Skip to content

nslookup-commands-cheat-sheet.adoc

Latest commit

 

History

History
85 lines (59 loc) · 2.72 KB

nslookup-commands-cheat-sheet.adoc

File metadata and controls

85 lines (59 loc) · 2.72 KB

nslookup commands cheat sheet

Author: Yuri Slobodyanyuk, https://yurisk.info

Note
 All the commands below are for the Interactive mode.

Command

Description

nslookup

Enter the interactive mode. The nslookup prompt > opens.

set all

Show current settings for the session, useful to show what the nslookup is actually going to do on the next query.

set norecurse

Disable recursive querying. Useful when checking if a specific DNS can answer the query without recursively asking other DNS servers. Use set recurse to enable it back.

set ty=Record-type-to-query-for

Sets the record type you want to query. E.g. set ty=MX - all following queries will ask for MX record only, until changed again with set ty=…​. Available types A, AAAA, ANY, MX, TXT, SOA, CNAME, etc. as per DNS protocol. The default type, if not set otherwise is A/AAAA.

domain

Query the domain domain for the value of the record type set previously via set ty=…​ or A record by default.

server [IP-address-of-alternative-DNS-server]

Run by itself, server prints DNS server(s) currently set and used for resolving. Change the DNS server to query by specifying IP address of the server, e.g.

> server 8.8.8.8
Default server: 8.8.8.8
Address: 8.8.8.8#53

set debug/nodebug

Enable verbose output of what the nslookup is actually doing (debug), or disable nodebug (default). Shows what server is being queried, additional records, whether the server is authoritative or not.

set no<name of the option>

Unset any option you previously set. E.g. to disable recursive query: set norecurse. There is no space between the "no" and the option name. Use set <option name> to enable the option again.

IDN_DISABLE

Environment variable, if not set (default) enables querying IDN names, e.g.:

> set ty=A
> рег.рф
Server:         8.8.8.8
Address:        8.8.8.8#53

------------
    QUESTIONS:
        рег.рф, type = A, class = IN
    ANSWERS:
    ->  рег.рф
        internet address = 194.58.116.37
        ttl = 21600
    AUTHORITY RECORDS:
    ADDITIONAL RECORDS:
------------
Non-authoritative answer:
Name:   рег.рф
Address: 194.58.116.37

set port=N

Set port different from 53 on the remote DNS server. NOTE: nslookup does NOT support DOT/DOH protocols, only plain old clear text DNS.

exit

Leave nslookup interactive mode to the command line of terminal.

WINDOWS only: ls -d domain-name

Try to do AXFR zone transfer from the configured DNS server. If works and unintended - serious security risk. Linux version of nslookup does NOT have this option. E.g. ls -d yurisk.info.