Whenever you browse the WWW or send an e-mail message, a domain name is used to send or receive information. Uniform Resource Locators (URLs), such as http://www.techrepublic.com, and e-mail addresses like firstname.lastname@example.org are easy for users to remember but are almost useless to computers. The Domain Name Service (DNS) is used to map the relationships between a human-readable hostname and the IP addresses associated with that hostname. DNS may also be used in reverse, mapping an IP address to a hostname. This Daily Feature explains how two freeware DNS search tools available for use with Windows 9x, NT, and Windows 2000 may be used to provide DNS information. A full explanation of DNS is beyond the scope of this article, in which I’ll assume that you have a basic knowledge of TCP/IP and DNS terminology.
Getting Sam Spade
I looked at a lot of DNS search tools while I was writing this article, and the one I prefer to work with is Sam Spade. This utility has several good features:
- All tasks are multithreaded. Several queries may be run simultaneously.
- The output from searches is hotlinked. Simply click on an e-mail address, IP address, or hostname to run another query.
- Search results are easily logged.
- Sam Spade includes extensive online help.
Check out the home page for Sam Spade to find the latest version. Once you have downloaded it, simply double-click the icon to begin the installation procedure.
Configuring and running Sam Spade
Before you run Sam Spade, the program must be configured using the following procedure:
- Within the application, navigate through Select | Edit | Options and click the Basics tab (see Figure A).
- Enter the IP address of your DNS server, the maximum number of simultaneous connections (100 is plenty), and the IP address of your ISP’s Web server.
- When the correct information is entered, click on the Advanced tab. When the Advanced menu is active, activate the following three options by clicking on the check box:
- Enable Zone Transfers: Enables DNS Zone Transfers
- Enable Active Probing: Enables Port Scanning
- Enable Relay Checking: Enables Checking For An Insecure Mailserver
|The Sam Spade configuration menu|
Obtaining DNS information
If you don’t know the IP address for your DNS server, you can obtain it by using the following procedure: Click on Start | Settings | Control Panel | Network. Select TCP/IP and then click on Properties. Select DNS Configuration. Use the top address in the DNS Server Search Order box.
Once these entries are made, you’re ready to run Sam Spade. Sam Spade includes several useful options for tracking down DNS-related information, including:
- ping: Used to see if a network host is alive and how long it takes IP packets to reach the host.
- nslookup: Finds the IP address associated with a hostname or the hostname associated with an IP address.
- dig: This tool is another form of nslookup. The dig utility will ask a DNS server for all information about a host by default.
- traceroute: Used to determine the route an IP packet takes from your system to a remote host.
- finger: Determines user information on a remote UNIX host.
- SMTP VRFY: Used to query an e-mail address to determine whether the address is valid and if the address is being forwarded.
- whois: Queries a whois server about who owns a domain name.
- ip block whois: Asks a whois server who owns a block of IP addresses.
- Web browser: The Sam Spade Web browser downloads the actual code used for a Web page, including the http headers and raw HTML. This feature is very useful for troubleshooting CGI scripts. In addition, because only the raw code is downloaded, features such as hidden form fields and white-on-white text can be exposed.
Once you have Sam Spade installed and configured, you’re ready to start searching for DNS information. When Sam Spade is run, you will be presented with the window shown in Figure B. In this example, the result of running the dig command on www.techrepublic.com is shown. The utility allows users to select commands either from the icons on the left-hand edge of the window or from the Basics or Tools menus.
|Running the dig command on www.techrepublic.com|
You will probably find that Sam Spade is a welcome addition to your toolkit. Sam Spade is a utility worth considering if you need a powerful, flexible, and free DNS search tool for Windows.
NS-Batch for Windows
Another good freeware DNS search tool for Windows is NS-Batch. NS-Batch performs five basic, yet important, functions:
- Maps single hostname to IP address
- Maps single IP address to hostname
- Probes all IP addresses on a specified subnet and prints the probe results to a specified ASCII text file
- Uses an ASCII text file to input a list of hostnames to map to IP addresses
- Uses an ASCII text file to input a list of IP addresses to map to hostnames
The NS-Batch search screen is shown in Figure C.
|NS-Batch search screen|
NS-Batch lacks the flexibility of Sam Spade, but it is still very useful for administrators who need a tool capable of providing usable DNS-related information. The real strength of NS-Batch lies in its ability to accept search criteria form input files and then write or append search results to ASCII text files. Search results are displayed in the following order:
- The hexadecimal notation for the host IP address
- The host IP address in dot notation
- The hostname corresponding to the IP address
- The hostname in reverse notation
- The number of times (count) the IP address was found in the input file
Figure D shows the output generated when IP addresses from 192.168.1.1 to 192.168.1.20 are probed.
|NS-Batch search results|
Once this information is available in ASCII text format, any word processor may be used to analyze the information. NS-Batch is very useful for administrators who want to perform DNS searches in Windows without having to deal with a complex interface.
The ability to perform DNS-related searches in Windows can easily be enhanced with the addition of some freeware tools. In this Daily Feature, I covered some of the main features of two of these tools. Sam Spade is capable of performing DNS searches based on almost any criteria. NS-Batch is a much simpler tool, but it provides a very simple interface and makes search results available through ASCII text files. I encourage Windows users to try these and similar utilities. These tools provide a lot of information for experienced administrators and are great learning tools for less experienced users.