Resolve host name from IP address

Question

I'm looking for a command line tool which gets an IP address and returns the host name, for Windows.

Related: https://serverfault.com/q/366613/2321 – warren Sep 25 '17 at 21:46 — warren, Sep 25 '17 at 21:46

score 168 · Accepted Answer · edited Oct 11 '16 at 12:58

168

The command you are looking for is called nslookup, works fine for reverse lookups IFF someone has configured a reverse zone file, which they don't always do.

edited Oct 11 '16 at 12:58

Bruno Bieri

103
5

answered Oct 13 '09 at 14:29

Ward - Trying Codidact

12,899
28
46
59

score 120 · Answer 2 · answered Oct 13 '09 at 16:32

120

if all the above fails, and you are specifically looking for a Windows machine, you can use

nbtstat -a 192.168.1.50

The data returned will be all the NetBIOS records the machine has. The one with a <20h> record type will usually be the machine's name.

answered Oct 13 '09 at 16:32

Moose

1,641
1
9
7

3

Not working when connected through the open vpn – Alexander.Iljushkin Apr 05 '16 at 06:13
@Flextra - you will need SMB access to the machine. Your VPN may be blocking it. – Moose Apr 07 '16 at 02:55
Interesting, looks like it tacks on the fully qualified domain name in the formatting: `Pinging NETBIOSNAME.DOMAINNAME.com [xxx.xxx.xxx.xxx]`. If its on the network and not on the domain (for me a unix system of interest) then `ping -a` just formats with the ipaddress alone it looks like. – jxramos Feb 06 '17 at 21:12
Works for me. Just what I needed! – FearlessFuture Apr 12 '18 at 14:13
1

I keep getting `Host not found.` any idea why? – Shayan Nov 24 '19 at 19:22
I think it doesn't work on Windows 10, I keep getting, `Host not found.`. – Shayan Nov 24 '19 at 19:23
It does work on Windows 10, but on the target machine, the windows 10 firewall must not be blocking smb, and the Server service must be running to get the <20h> record. – Moose Nov 25 '19 at 20:36

score 82 · Answer 3 · answered Oct 13 '09 at 14:44

82

For many IP addresses you could just use ping -a, for example

ping -a 209.85.229.106

will return

Pinging ww-in-f106.google.com [209.85.229.106] with 32 bytes of data:

Reply from 209.85.229.106...........

answered Oct 13 '09 at 14:44

Marko Carter

4,092
1
30
38

2

This is what I always use first as it is universally available on pretty much every machine. – Goyuix Oct 13 '09 at 14:54
16

ping is sooo often used to do simple DNS lookups... *sigh* don't do that. – PEra Oct 13 '09 at 16:48
7

this is the only answer that got me the hostname from my raspberry in my LAN. @PEra why is this a bad answer? – andy Sep 18 '19 at 20:52
How does this works? Though which protocol? – BAKE ZQ May 16 '20 at 11:57

score 36 · Answer 4 · answered Oct 13 '09 at 14:36

36

If you use nslookup command with the IP address as its first argument will return the PTR record (the reverse entry) if it exists. For example:

nslookup 192.168.1.50

answered Oct 13 '09 at 14:36

Kyle Brandt

83,619
74
305
448

score 3 · Answer 5 · edited Jun 25 '19 at 17:01

3

Use dig. A Windows port is available from the ISC here (look in the immediate download box for the link to the zip file). Here's their man page reference for dig.

Ward's point about the reverse lookup records often not getting created is very much true. Reverse lookups often do fail because many admins don't bother creating the ptr records.

edited Jun 25 '19 at 17:01

Marcello Miorelli

215
1
12

answered Oct 13 '09 at 14:35

squillman

37,883
12
92
146

score 3 · Answer 6 · edited Jul 17 '17 at 15:11

(tested under Windows 10 x64)

From command line:

FOR /F "tokens=2 delims= " %A in ('2^>NUL NSLOOKUP "%IP_ADDRESS%" ^| FINDSTR /C:": "') do ECHO %A

Within a script:

FOR /F "tokens=2 delims= " %%A in ('2^>NUL NSLOOKUP "%IP_ADDRESS%" ^| FINDSTR /C:": "') do ECHO %%A

Two (side)notes:

To supress NSLOOKUP errors you have to use 2^>NUL instead of 1^>NUL
I've used FINDSTR /C to extract the value after the four whitespace characters. As the four spaces only seem to exist for the Name: entry, this appears to be only way to make it work on other localized systems.

score 1 · Answer 7 · answered Dec 07 '22 at 05:14

1

tracert might be an option.

tracert 10.12.190.51

Results in:

Tracing route to LAP8662.aus.int.example.com [10.12.190.51]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  LAP8662.aus.int.example.com [10.12.190.51]

Trace complete.

answered Dec 07 '22 at 05:14

Fidel

373
1
4
19

This just uses the reverse DNS, it is exactly the same as using nslookup. But in this case the name resolution is a side effect and you shouldn't rely on it. – Nikita Kipriyanov Dec 07 '22 at 05:22
Thanks Nikita. The curious thing is that sometimes `tracert` returns the resolved name, but `nslookup` doesn't. It must be some peculiarity about my network setup. – Fidel Dec 07 '22 at 06:52
1

This is the statement I wouldn't believe unless I see it myself ;) The explanation must be that nslookup uses only DNS protocol, but tracert uses the system name resolution library which uses DNS as a last resort, after WINS, NetBIOS, hosts file and so on were tried; however, in your example the name looks like DNS name. Anyway, I wouldn't rely on the results that all those "automatic" methods produce. – Nikita Kipriyanov Dec 07 '22 at 07:41
Very interesting! Thanks Nikita – Fidel Dec 07 '22 at 12:42

score 0 · Answer 8 · answered Jun 27 '17 at 23:34

0

if you want to know the host-name in same network then please use another machine which have same network and use below commend
Ping -an ip addres

answered Jun 27 '17 at 23:34

user422366

21

4

Didn't you notice this answer was already here? – and it's not designed for this. – Esa Jokinen Jun 28 '17 at 05:36

score 0 · Answer 9 · answered Jul 25 '19 at 08:29

0

psexec \192.168.0.65 hostname

DMHD006 hostname exited on 192.168.0.65 with error code 0.

answered Jul 25 '19 at 08:29

Sahin

1

1

Keep in mind that the configured hostname not necessarily matches the hostname that is configured in DNS. – Gerald Schneider Jul 25 '19 at 08:44

Resolve host name from IP address

9 Answers9

Linked