Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
PlaneShift
RTV Pink
Recursive type
Freeze (software...
Indent (Unix)
SPIN model checker
Removal of Internet...
recommendation
compare webbrowser
Freenet DSL
Who's Online
5 user(s) are online (4 user(s) are browsing encyclopedia)

Members: 0
Guests: 5

more...
browser tip
Unix Befehle
manual of unix befehle
recommendation!
Sponsored
partner

Whois

WHOIS is a Transmission Control Protocol-based query/response Protocol (computing) which is widely used for querying a Database in order to determine the owner of a domain name, an IP address, or an Autonomous system (Internet) number on the Internet. WHOIS lookups were traditionally made using a command line interface, but a number of simplified web-based tools now exist for looking up domain ownership details from different databases (see #Web-based WHOIS Tools for a partial list). Web-based WHOIS clients still rely on the WHOIS protocol to connect to a WHOIS server an do lookups, and command-line WHOIS clients are still quite widely used by sysadmins.

The WHOIS system originated as a method that system administrators could look up information to contact other IP address or domain name administrators (almost like a white pages ). The use of the data that is returned from query responses has evolved from those origins into a variety of both altruistic (such as a Certificate Authority validating the registration for ecommerce https) and nefarious uses (such as bulk Spam (electronic) campaigns).

WHOIS has a sister protocol standard called RWhois.

= Thin and Thick lookups=

There are two ways that WHOIS information may be stored: Thick or Thin . With the thick model, one WHOIS server stores the WHOIS information from all the registrars for the particular set of data (so that one WHOIS server can respond with WHOIS information on all .org domains, for example). With the thin model, one WHOIS server stores the name of the WHOIS server of a registrar that has the full details on the data being looked up (such as the .com WHOIS servers, which refer the WHOIS query to the registrar that the domain was registered from). The thick model usually ensures consistent data and slightly faster lookups (since only one WHOIS server needs to be contacted).

If a WHOIS client does not understand the information being returned, the results of a thin lookup (which include the WHOIS server of the registrar, and perhaps a few other necessary details) will be displayed to the end user. If the WHOIS client understood how to deal with this situation, it would display the full information from the registrar. Unfortunately, there is no standard in the WHOIS protocol for determining how to distinguish the thin model from the thick model.

Exact implementation of which records are stored varies between Domain name registry. Some Top-level domain, including .com and .net (top-level domain), operate a thin WHOIS, allowing the various domain registrars the ability to maintain their own customers data. Other registries, including .org, operate a thick model.

=Example Query=

Below is the result of a WHOIS query on Wikipedia:

Domain ID: D51687756-LROR Domain Name: WIKIPEDIA.ORG Created On: 13-Jan-2001 00: 12: 14 UTC Last Updated On: 17-Jun-2005 18: 22: 38 UTC Expiration Date: 13-Jan-2015 00: 12: 14 UTC Sponsoring Registrar: Go Daddy Software Inc. (R91-LROR) Status: OK Registrant ID: GODA-09495921 Registrant Name: Jimmy Wales Registrant Organization: Bomis Inc. Registrant Street1: 4455 Lamont St. Suite 3 Registrant Street2: Registrant Street3: Registrant City: San Diego Registrant State/Province: CA Registrant Postal Code: 92109 Registrant Country: US Registrant Phone: 1.6192739361 Registrant Phone Ext.: Registrant FAX: 1.6192739363 Registrant FAX Ext.: Registrant Email: Admin ID: GODA-29495921 Admin Name: Jimmy Wales Admin Organization: Wikimedia Foundation Inc. Admin Street1: 3911 Harrisburg St. NE Admin Street2: Admin Street3: Admin City: St. Petersburg Admin State/Province: FL Admin Postal Code: 33703 Admin Country: US Admin Phone: 1.7276441636 Admin Phone Ext.: Admin FAX: Admin FAX Ext.: Admin Email: Tech ID: GODA-19495921 Tech Name: Jimmy Wales Tech Organization: Wikimedia Foundation Inc. Tech Street1: 3911 Harrisburg St. NE Tech Street2: Tech Street3: Tech City: St. Petersburg Tech State/Province: FL Tech Postal Code: 33703 Tech Country: US Tech Phone: 1.7276441636 Tech Phone Ext.: Tech FAX: Tech FAX Ext.: Tech Email: Name Server: ZWINGER.WIKIPEDIA.ORG Name Server: GUNTHER.BOMIS.COM Name Server: FUCHSIA.DAMMIT.LT

=History=

When the Internet was emerging out of the ARPANET entity, there was only one organization that handled all domain registrations, which was DARPA itself. The process of registration was established in [http://www.rfc-editor.org/rfc/rfc920.txt RFC920]. WHOIS was standardized in the early 80 s to look-up domains, people and other resources related domain and number registrations. Because all registration was done by one organization in that time, one centralized server was used for WHOIS queries. This made looking-up information very easy.

Early WHOIS servers were highly permissive and would allow wild-card searches. You could do a WHOIS lookup on a person s last name and get all the individual people who had a registered handle. You could do a query on a keyword and see all registered domains containing that keyword. You could even query a given administrative contact and see all domains they were associated with. With the advent of the commercialized Internet, Domain Registrars and unethical spammers, such permissive searching is no longer available.

Initially, while ARPANET faded away in the late 1980 s, responsibility of domain registration remained with DARPA. UUNET began offering domain registration service, however they simply handled the paperwork for you and still had to deal with DARPA s NIC. Then the National Science Foundation directed that management of Internet domain registration would be handled by commercial, 3rd party entities. InterNIC was formed in 1993 under contract with the NSF, consisting of Network Solutions, General Atomics, and AT&T. General Atomics contract was cancelled after several years due to performance issues.

Currently, in 2005, there are many more Generic Top-Level Domains than there were in the early 80 s. There are also many, many more Country-Code Top-Level Domains. This has led to a complex network of Domain Registrars and registrar associations, especially as the management of Internet infrastructure has become more internationalized. As such, performing a WHOIS query on a domain requires knowing the correct, authoritative WHOIS server to use. Tools to do WHOIS proxy searches have become common, and there s a command-line whois client (jwhois) which uses a configuration file to map-out domain names and network blocks to their appropriate registrar.

In 2004, an IETF committee was been formed to standardize a whole new way to look-up information on domain names and network numbers. The current working name for this proposed new standard is [http://www.ietf.org/html.charters/crisp-charter.html CRISP] (Cross Registry Information Service Protocol).

=Querying WHOIS Servers=

==Command-Line Clients==

Originally the only method by which a WHOIS server could be contacted was to use a command-line text client. In most cases this was on a Unix or Unix-like platform. The WHOIS client software was (and still is) distributed as open source, as intended for an open standard. Various commercial Unix implementations may use their own implementations (for example, Sun Solaris 7 has a WHOIS client authored by Sun).

A WHOIS command-line client typically has options to choose which host to connect to for whois queries, with a default whois server being compiled in. Additional options may allow control of what port to connect on, displaying additional debugging data, or changing recursion/referral behavior.

Like most TCP/IP client/server applications, a WHOIS client takes the user input and then opens an IP socker to it s destination server. The WHOIS protocol is used to establish a connection on the appropriate port and send the query. The client waits for a response from the server, which it then either returns to the end-user or uses to make additional queries. Much more detailed information on the WHOIS protocol can be found in the #Request For Comments (Internet standards specifications).

The GNU Project jwhois client, unlike many other WHOIS clients, uses an external configuration file to determine what WHOIS server to contact for a query. This moves some of the recursion/referral logic outside of the code and into a user-managable file which is more adaptive to rapidly changing Internet infrastructure.

==Graphical Clients==

The term Graphical Client may be a bit of a misnomer for a WHOIS client, since all the data to be derived from a WHOIS server is plain text, and the protocol is a relatively static one. There s not much interaction to do with a WHOIS server. In this context, the term Graphical Client is taken to mean a WHOIS client that runs as an application on a GUI OS and uses the OS s standard GUI for user interaction.

One popular and freely available WHOIS client for Windows is part of the [http://www.samspade.org/ssw/ Sam-Spade package], and allows for hotlinking of lookups (i.e. you can click on part of the results of a WHOIS query to generate a new query).

==Web-Based Clients==

With the advent of the World-Wide Web and especially the loosening up of the Network Solutions monopoly, looking up WHOIS information via the Web has become quite common. Most early web-based WHOIS clients were merely front-ends to a command-line client, where the resulting output just got displayed on a webpage with little, if any, clean-up or formatting.

Nowadays, web-based WHOIS clients usually perform the WHOIS queries directly and then format the results for display. Many such clients are proprietary, authored by Domain Registrars such as GoDaddy or Network Solutions. Whowever, there are Open Source clients such as the original [http://www.geektools.com/tools.php GeekTools client] or the much-improved [http://wp-whois-proxy.sourceforge.net/ Whois Proxy] client.

The need for web-based clients came from the fact that command-line WHOIS clients pretty much existed only in the Unix and large computing worlds. PC and Macintosh computers had no WHOIS clients with their native OS, so Domain Registrars had to find a way to provide access to WHOIS data for potential customers. Many end-users still rely on such clients, even though command-line and graphical clients exist now for most home PC platforms.

==Perl Modules==

Not surprisingly, there are multiple modules available for Perl that work with WHOIS servers. Many modules are, sadly, not current and do not fully function with the current (2005) WHOIS server infrastructure. However, there is still plenty of useful functionality to derive including looking up AS numbers and registrant contacts.

For a complete listing of WHOIS-related .

=Problems=

  • s. Although some registrars offer private registrations (where the contact information of the registrar is shown), this sometimes means that the registrar is the legal owner (leasor) of the domain.
  • systems (where end users have to type in letters/numbers from a picture) and rate limiting systems.
  • , but this leads to conversion problems as the punycode system is not easy for a regular user to grasp.
    • *Lack of WHOIS server lists: There is no central list of WHOIS servers. Therefore, people writing WHOIS tools need to find their own list of WHOIS servers, and different WHOIS tools may contact different WHOIS servers. One of the few sources of a list of WHOIS servers can be found in the source of [http://www.DNSstuff.com/tools/whois.chdomain=list this page]. *Different registrars WHOIS servers return results in different formats, making automation of parsing WHOIS data difficult. While such automation has many legitimate uses (primarily for ISPs, it also lends it self to spammers and other unethical people.

    =See Also=

    *Top-level domain *Domain name registry

    =External links=

    ==Request For Comments (Request For Comments)==

    *[http://www.rfc-editor.org/rfc/rfc812.txt RFC812], NICNAME/WHOIS (1982, obsolete) *[http://www.faqs.org/rfcs/rfc954.html RFC954], NICNAME/WHOIS (1985, obsolete) *[http://www.rfc-editor.org/rfc/rfc3912.txt RFC3912], WHOIS protocol specification (2004, current) *[http://www.rfc-editor.org/cgi-bin/rfcsearch.plsearchwords=whois&opt=All+Fields&num=25&filefmt=txt&search_doc=search_rfc&match_method=prefix&abstract=abson&keywords=keyoff&sort_method=newer&format=http Complete list of RFCs about whois]

    ==Web-based WHOIS Tools==

    *[http://www.geektools.com/whois.php GeekTools Whois] Whois proxy lookup, will automatically do referrals. *[http://www.whois.sc/ Whois Source] WHOIS lookup for multiple top level domains, and historical registrant information. *[http://www.betterwhois.com/ Betterwhois.com] *[http://ez-whois.com/ Ez-Whois.com] Whois Search and Domain Names Informations in over 200 tlds. *[http://www.whois.ws/ Whois.ws] Global WHOIS lookups with over 300 extensions supported *[http://whois.webhosting.info/ WebHosting.Info s WHOIS] WHOIS lookup along with additional data such as IP, Hosting Company, Country etc. *[http://www.available-domain-name-check.com/ available domain name check] *[http://www.uwhois.com UWhois] *[http://www.samspade.org SamSpade.org]

    ==Other links==

    *[http://www.experienced-people.co.uk/1060-checking-whois/ Making use of WHOIS information] *[http://www.lookup-ip.com/ SmartWhois Tutorial: Domains and IP Addresses Demystified]