Re: whois tricks was : whois is what?

• Previous message: Jordan Frank: "Re: Publishing Nimda Logs"
• Next in thread: Steve Zenone: "RE: whois tricks was : whois is what?"
• Next in thread: Bernie Cosell: "Re: Publishing Nimda Logs"
• Reply: Steve Zenone: "RE: whois tricks was : whois is what?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Matthew McGehrin" <mcgehrin@reverse.net>
To: <vuln-dev@securityfocus.com>
Date: Wed, 8 May 2002 23:46:29 -0400

Sorry my friend :) I think you meant to type -h instead of @ :)

the -h flag works on both Linux and FreeBSD.

I am unsure about Solaris, but using the '@' symbol appears to not be an
option with FreeBSD.

FreeBSD 2.2.8
matthew@host1:/usr/home/matthew> whois -h
usage: whois [-adpr] [-h hostname] name ...

FreeBSD 4.5
matthew@monkey:/usr/home/matthew> whois -h
whois: option requires an argument -- h
usage: whois [-adgimpQrR6] [-c country-code | -h hostname] name ...

-- Matthew

----- Original Message -----
From: "Steve Zenone" <Zenone@cats.ucsc.edu>
To: <vuln-dev@securityfocus.com>
Sent: Wednesday, May 08, 2002 2:31 PM
Subject: RE: whois tricks was : Publishing Nimda Logs

Hello,

Matthew McGehrin wrote:
|On FreeBSD you can use the -a flag with the same results. Linux still uses
|the older format.
|
|i.e.: whois -a 204.70.128.1

The '-a' and '-h' flags do work well. However, the following
syntax appears to be fairly standard between whois versions,
thus eliminating the need to remember which flag to use, and
to also give you the ability to define the whois server you
wish to query:

 % whois 204.70.128.1@whois.arin.net

You can substitute 'arin' with 'ripe' or 'apnic', etc (^arin^ripe).
The results will me similar to what Matthew listed within his
previous email.

>From a web perspective, I also like (takes the guess work,
or leg work, out of figuring out if one should be using, ripe,
apnic, etc):

 http://www.geektools.com/cgi-bin/proxy.cgi

Lastly, for helping confirm abuse contacts, abuse.net has a
good database of registered abuse contacts (based upond domain
name) at:

 http://www.abuse.net/lookup.phtml

Hope this helps.

Regards,
Steve

• Previous message: Jordan Frank: "Re: Publishing Nimda Logs"
• Next in thread: Steve Zenone: "RE: whois tricks was : whois is what?"
• Next in thread: Bernie Cosell: "Re: Publishing Nimda Logs"
• Reply: Steve Zenone: "RE: whois tricks was : whois is what?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Random address in asia != APNIC ... Please, if you work in a 'security' domain in FreeBSD, do not, ever attribute ... random addresses to the Internet Registry that allocated them. ... They are not responsible for the packet source, ... Indeed, whois contact information is often out of date, and the whois returns ... (FreeBSD-Security) FreeBSD 7.0 WITHOUT Heimdal ... In earlier version of FreeBSD I've been able to NOT include the heimdal ... In 7.0 there is no detection of such a flag. ... NOT build the 0.6.3 heimdal that is deliverd with 7.0? ... version we are running on our KDC's and all the servers using Kerberos ... (freebsd-stable) RE: whois tricks was : Publishing Nimda Logs ... Matthew McGehrin wrote: ... |On FreeBSD you can use the -a flag with the same results. ... syntax appears to be fairly standard between whois versions, ... good database of registered abuse contacts (based upond domain ... (Vuln-Dev) bpf/pcap are weird ... Why do we have BIOCIMMEDIATE? ... seems like it's what SHOULD be implemented with the non-blocking I/O flag ... FreeBSD can't put the interface in the mode it wants to, ... (freebsd-arch) MNT_NOEXEC on root filesystem with diskless PXE boot? ... We are trying out FreeBSD 5.4-PRERELEASE on diskless clients. ... statfs really returns this flag. ... when it's mounted from NFS by the bootloader - not any other ... (freebsd-hackers)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint