The nslookup command
can be used in Windows
to find various details relating to the Domain Name System
(DNS) including IP addresses
of a particular computer, MX records
for a domain
or the NS servers
of a domain - all using DNS lookups. The name means "name server lookup". The most common version of the program is included as part of the BIND
package. More modern alternative to nslookup are the "host" and "dig
" programs, also shipping with BIND.
nslookup comes with a number of subcommands to help you get more information from the specific dns servers. They are:
- server NAME (where NAME is the name or ip address of the dns server you wish to query). It is not always possible to query a specific dns server as often dns queries are blocked to prevent denial of service attacks
- set type=NAME (where NAME is the type of record you would like to look at. For example set type mx will give you the mail records)
Addresses: 126.96.36.199 ,188.8.131.52 , 184.108.40.206 ,220.127.116.11
> server dns.com
Default Server: dns.com
> set type=mx
microsoft.com MX preference = 0, mail exchanger = nullmx.domainmanager.com
Interpretation of the standard nslookup result
The first two lines are information about the server delivering the answer to the nslookup requested by the user.
The next two lines tell the user the name and IP address of the machine being looked up.