Want to use Nsrllookup without Internet

[siddharthrao1]

Can i run my nsrlsvr in local system and use duffy's nsrllookup without access to internet.

[rjhansen]

Yes -- in fact, the two tools are specifically designed to be used that way. There are a lot of forensics shops that work in their own private airgapped networks, and nsrlsvr/nsrllookup were designed to work correctly in that environment.

Download nsrlsvr and install it, which will require internet access. Disconnect that machine from the internet. Install nsrllookup on all the other machines on your private network. When you run nsrllookup, use the "-s" option to point it to your own private nsrlsvr. For instance, if your nsrlsvr was running on 10.1.10.103, you'd "nsrllookup -s 10.1.10.103".

[siddharthrao1]

Thank for your prompt reply. I want to use the nsrllookup of duffy instead of that available as a command line tool which you have mentioned. Also i couldn't find any configuration for nsrl server in "duffy" which internally uses http://www.kyrus-tech.com as server for lookup and hence requires Internet connection.