On Jan 6, 2010, at 12:17 AM, Richard Brooks wrote:
> I am writing an interface to Snort's MySQL database. The interface currently
> uses nslookup to try and resolve ip addresses to their human friendly names,
> but Wireshark is doing a much better job than nslookup. For example using
> nslookup ip address '216.239.59.208' resolves to 'gv-in-f208.1e100.net',
> however Wireshark correctly resolves this ip address to the much more
> meaningful 'bskyb-pop3-ssl.l.google.com', which is much more descriptive
> than the previous effort.
"Correctly"?
$ host bskyb-pop3-ssl.l.google.com
bskyb-pop3-ssl.l.google.com has address 74.125.127.208
Doesn't look like 216.239.59.208 to me. Do you have "host" on your machine?
If so, what does it resolve bskyb-pop3-ssl.l.google.com to? And what do you
get for "host -a 216.239.59.208", "host -a gv-in-f208.1e100.net", and "host -a
bskyb-pop3-ssl.l.google.com"?
___________________________________________________________________________
Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org>
Archives: http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
