1
There's a remote machine named JUPITER, accessible through Win8 DirectAccess. Then just after IPCONFIG /FLUSHDNS, I observe the following:
ping JUPITER works and pings to an IPV6 address.nslookup JUPITER fails.nbtstat -a JUPITER fails.c:\windowsc:\system32\drivers\etc\hosts is original (does not contain JUPITER).How can ping resolve host name if it cannot be found anywhere?
fernacolo
Posted 2013-07-26T23:02:05.407
Reputation: 101
2
Windows Vista started using LLMNR (RFC 4795) for local name lookup, as a replacement for the clunky NetBIOS name service.
(For completeness: If you install iTunes, it will come with Bonjour bundled, which is Apple's mDNS (RFC 6762) implementation, and Windows will become able to resolve names using mDNS. Both LLMNR and mDNS limit themselves to name.local, however, all mDNS implementations require the domain to be specified, so it does not match your question, while LLMNR does.)
A very good way of finding the answer would be to monitor the network using Wireshark.
user1686
Posted 2013-07-26T23:02:05.407
Reputation: 283 655
Interesting. Is there a tool to resolve LLMNR names, such as NSLOOKUP or NBTSTAT? – fernacolo – 2013-07-27T01:23:31.117
pingevidently. – lornix – 2013-07-27T02:40:42.947pingdoesn't really count as it uses the standard resolver functions, which merge results from all supported protocols. – user1686 – 2013-07-27T02:41:28.523Found an nmap script that does this.
– fernacolo – 2013-07-27T04:01:27.843