Reverse ip, find domain names on ip address

How and from where websites like this http://www.yougetsignal.com/tools/web-sites-on-web-server/ are getting this information from? How can I develop such tool?

Thank you.


Solution 1:

You can use nslookup on the IP. Reverse DNS is defined with the .in-addr.arpa domain.

Example:

nslookup somedomain.com

yields 123.21.2.3, and then you do:

nslookup 123.21.2.3

this will ask 3.2.21.123.in-addr.arpa and yield the domain name (if there is one defined for reverse DNS).

Solution 2:

You can use ping -a <ip> or nbtstat -A <ip>

Solution 3:

They're just trawling lists of web sites, and recording the resulting IP addresses in a database.

All you're seeing is the reverse mapping of that list. It's not guaranteed to be a full list (indeed more often than not it won't be) because it's impossible to learn every possible web site address.