Dig, a DNS Query Tool for Windows and Replacement for Nslookup 2008-04-15 15:29

Home , Cd (command), Dig (command), Nslookup, WHOIS

dig, a DNS query tool for Windows and replacement for nslookup 2008-04-15 15:29

Disclaimer

dig (dig for Windows ) (dig is a powerful tool to investigate [digging into] the DNS system)

Source of the binary is from ftp.isc.org Manual Page of dig, in the cryptic Unix style, for reference only.

(1) Download: Windows 2000 or Windows XP or Windows Vista ( dig version 9.3.2) Create a folder c:\dig Download this dig-files.zip and save it to c:\dig Use winzip or equivalent to extract the files in dig-files.zip to c:\dig

Note: If msvcr70.dll already exists in %systemroot%\system32\ , then you can delete c:\dig\msvcr70.dll

Note: Included in dig-files.zip is a command line whois, version 4.7.11: The canonical site of the whois source code is http://ftp.debian.org/debian/pool/main/w/whois/ The whois.exe file inside dig-files.zip is compiled using cygwin c++ compiler.

(2) Do a file integrity check (why ? Because some virus checkers destroy dll files) Click Start.. Run ... type CMD (a black screen pops up) cd c:\dig sha1 *

You should see some SHA1 hashes (in here, SHA1 hash is used as an integrity check, similar to checksums). Compare your hashes with the following table.

SHA1 v1.0 [GPLed] by Stephan T. Lavavej, http://stl.caltech.edu 6CA70A2B 11026203 EABD7D65 4ADEFE3D 6C933EDA cygwin1.dll 57487BAE AA0EB284 8557B7CA 54ED9183 EAFC73FA dig.exe 97DBD755 D67A5829 C138A470 8BE7A4F2 6ED0894C host.exe D22E4B89 56E1831F F0F9D076 20EC19BF 171F0C29 libbind9.dll 81588F0B E7D3C6B3 20EDC314 532D9F2D 0A105594 libdns.dll E0BD7187 BBC01003 ABFE7472 E64B68CD 1BDB6BAB libeay32.dll F445362E 728A9027 96EC6871 A79C6307 054974E4 libisc.dll B3255C0E 4808A703 F95C217A 91FFCD69 40E680C9 libisccfg.dll DFBDE4F9 E25FD49A 0846E97F D813D687 6DC94067 liblwres.dll 61B8F573 DB448AE6 351AE347 5C2E7C48 2D81533C msvcr70.dll BDA14B28 7987E168 F359F0C9 DD96866D 04AB189B resolv.conf 1112343A 319C3EEE E44BF261 AE196C96 289C70E2 sha1.exe 21D20035 2A5B64E2 69FEA407 4D78053F 3C7A2738 whois.exe

If your hashes are the same as the above table, then your files pass the integrity check. Type exit to close the black screen.

(3) Installation and setup:

Windows Vista: Same procedure as Windows XP below. Make sure you have a file called "resolv.conf" sitting in %systemroot%\System32\Drivers\Etc (Thanks to Patryk Bratkowski for Vista tip)

Windows XP: Install (use Google search to find notepad++ ) and use notepad++ to open the file c:\dig\resolv.conf and edit the first line: http://members.shaw.ca/nicholas.fong/dig/ 1 av 6 dig, a DNS query tool for Windows and replacement for nslookup 2008-04-15 15:29

Replace 198.80.55.1 with the IP address of a DNS server that your ISP gives you. If you are using a laptop, delete the line "nameserver 198.80.55.1", in other word, create an empty file. With this empty file present, dig will use the Windows default system DNS server. You still need a file called "resolv.conf" sitting in %systemroot%\System32\Drivers\Etc Thanks to Aaron Spurlock of Ogden, UT, USA, for this empty file trick. Click File...SaveAs....c:\windows\system32\drivers\etc\resolv.conf

Windows 2000: Install and use notepad++ (use Google search) to open the file c:\dig\resolv.conf and edit the first line: Replace 198.80.55.1 with the IP address of a DNS server that your ISP gives you. If you are using a laptop, delete the line "nameserver 198.80.55.1", in other word, create an empty file. With this empty file present, dig will use the Windows default system DNS server. You still need a file called "resolv.conf" sitting in %systemroot%\System32\Drivers\Etc Thanks to Aaron Spurlock of Ogden, UT, USA, for this empty file trick. Click File...SaveAs....c:\winnt\system32\drivers\etc\resolv.conf

(4a) Post Installation setup: Install "CMD Prompt Here" as follows: Download and save the file doshere.inf to c:\dig (Right click on this link and choose Save) Go to the folder c:\dig, right click on the file doshere.inf and choose "Install" from the drop down menu.

(4b) add path (thanks to Jason Partridge of Akento Technology Sourcing, Bloomington, IN, USA) Click..Start...Run... type control...in Category "Performance and Maintenance", System, Advanced, Environment Variables. Look in the top half of the screen, "User variables" section. If the PATH variable exists, double click the variable PATH to enter edit mode, append ;c:\dig to the Variable value. If the PATH variable does not exist, click the New button, Variable name: PATH Variable value: c:\dig

Windows 2000 - right click My Computer icon, choose properties, Advanced, Environment Variables.

How to use dig to query the DNS system:

Click Start....Run.... type cmd a black screen opens up.

dig --help will show you a "help screen" to intimidate and confuse you. dig -h will show you a even more intimidating "help screen". dig . NS will show you the 13 "root-level name servers", these are the 13 Internet gods in Western world.

Next, let's do something more useful.

dig com. NS shows you the (gTLD) top level domain name servers controlling the .com domain

dig net. NS http://members.shaw.ca/nicholas.fong/dig/ 2 av 6 dig, a DNS query tool for Windows and replacement for nslookup 2008-04-15 15:29

shows you the (gTLD) top level name servers controlling the .net domain

dig org. NS shows you the (gTLD) top level name servers controlling the .org domain

dig gov. NS shows you the (TLD) top level name servers controlling the .gov (US Government) restricted domain

dig mil. NS shows you the (TLD) top level name servers controlling the .mil (US military) restricted domain

dig edu. NS shows you the (TLD) top level name servers controlling the .edu (US post secondary) restricted domain

dig int. NS shows you the (TLD) top level name servers controlling the .int (international treaties) restricted domain

Each country code has its authoritative name servers (below is some of the 244 ccTLD)

dig ca. NS shows you the top level name servers controlling the .ca (Canada ) domain

dig us. NS shows you the top level name servers controlling the .us (US ) domain

dig uk. NS shows you the top level name servers controlling the .uk (United Kingdom ) domain

dig de. NS shows you the top level name servers controlling the .de (Germany ) domain

dig au. NS shows you the top level name servers controlling the .au (Australia ) domain

dig cn. NS shows you the top level name servers controlling the .cn (China ) domain

dig kr. NS shows you the top level name servers controlling the .kr (Korea ) domain

dig tw. NS shows you the top level name servers controlling the .tw (Taiwan ) domain

dig hk. NS shows you the top level name servers controlling the .hk (Hong Kong ) domain

dig gs. NS shows you the top level name servers controlling the .gs (South Georgia and the South Sandwich Islands ) domain

dig ws. NS shows you the top level name servers controlling the .ws (Western Samoa ) domain, some "domain registrars" confuse the public by inferring this as the "Website" top level domain. http://members.shaw.ca/nicholas.fong/dig/ 3 av 6 dig, a DNS query tool for Windows and replacement for nslookup 2008-04-15 15:29

dig tv. NS shows you the top level name servers controlling the .tv (Tuvalu ) domain, some "domain registers" confuse the public by inferring this as the "television" top level domain.

dig ae. NS shows you the top level name servers controlling the .ae (United Arab Emirates ) domain

dig gr. NS shows you the top level name servers controlling the .gr (Greece ) domain

dig id. NS shows you the top level name servers controlling the .id (Indonesia ) domain

dig ru. NS shows you the top level name servers controlling the .ru (Russia ) domain

dig aero. NS shows you the (gTLD) top level name servers controlling the .aero domain (for aviation industry)

dig biz. NS shows you the (gTLD) top level name servers controlling the .biz domain (for businesses)

dig coop. NS shows you the (gTLD) top level name servers controlling the .coop domain (for co-op associations)

dig info. NS shows you the (gTLD) top level name servers controlling the .info domain

dig jobs. NS shows you the (gTLD) top level name servers controlling the .jobs domain (for human resources)

dig mobi. NS shows you the (gTLD) top level name servers controlling the .mobi domain (for mobile products and services)

dig museum. NS shows you the (gTLD) top level name servers controlling the .museum domain (for museums)

dig name. NS shows you the (gTLD) top level name servers controlling the .name domain (for individuals)

dig pro. NS shows you the (gTLD) top level name servers controlling the .pro domain (for credentialed professionals)

dig travel. NS shows you the (gTLD) top level name servers controlling the .travel domain (for travel industry)

The Internet god approved these gTLD domains.

http://members.shaw.ca/nicholas.fong/dig/ 4 av 6 dig, a DNS query tool for Windows and replacement for nslookup 2008-04-15 15:29

More examples of how to use dig to query the DNS system:

dig dell.com. NS shows you the Name Servers for "dell.com"

dig dell.com. MX shows you the mail servers for receiving email for the "dell.com" domain (geeky terminology: Mail eXchange ). The mail server with the smallest number in front of it will be contacted first. If that mail server is down or busy, the mail server with the larger number will be contacted next (for fault tolerant).

dig www.dell.com. shows you the IP address of the computer www.dell.com (geeks call computer a "host") (geeks also like to call www.dell.com a FQDN to intimidate others around them)

Sometimes you see the word CNAME in the answer section, CNAME is a geeky way of saying "an alias".

dig www.ibm.com. @hub.ubc.ca lookup the IP address of www.ibm.com by making a DNS query to the DNS server "hub.ubc.ca"

Most DNS name servers are recursive (friendly), they try to find an answer for you. However, some "system administrators" suffering from extreme-paranoia configure their name servers to refuse answering queries that are outside of their "comfort zones". These extreme-paranoia servers are called "non-recursive" (aka unfriendly) name servers.

dig -x 216.21.128.22 will look up the "host name" from an IP address (geeks call this a "reverse DNS lookup" to intimidate and impress others around them) The equivalent human-friendly command is host 216.21.128.22

Use dig to discover domain names that are not recognized by the 13 root servers (the 13 Internet gods), hence these domains cannot be reached by the Internet users. Reason: All properly configured DNS servers on the Internet point to the 13 root servers for authoritative answers.

The following "dig"s yield an "ANSWER: 0" response from the root servers (the Internet gods)

dig usa. NS dg sport. NS dig report. NS dig club. NS dig news. NS dig tech. NS dig limited. NS dig med. NS dig ltd. NS dig law. NS dig shop. NS

Above domain names are not recognized by the 13 Internet root servers (the 13 Internet gods), it is not known when, or if ever, the Internet gods will recognize those domains.

http://members.shaw.ca/nicholas.fong/dig/ 5 av 6 dig, a DNS query tool for Windows and replacement for nslookup 2008-04-15 15:29

dig vs whois

The DNS system and the whois system are not the same, they are only loosely tied together. If the whois system is broken, (while the DNS system is working) the whole Internet will work fine. If the DNS system is broken (while the whois system is working), the whole Internet will die.

The whois system is supposed to display who owns the domain and their corresponding name servers, however, due to usually defective software at whois servers at domain registrars, (the amount of defects is proportional to the registrar's domain registration fees), the DNS name servers information obtained from the whois query is often wrong, out of date, and inaccurate.

Use whois to find out approximately who owns the domain.

Use dig to lookup the DNS name servers of that domain.

For example, to find out who owns the name ibm.com

whois ibm.com

whois ibm.com | more (hit space bar to scroll forward)

Burnaby, B.C. Canada

Disclaimer

Revised: March 16, 2008

http://members.shaw.ca/nicholas.fong/dig/ 6 av 6