookup google.es 8.8.8.8

Server:8.8.8.8

Address:8.8.8.8#53


Name:google.es

Address: 209.85.229.104

Name:google.es

Address: 209.85.229.147

Name:google.es

Address: 209.85.229.99

openredes@julia-desktop:~$

De esta forma estamos haciendo la misma consulta para saber la IP del dominio google.es pero a otro servidor DNS que especificamos tras el nombre a consultar (en este caso uno de los servidores DNS pblicos de google).Para entrar al modo interactivo basta con ejecutar el comando nslookup sin argumentos, con lo que entramos en una consola interactiva de consultas al servidor DNS, la lnea de comandos cambia a > hasta que salimos con el comando exit:

openredes@julia-desktop:~$ nslookup

>

Ahora estamos en modo interactivo y podemos preguntar al servidor DNS que nos resuelva directamente un nombre de dominio:

> google.es

Server:10.0.0.20

Address:10.0.0.20#53


Name:google.es

Address: 209.85.229.99

Name:google.es

Address: 209.85.229.104

Name:google.es

Address: 209.85.229.147

>

De la misma forma que antes, podemos hacer las consultas a otro servidor DNS diferente al configurado en la mquina que lanza las consultas, para eso:

> server 8.8.8.8

Servidor predeterminado: google-public-dns-a.google.com

Address: 8.8.8.8

>

Y las siguientes consultas se estarn haciendo al nuevo servidor DNS especificado tras el argumento server.Otro ejemplo podra ser el de pedir informacin acerca de los servidores de email de un dominio, para esto tenemos la opcin q=mx o type=mx que se fija con el comando set, entonces podemos hacer algo como esto:

> set type=mx

> google.es

Server:10.0.0.20

Address:10.0.0.20#53


google.esmail exchanger = 10 google.com.s9a2.psmtp.com.

google.esmail exchanger = 10 google.com.s9b1.psmtp.com.



Authoritative answers can be found from:

>

fija la consulta a peticin de informacin acerca de los servidores de email y una consulta de dominio posterior nos da informacin acerca de los servidores de email de ese dominio consultado.Hay muchas otras opciones, si por ejemplo el modo de consulta lo ponemos a any para que nos de toda la informacin posible (con q=any o type=any) tenemos algo asi:

> set q=any

> google.es

Server:10.0.0.20

Address:10.0.0.20#53


Name:google.es

Address: 209.85.229.104

Name:google.es

Address: 209.85.229.99

Name:google.es

Address: 209.85.229.147

google.esnameserver = ns2.google.com.





google.es

origin = ns1.google.com

mail addr = dns-admin.google.com

serial = 1448869

refresh = 21600

retry = 3600

expire = 1209600

minimum = 300





>

nos da toda la informacin posible acerca del dominio google.esOtras veces tenemos la necesidad de saber a que dominio pertenece cierta IP pblica, simplemente con poner la IP el servidor DNS nos hace un DNS inverso:

> set type=ptr

> 8.8.8.8

Server:10.0.0.20

Address:10.0.0.20#53


8.8.8.8.in-addr.arpaname = google-public-dns-a.google.com.


>

Pero esto a veces no funciona o los datos no son fiables (no es lo normal), esto ocurre cuando el propietario de la IP pblica no tiene almacenada ninguna informacin PTR o incluso puede tener informacin falsa (no es lo normal), pero esta informacin PTR es un tanto informal y no da la informacin necesaria en la mayora de los casos, en el caso que tengamos necesidad de saber desde donde viene (localizacin) las consultas de determinadas IPs sospechosas o incluso la informacin del propietario hay una utilidad mucho ms potente que usa el protocolo whois.Hay numerosas herramientas online que permiten hacer consultas whois (tambin nslookup y otras), algunas son:http://www.kloth.net/services/whois.phphttp://network-tools.com/http://iptools.es/Para terminar copio la pgina del manual de nslookup:

System Administration Commands nslookup(1M)

NAME

nslookup - query name servers interactively

SYNOPSIS

nslookup [- option]... host [server]

nslookup [- option]... - [server]

nslookup

DESCRIPTION

nslookup sends queries to Internet domain name servers. It

has two modes: interactive and non-interactive. Interactive

mode allows the user to contact servers for information

about various hosts and domains or to display a list of

hosts in a domain. Non-interactive mode is used to display

just the name and requested information for a host or

domain.

OPTIONS

-option

Set the permissible options, as shown in the following

list. These are the same options that the set com-

mand supports in interactive mode (see set in the

Commands section for more complete descriptions).

all List the current settings

class=classname

Restrict search according to the specified class

d2 Set exhaustive debug mode on

nod2 Set exhaustive debug mode off

debug Set debug mode on

nodebug

Set debug mode off

defname

Set domain-appending mode on

nodefname

Set domain-appending mode off

domain=string

Establish the appendable domain

ignoretc

Set it to ignore packet truncation errors

SunOS 5.9 Last change: 11 Jan 2002 1


noignoretc

Set it to acknowledge packet truncation errors

OPERANDS

host Inquires about the specified host. In this non-

interactive command format, nslookup Does not prompt

for additional commands.

- Causes nslookup to prompt for more information, such

as host names, before sending one or more queries.

server

Directs inquiries to the name server specified here in

the command line rather than the one read from the

/etc/resolv.conf file (see resolv.conf(4)). server can

be either a name or an Internet address. If the speci-

fied host cannot be reached, nslookup resorts to using

the name server specified in /etc/resolv.conf.

USAGE

Non-interactive Mode

Non-interactive mode is selected when the name or Internet

address of the host to be looked up is given as the first

argument.

Within non-interactive mode, space-separated options can be

specified. They must be entered before the host name, to be

queried. Each option must be prefixed with a hyphen.

For example, to request extensive host information and to

set the timeout to 10 seconds when inquiring about gypsy,

enter:

example% nslookup -query=hinfo -timeout=10 gypsy

To avoid repeated entry of an option that you almost always

use, place a corresponding set command in a .nslookuprc

file located inside your home directory. (See Commands for

more information about set.) The .nslookuprc file can con-

tain several set commands if each is followed by a "RETURN".

Entering and Leaving Interactive Mode

Interactive mode is selected when

o No arguments are supplied.

o A `-' (hyphen) character is supplied as the host argu-

ment.

To exit from an interactive nslookup session, type

Control-d or type the command exit followed by "RETURN".



Supported Command Interactions

The commands associated with interactive mode are subject to

various limitations and run-time conventions.

The maximum length of a command line is 255 characters.

When the "RETURN" key is pressed, command-line execution

begins. While a command is running, its execution can be

interrupted by typing Control-c.

The first word entered on the command line must be the name

of a nslookup command unless you wish to enter the name of a

host to inquire about. Any unrecognized command is handled

as a host name to inquire about. To force a command to be

treated as a host name to be inquired about,

precede it with a backslash character.

Commands

exit Exit the nslookup program.

help

? Display a brief summary of commands.

host [ server ]

Look up information for host using the current default

server, or using server if it is specified.

If the host supplied is an Internet address and the

query type is A or 1PTR, the name of the host is

returned. If the host supplied is a name and it does

not have a trailing period,

the default domain name is appended to the name.

(This behavior depends on the state of the set options

domain, srchlist, defname, and search).

To look up a host that is not in the current domain,

append a period to the name.

finger [ name ] [ >> filename ]

Connect with the finger server on the current host,

which is defined by the most recent successful host

lookup.

If no name value is specified, a list of login

account names on the current host is generated.

Similar to a shell command interpreter, output can be

redirected to a file using the usual redirection sym-

bols: > and >>.

ls [ -options ] domain [ >> filename ]

List the information available for domain, optionally



creating or appending to filename. The default output

contains host names and their Internet addresses.

Output can be redirected to filename using the > and

>> redirection symbols. When output is directed to a

file, hash marks are shown for every 50 records

received from the server. The permissible values for

options are:

a Lists aliases of hosts in the domain. This is a

synonym for the command ls -t CNAME.

d Lists all records for the domain. This is a

synonym for the command ls -t ANY.

h Lists CPU and operating system information for

the domain. This is a synonym for the command ls

-t HINFO.

s Lists well-known services of hosts in the

domain. This is a synonym for the command ls -t

WKS.

t querytype-value

lists all records of the specified type (see

querytype within the discussion of the set com-

mand).

set token=value

set keyword

Establish a preferred mode of search operation. Per-

missible token and keyword values are:

all Display the current values of frequently-used

options. Information about the current default

server and host is also displayed.

cl[ass]=classname

Limit the search according to the protocol

group (classname) for which lookup information

is desired. Permissible classname values are:

ANY A wildcard selecting all classes

IN The Internet class (the default)

CHAOS The Chaos class.

HESIOD

The MIT Athena Hesiod class.



d2

nod2 Enable or disable exhaustive debugging mode.

Essentially all fields of every packet are

displayed. By default, this option is disabled.

deb[ug]

nodeb[ug]

Enable or disable debugging mode. When debugging

mode is enabled, much more information is pro-

duced about the packet sent to the server and

the resulting answer. By default, this option is

disabled.

def[name]

nodef[name]

Enable or disable appending the default domain

name to a single-component lookup request (one

that lacks a dot). By default, this option is

enabled for nslookup. The default value for the

domain name is the value given in

/etc/resolv.conf, unless: there is an environ-

mental value for LOCALDOMAIN when nslookup is

run; a recent value has been specified through

the srchlist command or the set domain command.

do[main]=string

Change the default domain name to be appended to

all lookup requests to string. For this option

to have any effect, the defname option must also

be enabled and the search option must be set in

a compatible way. The domain search list con-

tains the parents of the default domain if it

has at least two components in its name. For

example, if the default domain is

CC.Berkeley.EDU, the search list is

CC.Berkeley.EDU and Berkeley.EDU. Use the set

srchlist command to specify a different list.

Use the set all command to display the list.

ignoretc

noignoretc

Ignore packet truncation errors. By default,

this option is disabled.

srch[list]=name1/name2/...

Change the default domain name to name1 and the

domain search list to name1, name2, etc. A maximum of



6 names can be specified, along with slash characters

to separate them. For example,

example% set srchlist=lcs.MIT.EDU/ai.MIT.EDU/MIT.EDU

sets the domain to lcs.MIT.EDU and the search list to

all three names. This command overrides the default

domain name and search list of the set domain command.

Use the set all command to display the list.

search

nosearch

Enable or disable having the domain names in the

domain search list appended to the request, generating

a series of lookup queries if necessary until an

answer is received. To take effect, the lookup request

must contain at least one dot (period); yet it must

not contain a trailing period. By default, this

option is enabled.

po[rt]=value

Specify the default TCP/UDP name server port. By

default, this value is 53.

q[uerytype]=value

ty[pe]=value

Change the type of information returned from a query

to one of:

A The Internet address of the host

CNAME The canonical name for an alias

HINFO The host CPU and operating system type

MD The mail destination

MX The mail exchanger

MB The mailbox domain name

MG The mail group member

MINFO The mailbox or mail list information

NS The name server

PTR The host name if the query is in the form of an



Internet address; otherwise the pointer to other

information

SOA The domain's start-of-authority information

TXT The text information

UINFO The user information

WKS The supported well-known services

(Other types specified in the RFC 1035 document are

valid, but they are not as useful.)

recurse

norecurse

Enable or disable having to query other name servers

before abandoning a search. By default, this feature

is enabled.

ret[ry]=count

Set the maximum number of times to retry a request

before abandoning a search. When a reply to a request

is not received within a certain amount of time

(changed with set timeout), the timeout period is dou-

bled and the request is resent. The retry value con-

trols how many times a request is resent before the

request is aborted. The default for count is 4.

ro[ot]=host

Change the name of the root server to host. This

affects the root command. The default root server is

ns.internet.net.

t[timeout]=interval

Change the amount of time to wait for a reply to

interval seconds. Each retry doubles the timeout

period. The default interval is 5 seconds.

vc

novc Enable or disable the use of a virtual circuit when

sending requests to the server. By default, this

feature is disabled.

root Change the default server to the server for the root

of the domain name space. Currently, the host

ns.internic.net is used; this command is a synonym for

server ns.internic.net. The name of the root server

can be changed with the set root command.



server domain

lserver domain

Change the default server to domain. lserver uses the

initial server to look up information about domain

while server uses the current default server. If an

authoritative answer can not be found, the names of

servers that might have the answer are returned.

EXAMPLES

Example 1: Searching the Internet Domain Namespace

To effectively search the Internet domain namespace, it

helps to know its structure. At present, the Internet domain

name-space is tree-structured, with one top level domain for

each country except the United States.. There are also some

traditional top level domains, not explicitly tied to any

particular country. These include:

COM Commercial establishments

EDU Educational institutions

ORG Not-for-profit organizations

GOV Government agencies

MIL MILNET hosts

If you are looking for a specific host, you need to know

something about the host's organization in order to deter-

mine the top-level domain that it belongs to. For instance,

if you want to find the Internet address of a machine at

UCLA, do the following:

o Connect with the root server using the root command.

The root server of the name space has knowledge of the

top-level domains.

o Since UCLA is a university, its domain name is

ucla.edu. Connect with a server for the ucla.edu

domain with the command server ucla.edu. The response

produces the names of hosts that act as servers for

that domain. Note: the root server does not have

information about ucla.edu, but knows the names and

addresses of hosts that do. Once located by the root

server, all future queries will be sent to the UCLA

name server.

o To request information about a particular host in the

domain (for instance, locus), just type the host name.

To request a listing of hosts in the UCLA domain, use



the ls command. The ls command requires a domain name,

(in this case, ucla.edu, as an argument.

If you are connected with a name server that handles more

than one domain, all lookups for host names must be fully

specified with its domain. For instance, the domain

harvard.edu is served by seismo.css.gov, which also ser-

vices the css.gov and cornell.edu domains. A lookup request

for the host aiken in the harvard.edu domain must be speci-

fied as aiken.harvard.edu. However, the set domain=name and

set defname commands can be used to automatically append a

domain name to each request.

After a successful lookup of a host, use the finger(1) com-

mand to see who is on the system, or to finger a specific

person. (finger requires the type to be A.)

To get other information about the host, use the set

querytype=value command to change the type of information

desired and request another lookup.

ENVIRONMENT VARIABLES

HOSTALIASES

References the file containing host aliases

LOCALDOMAIN

Overrides default domain

EXIT STATUS

The process returns the following values:

0 On success.

1 On failure.

FILES

/etc/resolv.conf

Initial domain name and name server addresses

$HOME/.nslookuprc

Initial option commands

/usr/lib/nslookup.help

Summary of commands

ATTRIBUTES

See attributes(5) for descriptions of the following attri-

butes:



____________________________________________________________

| ATTRIBUTE TYPE | ATTRIBUTE VALUE |

|_____________________________|_____________________________|

| Availability | SUNWcsu |

|_____________________________|_____________________________|

| Interface Stability | Standard BIND 8.2.4 |

|_____________________________|_____________________________|

SEE ALSO

finger(1), more(1), in.named(1M), nstest(1M),

resolver(3RESOLV), resolv.conf(4), attributes(5)

Mockapetris, Paul. RFC 1034, Domain Names - Concepts and

Facilities. Network Working Group. November 1987.

Mockapetris, Paul. RFC 1035, Domain Names - Implementation

and Specification. Network Working Group. November 1987.

DIAGNOSTICS

If the lookup request is successful, an error message is

produced. Possible errors are:

Timed out

The server did not respond to a request after a cer-

tain amount of time (changed with set timeout=value)

and a certain number of retries (changed with set

retry=value).

No response from server

No name server is running on the server machine.

No records

The server does not have resource records of the

current query type for the host, although the host

name is valid. The query type is specified with the

set querytype command.

Non-existent domain

The host or domain name does not exist.

Connection refused

Network is unreachable

The connection to the name or finger server can not be

made at the current time. This error commonly occurs

with ls and finger requests.

Server failure

The name server found an internal inconsistency in its

database and could not return a valid answer.



Refused

The name server refused to service the request.

Format error

The name server found that the request packet was not

in the proper format. This may indicate an error in

nslookup.


Documents

Sistemas Distribuidos