How to find a computer name in a LAN from the IP address?

Question

My network includes machines running Linux and others running Windows. And my machine is running Linux.

The question is a bit unclear, which resulted in the varying - and good - answers below. Do you want to find the DNS name of a host? Do you want to find the WINS name? Do you want to search the network for all hosts found? All of these questions are answered - but the specific answer desired is unknown. — Mei, Sep 29 '14 at 19:08

KK Patel · Answer 1 · 2021-02-18T20:52:36.600

48

Type in terminal.

sudo nmap -sn <Your LAN Subnet>

For Example:

sudo nmap -sn 192.168.1.*

You can find your LAN subnet using ip addr command.

It will show all host name in LAN whether it is Linux or Windows. You also able to see mobile devices, if any present on LAN network. Here you need to make sure that you run command with sudo or root.

edited Feb 18 '21 at 20:52

answered Oct 04 '12 at 05:36

KK Patel

19,083

16

This shows nothing on my local network that has 30+ Linux machines... – Cerin Apr 28 '14 at 16:41
@Cerin Are you on Linux machine yourself? – Shashank Sawant Jul 23 '14 at 03:50
2

On Ubuntu 14.04 this says: "? (192.168.1.2) at 00:22:6b:f2:33:b3 [ether] on wlan0", giving me only info about my router (my laptop is connected to it via wifi, like about other 10 devices atm). Looking at man arp it says also "arp - manipulate the system ARP cache". How should this tool solve the original question? – gerlos Dec 25 '14 at 21:27
6

Same here on Ubuntu 14.04, this just lists a bunch of ? (192.168.55.147) at ac:3a:7a:a4:01:d4 [ether] on eth0 – Elijah Lynn Feb 03 '16 at 16:00
2

Same here. I can only access the localhost by hostname, nothing else seems to advertise it's hostname, even linux machines I have set up myself. – unfa Oct 27 '17 at 14:46
I believe this answer only works if you have a local DHCP server and DNS server/proxy that communicate with one another, so that the hostnames recorded with the DHCP leases can be resolved (or reverse-resolved, in this case) via DNS. – Doktor J Sep 25 '19 at 21:26
I believe this will merely show the ip addresses of the machines you already have in the MAC resolution cache. Which will only be populated if you have accessed those machines in the past. So this answer is at best misleading, at worst, garbage. – Arnaud Meuret Jan 14 '21 at 06:34

Germar · Answer 2 · 2013-08-10T01:31:40.427

21

Type in terminal

sudo aptitude install nmap
nmap -sP xxx.xxx.xxx.xxx

This will give you:

Starting Nmap 5.21 ( http://nmap.org ) at 2012-11-03 19:08 CET
Nmap scan report for HOST.DOMAIN (xxx.xxx.xxx.xxx)
Host is up (0.00052s latency).
MAC Address: YY:YY:YY:YY:YY:YY (Manufactor)
Nmap done: 1 IP address (1 host up) scanned in 0.11 seconds

Where HOST.DOMAIN is the DNS-name of the machine.

edited Aug 10 '13 at 01:31

answered Nov 03 '12 at 18:15

Germar

6,377
2
26
39

10

This shows all active IPs, but it only shows domains for machines which explicitly have custom domain configured in my local Bind server. It doesn't show any local hostnames, which I think is what the OP is trying to accomplish. – Cerin Apr 28 '14 at 17:11
this answer is very fast. – activedecay Feb 03 '16 at 01:19
5

-sP may have been changed to -sn depending on your version of nmap. From the nmap 7.12 manual: -sn (No port scan) In previous releases of Nmap, -sn was known as -sP. – Lemmings19 Nov 15 '16 at 21:37
Similar to the arp command, I believe this answer only works if you have a local DHCP server and DNS server/proxy that communicate with one another, so that the hostnames recorded with the DHCP leases can be resolved (or reverse-resolved, in this case) via DNS. – Doktor J Sep 25 '19 at 21:26

Frere · Answer 3 · 2017-06-22T20:10:50.543

14

A Netbios name reverse lookup might accomplish what you want more than than "hostname" which is a function of DNS and tcp/ip. nmblookup with the -A parameter returns device names as well as mac address. Try something like this:

nmblookup -A 192.168.1.2

edited Jun 22 '17 at 20:10

answered Jun 22 '17 at 20:02

Frere

168

This is the answer which worked for me – humphrey Aug 21 '17 at 13:07
That's THE answer. – Campa Jan 08 '18 at 14:42
my *ux do not have that command... ?what distro are you using?? – ZEE Jun 17 '21 at 16:58

score 10 · Answer 4 · edited Mar 27 '13 at 19:29

10

What if you try this:

You can run it in windows

nbtstat -A xxx.xxx.xxx.xxx (where x is the ip address)

on ubuntu you can install nbtscan. You can find more information here : http://www.unixwiz.net/tools/nbtscan.html

Hope it helps

edited Mar 27 '13 at 19:29

Seth

58,122

answered Apr 27 '12 at 20:45

Brett

184
5

Thanks very much, but it seems that nbtscan detects machines running Windows only. I've 2 machines running Windows and another 2 running Linux. It detects the two running Windows only. – Islam Hassan Apr 27 '12 at 20:55
2

can you try nmblookup? it should be installed already on Ubuntu – Brett Apr 27 '12 at 20:57
Sorry, I've read the tutorial but couldn't figure out how to write the command that solves my problem. I can't see options taking IP as input. Can you write the command for me please? – Islam Hassan Apr 27 '12 at 21:04
6

try nmblookup -A xxx.xxx.x.x where x is the ip address of the machine. So I would do nmblookup -A 192.168.1.6 and it would return the name of my machine. You will need to do that for each machine. – Brett Apr 27 '12 at 21:19
It also detects Windows machines only, but for Linux machines it gives me this error Unable to create directory /var/run/samba for file unexpected.tdb. Error was No such file or directory – Islam Hassan Apr 27 '12 at 21:37
hummm... I have run that command on my machine and it brought up the machine name on Ubuntu. Do you have samba installed? Is there a separate samba server on your network? – Brett Apr 27 '12 at 22:09
let us continue this discussion in chat – Islam Hassan Apr 28 '12 at 13:13
1

@Brett: (+1) you should convert your comment into an answer, as its the only method that worked for me (both windows and linux boxes). Thanks – lepe Jun 30 '15 at 03:40

score 6 · Answer 5 · edited Oct 04 '13 at 16:05

6

I'd just use

nslookup xxx.xxx.xxx.xxx

it will show me the host name (usually the computer name)

edited Oct 04 '13 at 16:05

jokerdino

41,320

answered Oct 04 '13 at 15:31

Chester

1,078

6

This just gets me ** server can't find xxx.xxx.xxx.xxx.in-addr.arpa.: NXDOMAIN – Cerin Apr 28 '14 at 16:50
works for me :) – vk.edward.li Jun 15 '15 at 07:57
3

nslookup does DNS searches, so for this to work you need the hosts to be registered in the DNS. If you have a regular Windows network, in a private IP range, without ActiveDirectory configured, it will not work. NetBios names, and DNS names are different beasts. – bogdan.mustiata Jun 09 '16 at 10:16

score 3 · Answer 6 · answered Jul 25 '12 at 22:38

3

If your network is running a DHCP server, usually on the modem/router, chances are it will have a way for you to see the DHCP assigned addresses - often by a web page, and that often lists the computer names beside the allocated ip addresses.

answered Jul 25 '12 at 22:38

Jazz

2,737

score 1 · Answer 7 · answered Apr 27 '12 at 20:38

1

To the best of my knowledge, there is no utility available to resolve an IP address into a NetBIOS name. I'd imagine that some sort of a network scoping program or a penetration testing program might be able to give you that sore of information though. However, all of the computers would have to be on the same domain and subnet.

answered Apr 27 '12 at 20:38

Xernicus

219
1
2

Could you name a program please? – Islam Hassan Apr 27 '12 at 20:45
1

The OP wants the opposite. e.g. IP->hostname – Cerin Apr 28 '14 at 16:48
I know this is old...and OP is using Linux, not Windows...but on Windows you can run nbtstat -A <IP Address> to get the NetBIOS name from just the IP. This works across subnets and there's no need to be in the same domain. Also, running nbtstat -a <NetBIOS Name> will do the reverse. Hope this helps... – John Homer Sep 10 '14 at 13:44

How to find a computer name in a LAN from the IP address?

7 Answers7

Linked

Related