Testing Name Resolution

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

57 minutes
Video Transcription
Welcome back in this lesson. We're gonna talk about testing, name resolution.
The objectives include we're gonna go back and talk a little bit more about I p config
and then we'll take a look at our command line. Utilities in us look up and B T stat and AARP
something very important When troubleshooting network is verifying, we can't perform name resolution,
meaning we can take the name of a resource and map it to the I P address
and one of my favorite quotes from a fellow I t professional. I've worked with his all problems are name resolution until proven otherwise.
And I found this to be very true. In my experience working as a systems administrator, There have been quite a few problems I've experienced where it came back to DNs resolution that working correctly or a record is missing or just something was incorrectly said about it. So this definitely holds true and always remember that when you start looking that troubleshooting network issues always verify
name resolution,
but enough quoting let's get back to our tools. First, we're gonna visit a tool we talked about in the last lesson I p config.
We looked at previously how we could release and renew I p addresses. And we have a couple other command line options here as well. We can use the Ford Slash flush DNS to purge our local DNS cache so we can force our local system to go and perform a new DNS query to get a new I p address
Second, weaken force our client to re register with the DNS server using slash register DNs.
While I haven't had to use this command many times, I did. Once when I was working with a system out in a d. M Z network,
the D M Z server out in that network had failed. And once we got it back up, I had to go back to each server and force it to re register with the DNS server before name resolution started working again.
Next is in us. Look up in the stands. Four. Name server. Look up. This allows testing Deena's resolution against your configured DNS server or against another one by specifying the server I p address.
This allows you to determine if the issue is with local or your assigned DNS servers.
Like I said, you can also test against other DNS servers for comparison to see if they give you back the same result, you can look up different network record types, such as a Records Pointer Records, Imex records for email, SRV for service records and text records.
And really, in a slick of is gonna probably be your primary tool for looking up and testing domain name resolution. The screenshot I have here is for looking up Sai Buri that I tease Imex, record or email record and looking at the results they're using Google or probably some Google Cloud services for their email.
This allows other systems to look up the Imex record
so they know where to send email to.
In the demo will look up a couple of different records so you can see the different results.
Next is NBT Stet, which stands for Net Biles over TCP slash i p statistics.
This is used to verify Net bios, name, resolution,
or you can use it to verify the cache of results system names on the host.
The Net Biles name is the name of the system without a domain name, and it's typically also the same name as the host itself. Previously, the Windows Internet naming service or winds provided name resolution services for Net bios.
Those essentially DNS for Net bios names, but it's not often used anymore because we now we have DNS only mission here. In case you're seeing Net bios name, resolution, errors and in our demo will take a look at what we have in the screen shot here of looking at and verifying the local cash.
Finally, we have AARP, which stands for address resolution protocol. This is a mapping of I P addresses to the Ethernet, Mac or physical addresses on the network.
The AARP utility allows you to view and modify entries inside the art cash
systems. Use are to find the Mac address of the target system. Based on this I P address and their demo will take a look at the AARP cash as well as adding and removing your own static entries
that does it for the lecture. Let's jump back to our system and take a look at some of these utilities in our demo.
Here we are back on our Windows 10 workstation and the first commands. I want to look at our I p config flush DNS and register DNS. Let's go ahead and try to run those real quick.
You can see here that these commands both require elevation. And what this means is we need to run command propped as an administrator.
Let's go down here and right Click on command. Prompt
and run. His administrator
gonna resize this window a little bit.
And here you can see if I overlay these one says administrator, Command prompt. And the other one is just our regular command Prompt.
Let me clear out the screen. Let's try those commands again.
And here the flush DNS command we see is now successful. It's completed clearing out our local cash on the system.
I'm going to up arrow and change our command to register DNS.
That is completed successfully as well.
And what it does also note here is if there any errors re registering this computer into the DNS, it's gonna be reported in the event beer in 15 minutes.
And I can say that this is definitely true going back to the story I told about the DMC server from the slides,
I would run this command, go and check the event beer, and it was showing it was having difficulty registering with the DNS server, which led us to troubleshooting and fixing the issue on the DNS server.
I was going to switch back to our regular command prompt.
Next. Let's take a look at our in a slick of command. First, let's try to look up the local server I have in my demo environment.
You can see here. The first part of this result is the DNS server that work wearing and blow. That is going to be the result for the name that you're looking up. In this case, it's going to be the same server because my server, 01 is also my primary DNS server.
Next, let's look up the website cyberia dot by t.
And here we get back a couple of different I P addresses, which means there's multiple records out there that it resolves to.
Now we can see the server it's performing choirs against is my primary DNS server. But if you want, look up records against another Dina server, you just have to specify the I p address her name. After the record, you're trying to look up,
so I know internally, I have another DNS server. Let's try to quarry against it.
And here you can see our results have changed. It's looking up. It gets to my primary WiFi router here, and I get back the same answer.
In addition to testing other internal DNS servers, you can also test external ones as well.
Google provides a dina server. You can try to query against of 8.8 dot 8.8,
and now you can see our server is DNs dot google and we get back the same answers.
Another DNS option. You could try his firm Cloudflare, and it is 1.1 that one that one.
So you can see these are pretty easy. I p addresses for you to remember if you need to test name resolution against a different external server.
So far, our queries are just defaulting to a records and bringing a pointer or PTR records.
But you can use in s look upto look up other kinds of records. Let's try to look up the mail record or MX record for cyberia dot i t
We'll continue with our Innis Look up command and we're gonna change the type two mx
and we get back a couple of different MX records. And like I mentioned back in the slides, it looks like they're probably using G suite
from Google for their email services.
This is exactly how email servers find where to send email. They'll look up the Imex record for the domain and then try to send it to these names here,
another record type. We can look at our SRV records.
The's identify services to connect to for certain applications.
One. I'm familiar with his federation inside of Skype for business and that record looks like this.
Here you can see you didn't find the record. Excite a little typo here
and again, we still didn't find the record.
Perhaps it's the DNS server I'm looking at. Can't look up and find this records. Let's try a different DNS server.
Interesting. So my internal primary Dina server couldn't look that record of,
But when I pointed to Mother Dina Sever, you can see it can look up a record.
This is where that's really useful and testing multiple DNS servers to see which one can and cannot resolve the records that you're looking up
now. We've just been typing out in its look up commands one at a time, but you can actually do this an interactive mode. If you run, just Innis look up by itself. It's going to go into a different looking command prompt. And here we can just look up records without typing in this. Look up. Let's go ahead and give it a try again. Let's look up cyberia dot i t.
And my personal domain.
And here, if we want to change to a different
DNS server to look up records against, we just type out server in the I p address.
And let's try to look up our records again just to make sure.
Great. Now we've switched over to using a different DNS server.
Just like our other commands. We can change the record type as well. If we run set type equals the record. Type
I up arrow and bring back samarie dot i t.
I cannot see it brings back male records instead,
and again, we could do the exact same thing for our SRV records.
So in a slick up is very powerful. You can sit there and test other DNS servers contest public DNS servers to compare against your own
as well as changing the record types and looking up different services
to get out of the interactive Innis. Look up. Just type exit
and let's go ahead and clear this screen
Next. Let's take a look at NBT, stat.
Now, these commands are gonna fail. But I just want to show you the syntax of what it looks like in case you ever need it.
First, you can use NBT stat
dash lower case A and the Net bios name of what you want to try to look up the i P address off.
Like I mentioned, this is gonna fail and that's okay.
We're just looking at examples of how to use these.
If you switch this to a capital A
and type in the I P address, it will try to match it to a Net BIOS name.
And again, that's gonna fail.
If you want to check out the cache of what your system has been able to match up,
just change this to a dash C.
Like I mentioned in the slides. Net Bios is a little bit of a legacy protocol. But I only mention it here just for completeness in case you run into single name resolution errors.
It's good and clear the screen again.
Finally, let's look at the AARP Command
Free run AARP Dash A
is going to show our current cash of Internet addresses or I P addresses and the physical Mac addresses that they've been resolved to.
And here you can also add your own static entries if you need to.
He was simply type are Potash s put in the I P address and then the Mac address that you want associate it with.
And here you can see this is another one of the commands that requires elevation. Let me copy this real quick.
Let's head back to our administrator council
and there are command completed successfully.
Let's check our cash again.
And here you can see the static entry that we just put in there.
Let's go ahead and remove this entry.
We can use the dash D option and then specify the I P address we want to remove
to check our cash again.
We can see that entry is now gone.
Does that cover some of the basics?
Primarily. I want you to look at their is be really familiar with the N s Liko Command. I think this is command you'll use most when troubleshooting, You know any name, resolution errors
as well as the i p config command to flush your DNS or re register the local system and then nbt stat. And are you probably not going to use this much, but I just want to put them in here for completeness, just in case you ever need to test the single name resolution or look at your AARP entries. Let's head back to the slides and wrap this up.
Come back for the demo. Let's take a quick quiz question. Which command is used to look up records against a DNS server?
And that answer is in this look up.
Like I mentioned at the beginning of the lesson, this is probably gonna be your primary tool for testing domain name, resolution and the command line
that does it for this lesson. Let's summarize what we looked over.
We took a look at clearing our local DNS cache using I p config.
We tested DNs servers using in this look up, we verified net bios, name, resolution and cash,
and finally we verified our countries
coming up. Next, we're going to take a look at some other advanced networking tools.
See you in the next episode.
Up Next
Network Troubleshooting and Tools

In this course, we will learn basic network troubleshooting using command line tools in a Windows environment. We will learn to verify local network configuration and test connectivity from our local system to other network resources.

Instructed By