How to do a Reverse DNS Lookup

Performing a Reverse IP Lookup in Ruby, Python, and Bash

reverse DNS lookup is sometimes called a reverse IP lookup because you start with an IP address and use it to lookup a hostname. For example, if you have an IP address like 66.249.64.10, a reverse DNS lookup will return the hostname crawl-66-249-64-10.googlebot.com.
You might also see reverse DNS lookups referred to as reverse DNS resolution, reverse PTR lookup, or reverse Pointer DNS lookup. They’re all synonymous.
Since reverse DNS lookups are a pretty common task, many languages have libraries that support lookups. We’ll cover performing a reverse IP lookup in 3 popular languages:
  • ruby
  • python
  • bash

Reverse DNS Lookups in Ruby

Ruby has a number of gems which you can use, but I prefer resolv because it’s built into Ruby’s Standard Library, and it’s really easy to use.
Just use the getname method:

Reverse DNS in ruby using ‘resolv’

require 'resolv'

reversed_dns = Resolv.new.getname '203.208.60.1'

# "crawl-203-208-60-1.googlebot.com"
If resolv just isn’t for you, there are alternative gem that package powerful DNS tools together. For example, dnsruby and net-dns are two great DNS libraries.
dnsruby is a cool gem because it’s built on top of resolv, but with some added functionality like the ability to:
  • do zone transfers 
  • or perform queries with retries across multiple nameservers.

Reverse DNS in ruby using ‘dnsruby’

require 'dnsruby'

resolver = Dnsruby::Resolver.new.query '203.208.60.1'

# ;; Security Level : UNCHECKED
# ;; HEADER SECTION
# ;; id = 59252
# ;; qr = true    opcode = Query    aa = false    tc = false    rd = true
# ;; ra = true    ad = false    cd = true    rcode  = NOERROR
# ;; qdcount = 1  ancount = 1  nscount = 4  arcount = 5
# 
# OPT pseudo-record : payloadsize 1280, xrcode 0, version 0, flags 32768
# 
# ;; QUESTION SECTION (1  record)
# ;; 1.60.208.203.in-addr.arpa.   IN      PTR
# 
# ;; ANSWER SECTION (1  record)
# 1.60.208.203.in-addr.arpa.      86068   IN      PTR     crawl-203-208-60-1.googlebot.com.
# 
# ;; AUTHORITY SECTION (4  records)
# 60.208.203.in-addr.arpa.        86068   IN      NS      ns1.google.com.
# 60.208.203.in-addr.arpa.        86068   IN      NS      ns3.google.com.
# 60.208.203.in-addr.arpa.        86068   IN      NS      ns4.google.com.
# 60.208.203.in-addr.arpa.        86068   IN      NS      ns2.google.com.
# 
# ;; ADDITIONAL SECTION (5  records)
# ns2.google.com. 303789  IN      A       216.239.34.10
# ns3.google.com. 219381  IN      A       216.239.36.10
# ns4.google.com. 303744  IN      A       216.239.38.10
# ns1.google.com. 303769  IN      A       216.239.32.10

reversed_dns = resolver.answer[0].domainname.to_s

# "crawl-203-208-60-1.googlebot.com"
net-dns is also a great gem and is regularly maintained. net-dns is a close port of perl’s Net::DNS and it shares almost all the same powerful functionality. So if you’re familiar with the perl library, this might be the gem for you.

Reverse DNS in ruby using ‘net-dns’

require 'net/dns/resolver'

resolver = Net::DNS::Resolver.new.search '203.208.60.1'
# ;; Answer received from 10.44.225.18:53 (89 bytes)
# ;;
# ;; HEADER SECTION
# ;; id = 26855
# ;; qr = 1opCode: QUERYaa = 0tc = 0rd        = 1
# ;; ra = 1ad = 0cd = 0rcode = NoError
# ;; qdCount = 1anCount = 18nsCount = 0arCount = 0
# 
# ;; QUESTION SECTION (1 record):
# ;; 1.60.208.2083.in-addr.arpa.   IN      PTR     
# 
# ;; ANSWER SECTION (1 record):
# 1.60.208.203.in-addr.arpa.   47300   IN   PTR   crawl-203-208-60-1.googlebot.com.
reversed_dns = resolver.answer[0].ptr
# "crawl-203-208-60-1.googlebot.com."

Pythonic Reverse IP Lookups

For python, the fast and simple approach is to use the already built in socket library. Using the aptly named gethostbyaddr method, the lookup is fairly easy:

Reverse DNS in python using ‘socket’

import socket

reversed_dns = socket.gethostbyaddr('203.208.60.1')
# ('crawl-203-208-60-1.googlebot.com', ['1.60.208.203.in-addr.arpa'], ['203.208.60.1'])
reversed_dns[0]
# 'crawl-203-208-60-1.googlebot.com'
However, there are specific packages that you can install that will give you some added power. For example, dnspython is an awesome library that is regularly maintained.

Reverse DNS in python using ‘dnspython’

from dns import reversename, resolver

rev_name = reversename.from_address('203.208.60.1')
reversed_dns = str(resolver.query(rev_name,"PTR")[0])
# 'crawl-203-208-60-1.googlebot.com.'

Bash: Command Line Reverse DNS Lookups

Reverse DNS lookups are really easy from the command line. Most linux platforms support this right out of the box. Here we’re using the terminal app on Mac OS X. Just use the host command followed by an IP address.

Reverse DNS lookup in the Command Prompt

You can also easily do a DNS lookups using the same host command with a given IP:
~$ host 66.249.66.1
1.66.249.66.in-addr.arpa domain name pointer crawl-66-249-66-1.googlebot.com.
Then just as easily, using the same host command to do a forward DNS lookup from the command line:

Forward DNS lookup in the Command Prompt

~$ host crawl-66-249-66-1.googlebot.com
crawl-66-249-66-1.googlebot.com has address 66.249.66.1

Windows: Reverse DNS lookup in Windows

To perform a reverse DNS lookup to find a hostname on windows, use either the ping or nslookup commands.

Reverse DNS lookups with Ping on Windows

When using the ping command, make sure to add the -a flag so it will resolve the addresses hostnames. If there is no hostname for the entry, it will just ping without a name.
ping -a 66.249.66.1
There's a drawback with pign since it's not strictly a name server lookup. It's possible to receive an out of date cached result. As a way to either double check or to be sure to get the most accurate result, you might want to try nslookup instead.

Reverse DNS lookups with nslookup on Windows

Similar to ping and the host command, the nslookup command on widows just needs to be followed by an IP to perform a DNS lookup:
nslookup 66.249.66.1

Server: crawl-66-249-66-1.googlebot.com
Address: 66.249.66.1

Automated bulk lookups

If you're looking for an easy way to do a reverse and forward DNS lookup in bulk, check out my command line tool I recently created in golang. It's called goodbots and is open source on github: https://github.com/eywu/goodbots
 
notion image