A whois lookup will tell you a lot of information about who owns an internet domain. On Linux, you can run whois lookups from the command line. We’ll walk you through it.
Whois查询将告诉您许多有关谁拥有互联网域的信息。 在Linux上,您可以从命令行运行whois查找。 我们将引导您完成整个过程。
Whois系统 (The whois System)
The whois system is a listing of records that contains details about both the ownership of domains and the owners. The Internet Corporation for Assigned Names and Numbers (ICANN) regulates domain name registration and ownership, but the list of records is held by many companies, known as registries.
whois系统是记录列表,其中包含有关域所有权和所有者的详细信息。 互联网名称与数字地址分配机构 (ICANN)监管域名的注册和所有权,但是记录列表由许多公司(称为注册管理机构)持有。
Anyone can query the list of records. When you do, one of the registries will handle your request and send you details from the appropriate whois record.
任何人都可以查询记录列表。 完成后,其中一个注册管理机构将处理您的请求,并从适当的whois记录向您发送详细信息。
Before we go any further, it’s important that you’re familiar with the following terms:
在继续进行之前,请务必熟悉以下术语:
Registry: A company that manages a list containing a set of domain names (there are many of these).
注册表:一家管理包含一组域名(很多域名)的列表的公司。
Registrant: The legal owner of the domain; it’s registered to this person.
注册人:域名的合法所有者; 它已注册到此人。
Registrar: A registrant uses a registrar to make his or her registration.
注册服务商:注册人使用注册服务商进行注册。
A whois record contains all the contact information associated with the person, company, or other entity that registered the domain name. Some registrations contain more information than others, and some registries return differing amounts of information.
Whois记录包含与注册域名的个人,公司或其他实体相关联的所有联系信息。 一些注册所包含的信息比其他注册所包含的信息更多,而某些注册所返回的信息量却不同。
A typical whois record will contain the following information:
典型的whois记录将包含以下信息:
The name and contact information of the registrant: The owner of the domain.
注册人的姓名和联系信息:域的所有者。
The name and contact information of the registrar: The organization that registered the domain name.
注册商的名称和联系信息:注册域名的组织。
The registration date.
注册日期。
When the information was last updated.
信息的最新更新时间。
The expiration date.
到期日期。
You can make whois requests on the web, but, with the Linux whois command, you can perform lookups right from the command line. This is useful if you need to perform a lookup from a computer without a graphical user interface, or if you want to do so from a shell script.
您可以在网络上发出whois请求,但是使用Linux whois命令,您可以直接从命令行执行查找。 如果您需要从没有图形用户界面的计算机上执行查找,或者想要从Shell脚本中执行查找,这将非常有用。
安装Whois (Installing whois)
The whois command was already installed on Ubuntu 20.04. If you need to install it on your version of Ubuntu, you can do so with the following command:
在Ubuntu 20.04上已经安装了whois命令。 如果需要在Ubuntu版本上安装它,可以使用以下命令进行安装:
sudo apt-get install whois
On Fedora, use the command below:
在Fedora上,使用以下命令:
sudo dnf install whois
And finally, on Manjaro, type the following:
最后,在Manjaro上,键入以下内容:
sudo pacman -Syu whois
将Whois与域名一起使用 (Using whois with a Domain Name)
You can use the whois command with domain names or Internet Protocol (IP) addresses. A slightly different set of information is returned for each of these.
您可以将whois命令与域名或Internet协议 (IP)地址一起使用。 对于这些信息,返回的信息集略有不同。
We’ll use a domain name for our first example:
我们将在第一个示例中使用域名:
whois cnn.com
The response from the whois registry starts with a summary, and then repeats itself with extra information included. We’ve included an example below with trademark statements and terms of use removed:
Whois注册表的响应以摘要开头,然后重复其自身并包含额外的信息。 我们在下面提供了一个示例,其中删除了商标声明和使用条款:
Domain Name: CNN.COM
Registry Domain ID: 3269879_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.corporatedomains.com
Registrar URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.html
Updated Date: 2018-04-10T16:43:38Z
Creation Date: 1993-09-22T04:00:00Z
Registry Expiry Date: 2026-09-21T04:00:00Z
Registrar: CSC Corporate Domains, Inc.
Registrar IANA ID: 299
Registrar Abuse Contact Email: domainabuse@cscglobal.com
Registrar Abuse Contact Phone: 8887802723
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
Name Server: NS-1086.AWSDNS-07.ORG
Name Server: NS-1630.AWSDNS-11.CO.UK
Name Server: NS-47.AWSDNS-05.COM
Name Server: NS-576.AWSDNS-08.NET
DNSSEC: unsigned
This is reasonably self-explanatory. We see various details about the registrar and registry, including contact details, registration dates, and so on. There are a few entries in the list that you might not recognize.
这是不言而喻的。 我们会看到有关注册商和注册管理机构的各种详细信息,包括联系方式,注册日期等。 列表中有一些您可能无法识别的条目。
The Internet Assigned Numbers Authority (IANA) oversees and coordinates things like top-level Domain Name System zones, IP protocol addressing systems, and the list of registries. This registry is number 299, which is indicated in the listing as “IANA ID: 299.”
互联网号码分配机构 (IANA)负责监督和协调顶级域名系统区域, IP协议寻址系统以及注册表列表之类的内容 。 该注册表为299,在清单中以“ IANA ID:299”表示。
The “domain status” lines show the state in which the domain is, and it can be in several simultaneously. The states are defined in the Extensible Provisioning Protocol. Some of these are rarely seen, and others are restricted to certain situations, such as legal disputes.
“域状态”行显示了域所在的状态,并且可以同时处于多个域中。 状态在可扩展配置协议中定义。 其中一些很少见,而另一些则仅限于某些情况,例如法律纠纷。
The following states are attached to this registration:
此注册附加以下状态:
clientTransferProhibited: The domain’s registry will reject requests to transfer the domain from the current registrar to another.
clientTransferProhibited:域的注册表将拒绝将域从当前注册器转移到另一个注册器的请求。
serverDeleteProhibited: The domain cannot be deleted.
serverDeleteProhibited:无法删除该域。
serverTransferProhibited: The domain cannot be transferred to another registrar.
serverTransferProhibited:无法将域转移到另一个注册商。
serverUpdateProhibited: The domain cannot be updated
serverUpdateProhibited:无法更新域
The last three are usually enabled at the registrant’s request, or if a legal dispute is in progress. In this case, CNN probably requested these to be enforced to “lock down” the company’s domain.
通常,后三者应注册人的要求启用,或者如果发生法律纠纷。 在这种情况下,CNN可能要求强制执行这些操作以“锁定”公司的域名。
“!DNSSEC” stands for Domain Name System Security Extensions, a scheme that allows a DNS name resolver to cryptographically check that the data it received from the DNS zone is valid and hasn’t been tampered with.
“!DNSSEC”代表“ 域名系统安全扩展” ,该方案允许DNS名称解析器以密码方式检查从DNS区域接收到的数据是否有效且未被篡改。
The longer part of the response is shown below:
响应的较长部分如下所示:
Domain Name: cnn.com
Registry Domain ID: 3269879_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.corporatedomains.com
Registrar URL: www.cscprotectsbrands.com
Updated Date: 2018-04-10T16:43:38Z
Creation Date: 1993-09-22T04:00:00Z
Registrar Registration Expiration Date: 2026-09-21T04:00:00Z
Registrar: CSC CORPORATE DOMAINS, INC.
Registrar IANA ID: 299
Registrar Abuse Contact Email: domainabuse@cscglobal.com
Registrar Abuse Contact Phone: +1.8887802723
Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibited
Domain Status: serverDeleteProhibited http://www.icann.org/epp#serverDeleteProhibited
Domain Status: serverTransferProhibited http://www.icann.org/epp#serverTransferProhibited
Domain Status: serverUpdateProhibited http://www.icann.org/epp#serverUpdateProhibited
Registry Registrant ID:
Registrant Name: Domain Name Manager
Registrant Organization: Turner Broadcasting System, Inc.
Registrant Street: One CNN Center
Registrant City: Atlanta
Registrant State/Province: GA
Registrant Postal Code: 30303
Registrant Country: US
Registrant Phone: +1.4048275000
Registrant Phone Ext:
Registrant Fax: +1.4048271995
Registrant Fax Ext:
Registrant Email: tmgroup@turner.com
Registry Admin ID:
Admin Name: Domain Name Manager
Admin Organization: Turner Broadcasting System, Inc.
Admin Street: One CNN Center
Admin City: Atlanta
Admin State/Province: GA
Admin Postal Code: 30303
Admin Country: US
Admin Phone: +1.4048275000
Admin Phone Ext:
Admin Fax: +1.4048271995
Admin Fax Ext:
Admin Email: tmgroup@turner.com
Registry Tech ID:
Tech Name: TBS Server Operations
Tech Organization: Turner Broadcasting System, Inc.
Tech Street: One CNN Center
Tech City: Atlanta
Tech State/Province: GA
Tech Postal Code: 30303
Tech Country: US
Tech Phone: +1.4048275000
Tech Phone Ext:
Tech Fax: +1.4048271593
Tech Fax Ext:
Tech Email: hostmaster@turner.com
Name Server: ns-576.awsdns-08.net
Name Server: ns-1086.awsdns-07.org
Name Server: ns-47.awsdns-05.com
Name Server: ns-1630.awsdns-11.co.uk
DNSSEC: unsigned
This gives us more or less the same information as the summary, with extra sections about the registrant and their contact details for administrative and technical purposes.
这为我们提供了与摘要大致相同的信息,并为管理和技术目的提供了有关注册人及其联系方式的更多内容。
The registrant name is given as “Domain Name Manager.” Sometimes, for a fee, companies choose to let their registrar register the domain on their behalf under a generic name the registrar maintains for this purpose. That appears to be the case here. However, as the address of the registrant is “1 CCN Center,” it’s obvious who the registrant is.
注册者名称为“域名管理器”。 有时,公司会收费(选择收费),让其注册服务商以其通常所使用的通用名称代表其注册域名。 这里似乎是这种情况。 但是,由于注册人的地址是“ 1 CCN中心”,因此显然是谁。
通过IP地址使用Whois (Using whois with an IP Address)
Using whois with an IP address is just as simple as using it with a domain name. Just specify an IP address after whois, like so:
使用whois和IP地址就像使用whois一样简单。 只需在whois之后指定一个IP地址,如下所示:
whois 205.251.242.103
This is the output returned by whois:
这是whois返回的输出:
NetRange: 205.251.192.0 - 205.251.255.255
CIDR: 205.251.192.0/18
NetName: AMAZON-05
NetHandle: NET-205-251-192-0-1
Parent: NET205 (NET-205-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS16509, AS39111, AS7224
Organization: Amazon.com, Inc. (AMAZON-4)
RegDate: 2010-08-27
Updated: 2015-09-24
Ref: https://rdap.arin.net/registry/ip/205.251.192.0
OrgName: Amazon.com, Inc.
OrgId: AMAZON-4
Address: 1918 8th Ave
City: SEATTLE
StateProv: WA
PostalCode: 98101-1244
Country: US
RegDate: 1995-01-23
Updated: 2020-03-31
Ref: https://rdap.arin.net/registry/entity/AMAZON-4
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-266-4064
OrgAbuseEmail: abuse@amazonaws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-266-4064
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
OrgRoutingHandle: ADR29-ARIN
OrgRoutingName: AWS Dogfish Routing
OrgRoutingPhone: +1-206-266-4064
OrgRoutingEmail: aws-dogfish-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ADR29-ARIN
OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-266-4064
OrgRoutingEmail: aws-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-266-4064
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
RTechHandle: ROLEA19-ARIN
RTechName: Role Account
RTechPhone: +1-206-266-4064
RTechEmail: ipmanagement@amazon.com
RTechRef: https://rdap.arin.net/registry/entity/ROLEA19-ARIN
RAbuseHandle: ROLEA19-ARIN
RAbuseName: Role Account
RAbusePhone: +1-206-266-4064
RAbuseEmail: ipmanagement@amazon.com
RAbuseRef: https://rdap.arin.net/registry/entity/ROLEA19-ARIN
RNOCHandle: ROLEA19-ARIN
RNOCName: Role Account
RNOCPhone: +1-206-266-4064
RNOCEmail: ipmanagement@amazon.com
RNOCRef: https://rdap.arin.net/registry/entity/ROLEA19-ARIN
The first section contains information regarding the organization that owns the IP address we searched for (in this case, one of many owned by Amazon). We’re also given some identifiers used to identify Amazon.com, Inc. internally by the registry.
第一部分包含有关拥有我们搜索的IP地址的组织的信息(在这种情况下,这是Amazon拥有的许多地址之一)。 我们还为注册表提供了一些用于内部识别Amazon.com,Inc.的标识符。
The second section contains the address and name of the registrant, Amazon.com, Inc. The web address in the “Ref:” field contains this information in JavaScript Object Notation (JSON) format.
第二部分包含注册人Amazon.com,Inc.的地址和名称。“ Ref:”字段中的网址包含JavaScript Object Notation (JSON)格式的此信息。
The other sections contain contact information that allows you to report issues regarding abuse, network operation, traffic routing, and so on.
其他部分包含联系信息,使您可以报告有关滥用,网络操作,流量路由等的问题。
在脚本中使用Whois (Using whois in a Script)
To use whois in a script, let’s assume we have a set of domains for which we need to check the expiration dates. We can accomplish this with a small shell script.
要在脚本中使用whois,我们假设我们有一组域需要检查到期日期。 我们可以使用一个小的Shell脚本来完成此任务。
Type this into an editor, and save it as “get-expiry.sh”:
在编辑器中输入以下内容,并将其另存为“ get-expiry.sh”:
#!/bin/bash
DOMAIN_LIST="howtogeek.com reviewgeek.com lifesavvy.com cloudsavvyit.com"
echo "Expiration dates:"
for domain in $DOMAIN_LIST
do
echo -n "$domain :: "
whois $domain | grep 'Expiration' | awk '{print $5}'
done
Set the script to have executable permissions by using the chmod command, as shown below:
使用chmod命令将脚本设置为具有可执行权限 ,如下所示:
chmod +x get-expiry.sh
Run the script by calling it by name:
通过按名称调用脚本来运行脚本:
./get-expiry.sh
The expiration date for each domain is extracted from the response from whois by using grep to find lines that contain the string “Expiration,” and using awk to print the fifth item from that line.
通过使用grep 查找包含字符串 “ Expiration”的行,并使用awk 从该行打印第五项,从whois的响应中提取每个域的到期日期。
便利与自动化 (Convenience and Automation)
Yes, you can also perform whois lookups online. However, having the whois command available in the terminal window and scripts offers convenience, flexibility, and gives you the option to automate some of your workload.
是的,您还可以在线执行whois查找。 但是,在终端窗口和脚本中提供whois命令可以提供便利,灵活性,并为您提供一些自动化工作负载的选项。
翻译自: https://www.howtogeek.com/680086/how-to-use-the-whois-command-on-linux/
1450
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
