squ=sqrt(squ)_当人们发出WHOIS请求时，域名Squ窃者能否检测到？

squ=sqrt(squ)

It can be very frustrating if you find out the unclaimed domain name you wanted has suddenly been registered right out from under you by a domain squatter the day after you looked it up. With that dilemma in mind, today’s SuperUser Q&A post has the answer to a curious reader’s question.

如果您发现想要的无人认领的域名突然在第二天就被域名抢注者从您下面注册了，那可能会非常令人沮丧。 考虑到这一难题，今天的《超级用户问答》帖子回答了一个好奇的读者的问题。

Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.

今天的“问答”环节由SuperUser提供，它是Stack Exchange的一个分支，该社区是由社区驱动的Q＆A网站分组。

问题 (The Question)

SuperUser reader William wants to know if domain squatters can detect when people make WHOIS requests:

超级用户读者William想知道域名抢注者是否可以检测到人们何时发出WHOIS请求：

I have always used whois domain.com to check for information about domains, but this Stack Exchange question made me stop and think:

我一直使用whois domain.com来检查有关域的信息，但是这个Stack Exchange问​​题使我停下来思考：

How do I check that a domain is available without triggering a grabber?

如何在不触发采集卡的情况下检查域是否可用？

Can domain squatters actually detect when WHOIS requests are made?

域名抢注者能否真正检测到何时发出WHOIS请求？

Can domain squatters detect when people make WHOIS requests?

域名抢注者能否检测到人们何时发出WHOIS请求？

答案 (The Answer)

SuperUser contributor davidgo has the answer for us:

超级用户贡献者davidgo为我们提供了答案：

Generally, no. You will notice that in the comments of the Stack Exchange question you linked to, we discovered that it was done through a web interface to WHOIS. The web interface was the “gotcha” element, and it was not the WHOIS query that was pinched, but it was a kind of man-in-the-middle attack where the “web->WHOIS interface” was used to hijack the request. When making a WHOIS request, use a trusted WHOIS client directly, not a web interface, and you should be OK.

通常，不会。 您会注意到，在链接到的Stack Exchange问​​题的评论中，我们发现它是通过WHOIS的Web界面完成的。 Web界面是“陷阱”元素，不是捏住了WHOIS查询，而是一种中间人攻击，其中“ web-> WHOIS接口”用于劫持请求。 提出WHOIS请求时，请直接使用受信任的WHOIS客户端，而不要使用Web界面，您应该可以。

I answered “Generally, no.” because it is conceivable that a registrar has been hacked or is in league with the bad guys, and you would not necessarily know about it. This is unlikely for most decent domains though. It is also possible (but again, unlikely) that your ISP is in on it and is sniffing the WHOIS requests through traffic since these requests are not encrypted.

我回答“一般来说，不。” 因为可以想象注册商被黑客入侵或与坏人同在，而您不一定会知道。 不过，对于大多数体面的域名来说，这不太可能。 您的ISP也有可能进入(但又不太可能)，并且正在通过流量嗅探WHOIS请求，因为这些请求未加密。

For what it is worth, I have never had a domain name registered out from under me as a result of making a WHOIS request (through the use of a standard Linux WHOIS client).

就其价值而言，由于提出了WHOIS请求(通过使用标准Linux WHOIS客户端)，我从未在我下面注册过域名。

Additional Links of Interest

感兴趣的其他链接

Domain Tasting [Wikipedia]

品尝域名[Wikipedia]

Domain Name Front Running [Wikipedia]

域名运行中[Wikipedia]

---

---

Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.

有什么补充说明吗？ 在评论中听起来不错。 是否想从其他精通Stack Exchange的用户那里获得更多答案？ 在此处查看完整的讨论线程。

Image Credit: Zeroos (Wikimedia Commons)

图片来源： Zeroos(Wikimedia Commons)

翻译自: https://www.howtogeek.com/306673/can-domain-squatters-detect-when-people-make-whois-requests/

squ=sqrt(squ)