Tiny Core Linux
Tiny Core Extensions => TCE Talk => Extension requests => Topic started by: Ulysses_ on September 10, 2011, 12:48:42 PM
-
Tried whois and jwhois. The first does not even say who the registrant of google.com is. The other, jwhois, seems incomplete.
Is there any better way to find out information about an IP's or domain name's registration, and do it from the command line?
-
whois google.com
....
Domain Name: GOOGLE.COM
Registrar: MARKMONITOR INC.
....
?
-
Registrant, not registrar. The registrant of google.com is Google Inc. This is shown by the following online "smartwhois" site that seems comprehensive:
http://www.all-nettools.com/toolbox/smart-whois.php (http://www.all-nettools.com/toolbox/smart-whois.php)
-
Oh, right. Nevermind.
-
jwhois gives following result on TC:
[Querying whois.verisign-grs.com]
[Redirected to whois.markmonitor.com]
[Querying whois.markmonitor.com]
[whois.markmonitor.com]
MarkMonitor is the Global Leader in Enterprise Brand Protection.
Domain Management
MarkMonitor Brand Protection™
AntiFraud Solutions
Corporate Consulting Services
Visit MarkMonitor at www.markmonitor.com (http://www.markmonitor.com)
Contact us at 1 800 745 9229
In Europe, at +44 (0) 20 7840 1300
The Data in MarkMonitor.com's WHOIS database is provided by MarkMonitor.com
for information purposes, and to assist persons in obtaining information
about or related to a domain name registration record. MarkMonitor.com
does not guarantee its accuracy. By submitting a WHOIS query, you agree
that you will use this Data only for lawful purposes and that, under no
circumstances will you use this Data to: (1) allow, enable, or otherwise
support the transmission of mass unsolicited, commercial advertising or
solicitations via e-mail (spam); or (2) enable high volume, automated,
electronic processes that apply to MarkMonitor.com (or its systems).
MarkMonitor.com reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.
Registrant:
Dns Admin
Google Inc.
Please contact contact-admin@google.com 1600 Amphitheatre Parkway
Mountain View CA 94043
US
dns-admin@google.com +1.6502530000 Fax: +1.6506188571
Domain Name: google.com
Registrar Name: Markmonitor.com
Registrar Whois: whois.markmonitor.com
Registrar Homepage: http://www.markmonitor.com (http://www.markmonitor.com)
Administrative Contact:
DNS Admin
Google Inc.
1600 Amphitheatre Parkway
Mountain View CA 94043
US
dns-admin@google.com +1.6506234000 Fax: +1.6506188571
Technical Contact, Zone Contact:
DNS Admin
Google Inc.
2400 E. Bayshore Pkwy
Mountain View CA 94043
US
dns-admin@google.com +1.6503300100 Fax: +1.6506181499
Created on..............: 1997-09-15.
Expires on..............: 2020-09-13.
Record last updated on..: 2011-07-20.
Domain servers in listed order:
ns1.google.com
ns3.google.com
ns4.google.com
ns2.google.com
MarkMonitor is the Global Leader in Enterprise Brand Protection.
Domain Management
MarkMonitor Brand Protection™
AntiFraud Solutions
Corporate Consulting Services
Visit MarkMonitor at www.markmonitor.com (http://www.markmonitor.com)
Contact us at 1 800 745 9229
In Europe, at +44 (0) 20 7840 1300
--
-
Yes, I tried that. By default it is missing domains other than .com, .net etc.
Here is also the slightly more concise output of that "smartwhois" online tool. Might there be a command line equivalent for linux?
google.com (74.125.225.52)
74.125.0.0 - 74.125.255.255
Google Inc. GOOGLE (NET-173-194-0-0-1) 173.194.0.0 - 173.194.255.255
Google GOOGLE (NET-199-87-241-32-1) 199.87.241.32 - 199.87.241.63
Google Inc. GOOGLE (NET-209-85-128-0-1) 209.85.128.0 - 209.85.255.255
Google Inc. GOOGLE (NET-216-239-32-0-1) 216.239.32.0 - 216.239.63.255
Google Inc. GOOGLE (NET-64-233-160-0-1) 64.233.160.0 - 64.233.191.255
Google Inc. GOOGLE (NET-66-249-64-0-1) 66.249.64.0 - 66.249.95.255
Google Inc. GOOGLE (NET-70-32-128-0-1) 70.32.128.0 - 70.32.159.255
Google GOOGLE (NET-70-89-39-152-1) 70.89.39.152 - 70.89.39.159
Google GOOGLE (NET-70-90-219-48-1) 70.90.219.48 - 70.90.219.55
Google GOOGLE (NET-70-90-219-72-1) 70.90.219.72 - 70.90.219.79
Google Inc. GOOGLE (NET-72-14-192-0-1) 72.14.192.0 - 72.14.255.255
Google Inc. GOOGLE (NET-74-125-0-0-1) 74.125.0.0 - 74.125.255.255
Google Inc
arin-contact@google.com
+1-650-253-0000
74.0.0.0 - 74.255.255.255
American Registry for Internet Numbers NET74 (NET-74-0-0-0-0) 74.0.0.0 - 74.255.255.255
Mojohost VL191 BLACKBOOK NET74 (NET-74-206-175-208-1) 74.206.175.208 - 74.206.175.223
Registration Services Department
hostmaster@arin.net
+1-703-227-0660
-
Yes you can use a CLI approach as the following shows:
tc@box:~$ wget -qO - [url]http://www.all-nettools.com/toolbox/smart-whois.php[/url] --post-data="ip=google.com" | sed '1,/SmartWhois Domain & IP Lookup/d;/<\/table>/,$d' | sed 's#<br>#\n#g' | sed '/^$/d ; s#<\/td> *## ; /^<\/tr>/d ; /^<tr valign=/d' | sed '/<b>/ s#</b>## ; /<b>/ s#^.*<b>\([^<]\+\)</[^>]\+>.*$#\1# ; /<b>/ s#^.*<b>##' | sed '/<a href/ s#.*>\([^<]\+\)</a>.*#\1#'
google.com (74.125.225.52)
74.125.0.0 - 74.125.255.255
Google Inc. GOOGLE (NET-173-194-0-0-1) 173.194.0.0 - 173.194.255.255
Google GOOGLE (NET-199-87-241-32-1) 199.87.241.32 - 199.87.241.63
Google Inc. GOOGLE (NET-209-85-128-0-1) 209.85.128.0 - 209.85.255.255
Google Inc. GOOGLE (NET-216-239-32-0-1) 216.239.32.0 - 216.239.63.255
Google Inc. GOOGLE (NET-64-233-160-0-1) 64.233.160.0 - 64.233.191.255
Google Inc. GOOGLE (NET-66-249-64-0-1) 66.249.64.0 - 66.249.95.255
Google Inc. GOOGLE (NET-70-32-128-0-1) 70.32.128.0 - 70.32.159.255
Google GOOGLE (NET-70-89-39-152-1) 70.89.39.152 - 70.89.39.159
Google GOOGLE (NET-70-90-219-48-1) 70.90.219.48 - 70.90.219.55
Google GOOGLE (NET-70-90-219-72-1) 70.90.219.72 - 70.90.219.79
Google Inc. GOOGLE (NET-72-14-192-0-1) 72.14.192.0 - 72.14.255.255
Google Inc. GOOGLE (NET-74-125-0-0-1) 74.125.0.0 - 74.125.255.255
Google Inc
arin-contact@google.com
+1-650-253-0000
74.0.0.0 - 74.255.255.255
American Registry for Internet Numbers NET74 (NET-74-0-0-0-0) 74.0.0.0 - 74.255.
255.255
Mojohost VL191 BLACKBOOK NET74 (NET-74-206-175-208-1) 74.206.175.208 - 74.206.17
5.223
Registration Services Department
hostmaster@arin.net
+1-703-227-0660
tc@box:~$
But parsing a HTML page with a few 'sed' commands is a rather foolish undertaking, as it is extremely easy to break. I've just done it here "just for fun", but have not interest to maintain it any further than this.
-
html2text :)
-
Thanks maro. Speaking of foolish undertakings, I was reminded of endless hours I spent with sed trying to do similar things when converting public forum posts and thread hierarchies into sql commands. That effort still didn't give me the lesson and I still do too many things with sed. :P
The need for this command line tool or script is to read a dns server's log and also a firewall's log and, every time an ip or domain name is blocked, display a popup that contains good consise whois information about it. Plus a prompt that says something like:
"Allow ip's owned by <Google Inc> next time?"
Or whatever company appears to be the owner. And if you reply yes, then everything that has "Google Inc" as the owner is thereafter allowed.
Can't the owner be reliably extracted from such whois information?
-
hi,
I don't know how to do using command line.but there is an another way to find the information about an IP's or domain name's registration is through Whoisxy.com .this is simple process.you can also find the domain to ip and vice verse through this site for free..you can find for unlimited.usually i used to find the domain whois information and all through this site.i hope it'll be useful for you.
-
Thanks. This looks like smartwhois mentioned above.
The ideal would be just the company name, or whoever the registrant is, in manner that makes it easy to isolate. Perhaps with the country added for uniqueness. Plus a reverse-dns.