I have a customer that has an IP of 12.43.95.126. Currently, I can not
get any reverse on this IP.
What is the best way to find out the responciable servers for this?
Thanx in advance.
I have a customer that has an IP of 12.43.95.126. Currently, I can not
get any reverse on this IP.What is the best way to find out the responciable servers for this?
Thanx in advance.
CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME
Really?
jackc@anna ~ $ whois 12.43.95.126
AT&T WorldNet Services ATT (NET-12-0-0-0-1)
12.0.0.0 - 12.255.255.255
GARY SURDYKE MOTORCYCLE INC. ATT240-95-112 (NET-12-43-95-112-1)
12.43.95.112 - 12.43.95.127
jackc@anna ~ $ whois ATT240-95-112
OrgName: GARY SURDYKE MOTORCYCLE INC.
OrgID: GSM-19
Address: 2435 HIGHWAY 67
City: FESTUS
StateProv: MO
PostalCode: 63028
Country: US
NetRange: 12.43.95.112 - 12.43.95.127
CIDR: 12.43.95.112/28
NetName: ATT240-95-112
NetHandle: NET-12-43-95-112-1
Parent: NET-12-0-0-0-1
NetType: Reassigned
Comment:
RegDate: 2002-03-22
Updated: 2002-03-22
RTechHandle: DB2308-ARIN
RTechName: Burgess, Dennis
RTechPhone: +1-636-931-8700
RTechEmail: dmburgess@surdyke.com
OrgTechHandle: DB2308-ARIN
OrgTechName: Burgess, Dennis
OrgTechPhone: +1-636-931-8700
OrgTechEmail: dmburgess@surdyke.com
-Jack Carrozzo
What is the best way to find out the responciable servers for this?
Thanx in advance.
Call AT&T? Or Gary Surdyke Motorcycle, inc?
root@jjohnson-ubuntu:~# whois 12.43.95.126
AT&T WorldNet Services ATT (NET-12-0-0-0-1)
12.0.0.0 - 12.255.255.255
GARY SURDYKE MOTORCYCLE INC. ATT240-95-112 (NET-12-43-95-112-1)
12.43.95.112 - 12.43.95.127
# ARIN WHOIS database, last updated 2010-04-14 20:00
# Enter ? for additional hints on searching ARIN's WHOIS database.
Dennis Burgess wrote:
I have a customer that has an IP of 12.43.95.126. Currently, I can not
get any reverse on this IP.
What is the best way to find out the responciable servers for this?
Thanx in advance.
AT&T owns the 12/8 address space. A quick whois gives me:
AT&T WorldNet Services ATT (NET-12-0-0-0-1)
12.0.0.0 - 12.255.255.255
GARY SURDYKE MOTORCYCLE INC. ATT240-95-112 (NET-12-43-95-112-1)
12.43.95.112 - 12.43.95.127
# ARIN WHOIS database, last updated 2010-04-14 20:00
# Enter ? for additional hints on searching ARIN's WHOIS database.
it appears that AT&T has delegate the PTRs to...
112-28.95.43.12.in-addr.arpa. 172800 IN NS ns2.nightowl.net.
112-28.95.43.12.in-addr.arpa. 172800 IN NS mail.nightowl.net.
[doon@gyruss:~] dig ns +trace -x 12.43.95.126
; <<>> DiG 9.3.3 <<>> ns +trace -x 12.43.95.126
;; global options: printcmd
. 502744 IN NS b.root-servers.net.
. 502744 IN NS l.root-servers.net.
. 502744 IN NS c.root-servers.net.
. 502744 IN NS g.root-servers.net.
. 502744 IN NS a.root-servers.net.
. 502744 IN NS f.root-servers.net.
. 502744 IN NS m.root-servers.net.
. 502744 IN NS e.root-servers.net.
. 502744 IN NS k.root-servers.net.
. 502744 IN NS d.root-servers.net.
. 502744 IN NS j.root-servers.net.
. 502744 IN NS i.root-servers.net.
. 502744 IN NS h.root-servers.net.
;; Received 480 bytes from 127.0.0.1#53(127.0.0.1) in 2 ms
12.in-addr.arpa. 86400 IN NS CBRU.BR.NS.ELS-GMS.ATT.NET.
12.in-addr.arpa. 86400 IN NS DMTU.MT.NS.ELS-GMS.ATT.NET.
12.in-addr.arpa. 86400 IN NS DBRU.BR.NS.ELS-GMS.ATT.NET.
12.in-addr.arpa. 86400 IN NS CMTU.MT.NS.ELS-GMS.ATT.NET.
;; Received 143 bytes from 192.228.79.201#53(b.root-servers.net) in 80 ms
126.95.43.12.in-addr.arpa. 172800 IN CNAME 126.112-28.95.43.12.in-addr.arpa.
112-28.95.43.12.in-addr.arpa. 172800 IN NS ns2.nightowl.net.
112-28.95.43.12.in-addr.arpa. 172800 IN NS mail.nightowl.net.
;; Received 117 bytes from 199.191.128.105#53(CBRU.BR.NS.ELS-GMS.ATT.NET) in 42 ms
-Patrick
Don't forget WTF.
Chris
Yep. BTW, thanks for all of the replies. In this case ATT was sending
the request to another server, and that's what I needed 
nenolod@petrie:~$ dig -x 12.43.95.126 +trace @4.2.2.1
; <<>> DiG 9.6.1-P2 <<>> -x 12.43.95.126 +trace @4.2.2.1
;; global options: +cmd
. 26412 IN NS j.root-servers.net.
. 26412 IN NS a.root-servers.net.
. 26412 IN NS l.root-servers.net.
. 26412 IN NS e.root-servers.net.
. 26412 IN NS g.root-servers.net.
. 26412 IN NS k.root-servers.net.
. 26412 IN NS d.root-servers.net.
. 26412 IN NS h.root-servers.net.
. 26412 IN NS i.root-servers.net.
. 26412 IN NS c.root-servers.net.
. 26412 IN NS m.root-servers.net.
. 26412 IN NS f.root-servers.net.
. 26412 IN NS b.root-servers.net.
;; Received 228 bytes from 4.2.2.1#53(4.2.2.1) in 34 ms
arpa. 172800 IN NS A.ROOT-SERVERS.NET.
arpa. 172800 IN NS H.ROOT-SERVERS.NET.
arpa. 172800 IN NS C.ROOT-SERVERS.NET.
arpa. 172800 IN NS L.ROOT-SERVERS.NET.
arpa. 172800 IN NS F.ROOT-SERVERS.NET.
arpa. 172800 IN NS M.ROOT-SERVERS.NET.
arpa. 172800 IN NS G.ROOT-SERVERS.NET.
arpa. 172800 IN NS E.ROOT-SERVERS.NET.
arpa. 172800 IN NS D.ROOT-SERVERS.NET.
arpa. 172800 IN NS I.ROOT-SERVERS.NET.
arpa. 172800 IN NS B.ROOT-SERVERS.NET.
arpa. 172800 IN NS K.ROOT-SERVERS.NET.
;; Received 495 bytes from 192.58.128.30#53(j.root-servers.net) in 28 ms
12.in-addr.arpa. 86400 IN NS DMTU.MT.NS.ELS-GMS.ATT.NET.
12.in-addr.arpa. 86400 IN NS CMTU.MT.NS.ELS-GMS.ATT.NET.
12.in-addr.arpa. 86400 IN NS CBRU.BR.NS.ELS-GMS.ATT.NET.
12.in-addr.arpa. 86400 IN NS DBRU.BR.NS.ELS-GMS.ATT.NET.
;; Received 143 bytes from 192.36.148.17#53(I.ROOT-SERVERS.NET) in 153
ms
126.95.43.12.in-addr.arpa. 172800 IN CNAME
126.112-28.95.43.12.in-addr.arpa.
112-28.95.43.12.in-addr.arpa. 172800 IN NS ns2.nightowl.net.
112-28.95.43.12.in-addr.arpa. 172800 IN NS mail.nightowl.net.
;; Received 117 bytes from 12.127.16.69#53(CMTU.MT.NS.ELS-GMS.ATT.NET)
in 60 ms
ns2.nightowl.net/mail.nightowl.net is broken (missing
128-28.95.43.12.in-addr.arpa) zone.
For someone who is a CCNA, Mikrotik Certified Whatever, etc, etc, etc,
you really should know how to use dig(1).
William
Wow! Surely, with all the mentioned Certs, you should know how to dig.
Darn, you can even get this info by just using web sites.
For someone who is a CCNA, Mikrotik Certified Whatever, etc, etc, etc,
you really should know how to use dig(1).
Certifications usually only suggest certain skills or knowledge they
were designed to validate, and sometimes might fail even at that;
dig(1) or detailed DNS knowledge is not scoped within either of those
certs, as far as I know..
There are probably many CCNA and MTCNA holders who have not so much
as seen a Unix/Linux shell prompt, and maybe only saw a DOS/Windows
command prompt once or twice, so the only shell command known is
'ping'.
[snip snip-]
I have a customer that has an IP of 12.43.95.126. Currently, I can not
get any reverse on this IP.
What is the best way to find out the responciable servers for this?
There are a number of ways to further research an IP address. Your
first stop should be normal WHOIS on the IP, either from your favorite
command line, or a web-based service such as DNSTools, DNSStuff, or
Robtex as in
#whois
If no success.... then check the DNS system to determine what
nameservers (if any) are delegated for the IP address' reverse DNS,
finally check prefix whois, RADB, or various services to lookup the
AS associated with world BGP announcements for the address. Asking OPs
mailing lists to help identify responsible party should be very last
resort,
after all normal avenues are exhausted.
Which IOS or RouterOS has that command?
Now, if the list included RHCE....
As James said, certifications are pretty narrowly targeted instruments; knowing
how to set up the cisco IOS featureset of the day or deal with all the things
you need to get those certs does not in any way touch real-world DNS issues.
At least if I were hiring someone, and they give me a list of certifications
like the above, I wouldn't assume any knowledge past what the training
materials of the week have in them; any other knowledge would be gravy.
You might be surprised how many network professionals have never had need to
use whois or dig, and may not even know they exist, but be a whiz at MPLS,
IPv6, QoS, etc things.
Whilst that's almost certainly right, I had a lot of trouble finding a
google search that _didn't_ return something relevant as it's first hit
(such as ARIN's whois, or one of several guides on how to use dig/etc for
reverse DNS).
Of course, they don't teach google in any certification I've come across
either, but...
Scott