Whois


It's network stuff. Get Whois results against an IP or domain name.
Find owner records of any internet connected system.



What is Whois?

Whois is a network protocol that provides the ability to find the registration record for an IP address or domain name. An important use of the whois protocol is to enable the tracking and reporting of abusive systems. Whether it is spam, denial of service or network based attacks originating from an IP address, using whois a system administrator is able to discover who owns that IP address and report it to the web host provider or ISP (internet service provider).

What is the Whois Command?

The whois command comes installed in many Linux based distributions such as Ubuntu and Fedora. When installed it is a simple matter of running the command followed by an IP address or hostname to get the results of the registration lookup.

Can whois run under Windows?

There is a Windows whois client that can be downloaded as part of the sysinternals suite of windows tools. Grab a copy from the Microsoft Technet site.

What are the Linux based whois command line options?

Here is the whois command line options for the Ubuntu install of whois.

Usage: whois [OPTION]... OBJECT...

-l                     one level less specific lookup [RPSL only]
-L                     find all Less specific matches
-m                     find first level more specific matches
-M                     find all More specific matches
-c                     find the smallest match containing a mnt-irt attribute
-x                     exact match [RPSL only]
-d                     return DNS reverse delegation objects too [RPSL only]
-i ATTR[,ATTR]...      do an inverse lookup for specified ATTRibutes
-T TYPE[,TYPE]...      only look for objects of TYPE
-K                     only primary keys are returned [RPSL only]
-r                     turn off recursive lookups for contact information
-R                     force to show local copy of the domain object even
                       if it contains referral
-a                     search all databases
-s SOURCE[,SOURCE]...  search the database from SOURCE
-g SOURCE:FIRST-LAST   find updates from SOURCE from serial FIRST to LAST
-t TYPE                request template for object of TYPE
-v TYPE                request verbose template for object of TYPE
-q [version|sources|types]  query specified server info [RPSL only]
-F                     fast raw output (implies -r)
-h HOST                connect to server HOST
-p PORT                connect to PORT
-H                     hide legal disclaimers
      --verbose        explain what is being done
      --help           display this help and exit
      --version        output version information and exit