Suggestions on Mass IP to DNS mapping

Does anyone know of a method for resolveing about a 1000 IP addresses to DNS?

Can you clarify, please? Do you want to map the IPs to the actual machine/domain name, or do you want to discover the Domain Name Servers for each IP?

If the former, I have had great luck subscribing to the MaxMind GeoIP service which allows you to upload n-numbers of IPs and will return the domain and location for each.

I have about 1100 IP addresses from network logs, which I know resolve to DNS names (all port 80 traffic). I need a quick way to resolve the IP's to DNS names.

Thanks

NirSoft's IPNetInfo.

MaxMind DB worked. Thanks

Here are a few scripts that will do the same.

Logparser
logparser -itextline "Select text, REVERSEDNS(Text) from ip.list" -statsOFF -rtp-1 > ip.dns.list

or if you like perl, you can use this code with this command
for i in `cat ip.list` ; do perl ip2dns.pl "$i" ; done

Perl Code
#!/usr/bin/perl -w
use strict;
use Socket;
my $arg = shift;
if ($arg =~ /^(\d+\.){3}\d+$/) {
print scalar gethostbyaddr(inet_aton($arg), AF_INET), "\n"
} else { printf "%vd\n", scalar gethostbyname $arg }

Enjoy
Chris

Does anyone know of a method for resolveing about a 1000 IP addresses to DNS?

Depends on what you want to get out of it. A reasonably quick and dirty method if you have the IP addresses, line by line, in a file would be to use nmap

% nmap -sL -iL <IP-address-file>

Output is a list of DNS names for which there is a reverse address translation (i.e. from IP-address to domain address) that nmap can identify. That is, you have to have a correct DNS setup on the system you are using, and the Internet link should not be overloaded.

nmap is available on all major platforms, so availability should not be a problem. And you don't have to rely on other tools – there used to be a script set called 'domtools', but for that to work, you had to have the 'dig' tool.

I don't think you'll find any off line methods – at least not in the general case.