HowTo resolve Windows client hostname by IP without DNS/WINS
Posted: Thu Oct 15, 2015 3:10 pm
This HowTo describes how you can resolve hostnames of Windows by IP, but without having a DNS or WINS server to query.
This returns something like this:
If you would like to get a list of all computers that currently exist in a subnet, you can combine that with using "nmap":
This will have nmap scan for all computers in the 192.168.1.0/24 network. The "24" equals a netmask of "255.255.255.0".
It returns a list of IPs of hosts that are currently turned on and connected to that subnet.
Using BASH-Foo, you can use the following command to scan and resolve in one step:
Code: Select all
$ nmblookup -A [HOST_IP]Code: Select all
Looking up status of 192.168.1.7
PHONOSRV-TEST <00> - B <ACTIVE>
PHONOTHEK <00> - <GROUP> B <ACTIVE>
PHONOSRV-TEST <03> - B <ACTIVE>
PHONOSRV-TEST <20> - B <ACTIVE>
PHONOTHEK <1e> - <GROUP> B <ACTIVE>
MAC Address = 00-0C-29-60-71-61Code: Select all
$ sudo nmap -n -sn 192.168.1.0/24 | grep "scan report" | cut -d ' ' -f 5It returns a list of IPs of hosts that are currently turned on and connected to that subnet.
Using BASH-Foo, you can use the following command to scan and resolve in one step:
Code: Select all
$ for IP in $(sudo nmap -n -sn 192.168.100.0/24 | grep "scan report" | cut -d ' ' -f 5); do nmblookup -A $IP; done