20

I notice that some of the better network discovery apps like Fing for iOS and iNet for Mac are able to discover the device name of iOS devices and Mac devices even when they are not advertising Bonjour services such as iTunes Wi-Fi Sync. How is this done? I am aware of how to do a reverse mDNS query https://serverfault.com/questions/143184/how-do-i-get-the-machine-name-from-an-ip-via-multicast-dns. But while a reverse mDNS lookup (at least as accomplished by the dig command dig -x the.ip @224.0.0.251 -p 5353) will work against a Mac that is not otherwise broadcasting any Bonjour services, it doesn't work unless Wi-Fi Sync is running or some other Bonjour service on an iOS device. I am not sure how to get the name otherwise but these apps reliably get it. I used Wireshark while iNet was discovering and I only see ICMP and NetBios queries all which return 0 answers.

Also note that I have the IP address of the device already by doing a broadcast ping and then parsing the ARP table. I want to discover which of the devices discovered in this way are iOS devices by getting their device name and looking for the string "iPhone" or "iPad".

Also note that the iNet app website provides the following about how they do reverse IP lookups. I take this to mean they do a reverse DNS lookup and a reverse mDNS lookup for every IP.

Reverse IP lookups (host­names) are per­formed as unicast and mul­ti­cast queries for every IP found. -http://www.bananaglue.de/inet/index_e.php

Community
  • 1
  • 1
John Wright
  • 2,418
  • 4
  • 29
  • 34
  • I assume you are looking for a bash-solution, right? I would try to find any services with the dns-sd tool from bonjour and hunt down the sent query with wireshark. After that I would try to reconstruct the query with bash-tools. Commands to test: `dns-sd -B _smb._tcp` and `dns-sd -B _afpovertcp._tcp`. Note: Don't use the dns-sd tool directly in your bash-script. – Yser Dec 16 '14 at 13:22
  • @John Wright Do u have the code realted to what u were looking for? I too want to resolve the hostname. I tried using using "gethostbyaddr" POSIX call but it returns nil. I have asked the question [here](https://stackoverflow.com/questions/29545847/cfhoststartinforesolution-fails-get-device-name-from-ip-address-on-lan).. Can u help? – Alejandro Vargas Apr 15 '15 at 06:05

1 Answers1

20

Have you tried the dns-sd command line tool?

If you type dns-sd -B _services._dns-sd._udp to get all available services, you'll see there's a _whats-my-name service available.

$ dns-sd -B _services._dns-sd._udp
Browsing for _services._dns-sd._udp
DATE: ---Tue 16 Dec 2014---
14:38:30.746  ...STARTING...
Timestamp     A/R    Flags  if Domain               Service Type         Instance Name
14:38:30.747  Add        3   5 .                    _tcp.local.          _nfs
14:38:30.747  Add        3   5 .                    _tcp.local.          _afpovertcp
14:38:30.747  Add        3   5 .                    _tcp.local.          _smb
14:38:30.747  Add        2   0 .                    _tcp.local.          _whats-my-name
14:38:31.330  Add        3  10 .                    _tcp.local.          _nfs
14:38:31.330  Add        3  10 .                    _tcp.local.          _afpovertcp
14:38:31.330  Add        2  10 .                    _tcp.local.          _smb

after that we can query for this service which outputs the following:

$ dns-sd -B _whats-my-name._tcp
Browsing for _whats-my-name._tcp
DATE: ---Tue 16 Dec 2014---
14:40:20.738  ...STARTING...
Timestamp     A/R    Flags  if Domain               Service Type         Instance Name
14:40:20.742  Add        2   0 local.               _whats-my-name._tcp. Blub MacBook Pro

The Instance Name is the interesting part here. I assume the _whats-my-name service is available on every computer running bonjour. Maybe you can hunt down the sent queries and reconstruct it with basic bash tools if you can't access dns-sd in every case. More over you should not use dns-sd in your script. Instead you should use a specific implementation of the protocol for your programming language.

Note: Be aware that the name of the device may not be reliable to detect which device you are communicating with

Hope that helps.

Yser
  • 2,086
  • 22
  • 28