Título: como se interpreta la salida de whois? Publicado por: lucas25cba en 9 Octubre 2012, 23:48 pm Por lo que tengo entendido, el comando whois lista informacion sobre el propietario del dominio especificado.
Desde una consola linux ejecuto lo siguiente :~$ whois elhacker.net Whois Server Version 2.0 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. Domain Name: ELHACKER.NET Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE Whois Server: whois.melbourneit.com Referral URL: http://www.melbourneit.com Name Server: NS93.ELHACKER.NET Name Server: NS993.ELHACKER.NET Status: clientTransferProhibited Updated Date: 21-sep-2012 Creation Date: 22-feb-2001 Expiration Date: 22-feb-2018 >>> Last update of whois database: Tue, 09 Oct 2012 21:42:12 UTC <<< NOTICE: The expiration date displayed in this record is the date the registrar's sponsorship of the domain name registration in the registry is currently set to expire. This date does not necessarily reflect the expiration date of the domain name registrant's agreement with the sponsoring registrar. Users may consult the sponsoring registrar's Whois database to view the registrar's reported date of expiration for this registration. TERMS OF USE: You are not authorized to access or query our Whois database through the use of electronic processes that are high-volume and automated except as reasonably necessary to register domain names or modify existing registrations; the Data in VeriSign Global Registry Services' ("VeriSign") Whois database is provided by VeriSign for information purposes only, and to assist persons in obtaining information about or related to a domain name registration record. VeriSign does not guarantee its accuracy. By submitting a Whois query, you agree to abide by the following terms of use: You agree that you may use this Data only for lawful purposes and that under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail, telephone, or facsimile; or (2) enable high volume, automated, electronic processes that apply to VeriSign (or its computer systems). The compilation, repackaging, dissemination or other use of this Data is expressly prohibited without the prior written consent of VeriSign. You agree not to use electronic processes that are automated and high-volume to access or query the Whois database except as reasonably necessary to register domain names or modify existing registrations. VeriSign reserves the right to restrict your access to the Whois database in its sole discretion to ensure operational stability. VeriSign may restrict or terminate your access to the Whois database for failure to abide by these terms of use. VeriSign reserves the right to modify these terms at any time. The Registry database contains ONLY .COM, .NET, .EDU domains and Registrars. Domain Name.......... elhacker.net Creation Date........ 2001-02-23 Registration Date.... 2001-02-23 Expiry Date.......... 2018-02-23 Organisation Name.... Alex Bov? Organisation Address. PO Box 61359 Organisation Address. Organisation Address. Organisation Address. Sunnyvale Organisation Address. 94088 Organisation Address. CA Organisation Address. US Admin Name........... Admin PrivateRegContact Admin Address........ PO Box 61359 Admin Address........ registered post accepted only Admin Address........ Admin Address. Sunnyvale Admin Address........ 94088 Admin Address........ CA Admin Address........ US Admin Email.......... contact@myprivateregistration.com Admin Phone.......... +1.5105952002 Admin Fax............ Tech Name............ TECH PrivateRegContact Tech Address......... PO Box 61359 Tech Address......... registered post accepted only Tech Address......... Tech Address......... Sunnyvale Tech Address......... 94088 Tech Address......... CA Tech Address......... US Tech Email........... contact@myprivateregistration.com Tech Phone........... +1.5105952002 Tech Fax............. Name Server.......... ns993.elhacker.net Name Server.......... ns93.elhacker.net Y luego :~$ whois 198.59.115.19 # # The following results may also be obtained via: # http://whois.arin.net/rest/nets;q=198.59.115.19?showDetails=true&showARIN=false&ext=netref2 # # start NetRange: 198.59.96.0 - 198.59.191.255 CIDR: 198.59.96.0/19, 198.59.128.0/18 OriginAS: NetName: WEST-198-NM NetHandle: NET-198-59-96-0-1 Parent: NET-198-59-0-0-1 NetType: Reallocated RegDate: 1994-10-19 Updated: 2004-09-10 Ref: http://whois.arin.net/rest/net/NET-198-59-96-0-1 OrgName: New Mexico Technet OrgId: NM Address: 5921 Jefferson NE City: Albuquerque StateProv: NM PostalCode: 87109 Country: US RegDate: 1988-03-11 Updated: 2011-09-24 Ref: http://whois.arin.net/rest/org/NM OrgTechHandle: IO29-ARIN OrgTechName: Oso Grande Technologies Inc OrgTechPhone: +1-505-343-7630 OrgTechEmail: noc@osogrande.com OrgTechRef: http://whois.arin.net/rest/poc/IO29-ARIN OrgAbuseHandle: IO29-ARIN OrgAbuseName: Oso Grande Technologies Inc OrgAbusePhone: +1-505-343-7630 OrgAbuseEmail: noc@osogrande.com OrgAbuseRef: http://whois.arin.net/rest/poc/IO29-ARIN RTechHandle: LH100-ARIN RTechName: Hays, Larry RTechPhone: +1-505-345-1748 RTechEmail: noc@technet.nm.org RTechRef: http://whois.arin.net/rest/poc/LH100-ARIN # end # start NetRange: 198.59.0.0 - 198.60.255.255 CIDR: 198.59.0.0/16, 198.60.0.0/16 OriginAS: NetName: NETBLK-WESTNET NetHandle: NET-198-59-0-0-1 Parent: NET-198-0-0-0-0 NetType: Direct Allocation RegDate: 1993-02-09 Updated: 2003-03-27 Ref: http://whois.arin.net/rest/net/NET-198-59-0-0-1 OrgName: WestNet, Inc. OrgId: WEST Address: 3645 Marine Street City: Boulder StateProv: CO PostalCode: 80309-0455 Country: US RegDate: 1992-08-29 Updated: 2003-03-26 Ref: http://whois.arin.net/rest/org/WEST OrgAbuseHandle: ABUSE245-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-303-492-4409 OrgAbuseEmail: abuse@westnet.net OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE245-ARIN OrgTechHandle: DCMW-ARIN OrgTechName: Wood, David CM OrgTechPhone: +1-303-492-4905 OrgTechEmail: dcmwood@spot.colorado.edu OrgTechRef: http://whois.arin.net/rest/poc/DCMW-ARIN RAbuseHandle: ABUSE245-ARIN RAbuseName: Abuse RAbusePhone: +1-303-492-4409 RAbuseEmail: abuse@westnet.net RAbuseRef: http://whois.arin.net/rest/poc/ABUSE245-ARIN RTechHandle: DCMW-ARIN RTechName: Wood, David CM RTechPhone: +1-303-492-4905 RTechEmail: dcmwood@spot.colorado.edu RTechRef: http://whois.arin.net/rest/poc/DCMW-ARIN # end # start NetRange: 198.59.115.0 - 198.59.115.255 CIDR: 198.59.115.0/24 OriginAS: NetName: DBACYBER NetHandle: NET-198-59-115-0-1 Parent: NET-198-59-96-0-1 NetType: Reallocated RegDate: 1994-10-20 Updated: 2001-06-22 Ref: http://whois.arin.net/rest/net/NET-198-59-115-0-1 OrgName: Southwest Cyberport OrgId: SWCP Address: 5021 Indian School NE Address: Suite 600 City: Albuquerque StateProv: NM PostalCode: 87110 Country: US RegDate: 1994-10-20 Updated: 2011-09-24 Ref: http://whois.arin.net/rest/org/SWCP ReferralServer: rwhois://rwhois.swcp.com:4321/ OrgTechHandle: MC143-ARIN OrgTechName: Costlow, Mark OrgTechPhone: +1-505-232-7992 OrgTechEmail: cheeks@swcp.com OrgTechRef: http://whois.arin.net/rest/poc/MC143-ARIN OrgAbuseHandle: MC143-ARIN OrgAbuseName: Costlow, Mark OrgAbusePhone: +1-505-232-7992 OrgAbuseEmail: cheeks@swcp.com OrgAbuseRef: http://whois.arin.net/rest/poc/MC143-ARIN OrgNOCHandle: ZS132-ARIN OrgNOCName: Hostmaster OrgNOCPhone: +1-505-232-7992 OrgNOCEmail: hostmaster@swcp.com OrgNOCRef: http://whois.arin.net/rest/poc/ZS132-ARIN RTechHandle: MC143-ARIN RTechName: Costlow, Mark RTechPhone: +1-505-232-7992 RTechEmail: cheeks@swcp.com RTechRef: http://whois.arin.net/rest/poc/MC143-ARIN # end # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # Se ha encontrado una referencia a rwhois.swcp.com:4321. %rwhois V-1.5:003eff:00 rwhois.swcp.com (by Network Solutions, Inc. V-1.5.9.3) network:Class-Name:network network:ID:NETBLK-SWCP-4-198.59.115.0/26 network:Auth-Area:198.59.115.0/24 network:Network-Name:NET-SWCP4-SWCP network:IP-Network:198.59.115.0/26 network:Name-Server;I:kitsune.swcp.com network:Name-Server;I:ns1.swcp.com network:Org-Name:Southwest Cyberport network:Street-Address:5021 Indian School NE Ste 600 network:City:Albuquerque network:State:NM network:Postal-Code:87110-8910 network:Country-Code:US network:Created:1994-06-01 network:Changed:2001-01-19 network:Tech-Contact;I:ZS132-ARIN network:Tech-Name:Southwest Cyberport network:Tech-Phone:+1-505-232-7992 network:Tech-Email:hostmaster@swcp.com network:Updated-By:hostmaster@swcp.com network:Reason:local services (mail, web, etc) %referral rwhois://rwhois.arin.net:4321/auth-area=. %ok La eleccion de la Ip del segundo caso es arbitrario. Como se interpretan estas dos salidas? Desde ya, muchas gracias! Título: Re: como se interpreta la salida de whois? Publicado por: Diabliyo en 26 Octubre 2012, 06:01 am En primera es solo cuestion que veas el resultado y sabes por donde va...
Pero lo mas importante o bien, "en resumen" es que whois es utilizado constantemente para obtener las credenciales de un sitio web y los DNSs. Las credenciales seria la informacion de contacto y registro de los propietarios del dominio. Y los DNSs para saber que servidores estan resolviendo el dominio. Saludos ! |