 | | |||||
Welcome, Guest! Ready to make a name for yourself in the domain business? We welcome both the hobbyist and professional domainer to join the discussion as part of the NamePros community.
Click here to create your profile to start earning reputation for posting, and trader ratings for buying & selling in our free e-marketplace. Build your trader rating with each successful sale. Our system has tracked over 100,000 sales and counting!
Click here to create your profile to start earning reputation for posting, and trader ratings for buying & selling in our free e-marketplace. Build your trader rating with each successful sale. Our system has tracked over 100,000 sales and counting!
| ||||||||
| Domain Newbies New to domain names? Have your questions answered here. |
 | LeadRefs | Forum Sponsorship |
| New to the domain business? Start making money now by flipping expiring domains! LeadRefs.com has daily lists of the top expiring domains with potential buyers already generated for you. | ||
 |
| | LinkBack | Thread Tools |
03-10-2006, 04:46 PM
| THREAD STARTER #1 (permalink) |
| Senior Member  Join Date: Apr 2004 Location: Emerald Triangle
Posts: 4,592
      | What is Whois? Here is a question I'm often asked by n00bs and even those that have been in this business for awhile. The first part is simple but specifics can get complecated. Thanks to our good friends at Softnik they have given us an indepth summary to refer to. ========================================== What is Whois? Whois is a protocol used to find information about networks, domains and hosts. The whois records normally include data on the organizations and the contacts associated with these networks and domains. Whois services operate through a whois server. Any one can connect to a whois server and send a query. The whois server will then respond to the query and close the connection. Any one can run a whois server. For example a company could run a whois server that provides information about its various departments and employees. The most common use of whois is for finding information about domain names. For example, you can find information on a domain (eg: microsoft.com) by querying the appropriate whois server. Whois Lookup using Telnet Let us assume you want to find the domain registration details regarding "softnik.co.uk" (There is a reason for using a domain name with a "co.uk" extension instead of ".com". We will come to that later). The whois server for UK domains is whois.nic.uk. So all we need to do is connect to whois.nic.uk on port 43 (the standard port defined for whois requests) and then send the string softnik.co.uk followed by a carriage return linefeed pair. You can try this on your own! From the Windows Start button select 'Run'. Now type telnet whois.nic.uk 43 and click OK. The telnet window will open up and briefly show a 'connecting..' message. Once the connection is made the window will be blank. Now type in any UK domain (e.g. microsoft.co.uk) and press enter (please note that the telnet window will not display the text that is being typed in) You should be able to see the unformatted raw domain record in the window. IP Whois: Looking up IP addresses The Internet address space allocation is managed by a number of different organizations. These registries provide IP allocation information through their whois servers. To find the allocation information for a specific IP address, query it first using the ARIN whois server. If the IP address is allocated through any of the other registries this information will be reported by ARIN. More lookups will be required to locate the actual data. When large IP blocks are allocated to a large organization, there may be other whois servers internal to the organization. This means even more lookups. WhoisView is a free Windows software tool that makes looking up IP addresses very simple. It will retrieve the ownership information by digging through various whois servers automatically. It will find information all other similar tools are unable to or don't bother to locate. Organizations responsible for IP allocations American Region The Internet numbering resources for North America is managed by American Registry for Internet Numbers (ARIN). Web Site: www.arin.net Whois Server: whois.arin.net Asia/Oceania Region Asia Pacific Network Information Centre (APNIC) serves the Asia Pacific region, comprising the countries in Asia and Australia. Web Site: www.apnic.net Whois Server: whois.apnic.net Europe & Middle East The RIPE Network Coordination Centre (RIPE NCC) manages the IP allocation in Europe, The Middle East, The North of Africa and parts of Asia. Web Site: www.ripe.net Whois Server: whois.ripe.net Latin American & Caribbean Region The Latin American and Caribbean IP address Regional Registry (LACNIC), is the emerging organization that will administer the Latin American and Caribbean Region IP address space. Web Site: www.lacnic.org Whois Server: whois.lacnic.net African Region The African Network Information Center (AfriNIC), is the emerging organization that will administer IP allocation for Africa. Web Site: www.afrinic.org Domain Whois: Looking up Domain Names The most common use of whois is for looking up domain names. This may be for checking available domain names before registering or to locate information on the domain name registrant. The whois server for domain registration records are maintained by the organization authorized to register domain names. This depends on the specific domain name extension. There are a number of registrars for the popular Com, Net and Org domains. This means that the actual domain records are generally not available from a single whois server. Whois lookup for Com, Net and Org Domains Here is the procedure for looking up the popular top level domains. Query whois.crsnic.net (or rs.internic.net) for Com & Net Domains or whois.publicinterestregistry.net for Org Domains. Check the returned records to see if the domain is already registered. If it is, look for the authoritative whois server Query the authoritative whois server to obtain the actual whois records. Whois View will perform the above steps automatically and you will be able to obtain the actual whois records straight away. Whois lookup for other top level domains The other top level domain registrars maintain their own whois servers. Some of the main domain extensions and the whois servers are listed below. INFO: whois.afilias.info BIZ: whois.neulevel.biz AERO: whois.information.aero COOP: whois.nic.coop NAME: whois.nic.name For more information on the ICANN approved top level domains please visit ICANN TLD Programs. Domain Whois: Port 43 Whois servers normally accept connections on port 43. This means that your whois client should be able to transmit and receive data using this port. If you are behind a firewall or proxy the whois lookups may not work. If this is the case ask your system administrator to open up port 43. High speed whois lookups There is always a temptation to perform domain lookups at high speeds using multiple threads. If you do this you will soon start seeing outputs similar to the following Welcome to the NSI Registrar Whois Server. Your IP address is contained within a list of IP addresses that may have failed to abide by Network Solutions' Whois policy. If you feel this is in error, please contact us at 1-888-642-9675 or (703)-742-0914 or at whoisquery@networksolutions.com. Remember that whois servers are being used and abused. Whois server administrators have responded with limits on how many lookups may be performed per minute, per day, etc. Whois Lookup Policies If you are using a software like Watch My Domains or Domain Name Analyzer you need to be careful about the number of connections you make to the whois servers. Here are some examples of the limits set by different domain registrars. Please note that these are just a few examples. Almost all registrars have similar limits in place. Tucows (whois.opensrs.net) rejects multiple simultaneous connections from the same IP. You will have to be satisfied with one connection at a time. BulkRegister (whois.bulkregiter.net) will immediately block the IP temporarily if they notice a large number of connections being made. This is done by their software automatically. Network Solutions (whois.networksolutions.com) will block the IP temporarily if you do more than 1000 lookups in a day. Go Daddy (whois.godaddy.com) will simply start hiding all the relevant information from the returned whois text if your IP gets in their list. ...most other registrars also have similar restrictions. IMPORTANT: If your internet connection has a permanent IP, you should be very careful while using public resources like whois servers. Make sure that your IP doesn't find its way into various registrar ban lists. If you ever find your IP banned give them a call and explain your situation. Find out what got you banned and assure them that you will follow their whois policy usage guidelines. Verisign/Netsol provides bulk access to the WHOIS data through a license agreement with them. For information, send an e-mail message to bulkwhois @ netsol.com. Whois from behind a proxy server or firewall If you are behind a firewall or proxy the whois lookups may not work. If this is the case ask your system administrator to open up TCP port 43. Simple Whois Clients Whois clients connect to a whois server and retrieve information. Whois View is an example. Most of the time you just need a simple whois client to lookup domains or IP addresses. Whois View is the ideal solution if you are using the Windows platform. Advanced Whois Clients There are times when your whois client software requires more features and options. The advanced features include ability to query multiple whois servers simultaneously, perform high speed lookups, provide processing of the whois output records, ability to store the results in a database, caching the results to prevent unnecessary lookups, etc. Whois Proxy Technically a "proxy" is a person or agency who has authority to act for another. Whois Proxies act as an intermediary between a whois client and whois servers. Now, why would you need an intermediary for doing whois lookups? There are a number of reasons why a whois proxy is useful. Uses of a Whois Proxy Whois proxies can act as a single point of contact between the whois client and whois servers. Instead of the whois client being aware of different whois servers it only needs to communicate with the proxy. The proxy takes care of deciding which whois server to connect to. This has the advantage that any required code changes may be made at the proxy (instead of updating every copy of the whois client on multiple computers) Whois proxies can cache the data reducing overall network traffic to and from whois servers. For example, if person A asks for specific domain record, the proxy first checks if a fresh data is available in the local cache. If it is not, the data is retrieved and supplied to A's whois client. The data is also cached locally. If after a few minutes ????: NamePros.com http://www.namepros.com/domain-newbies/175546-what-is-whois.html person B asks for the same data, it is picked up from the local cache and supplied to B. No connections are made to the whois servers. If you are behind a firewall that rejects direct connects to port 43, you can try accessing a whois proxy that uses the HTTP protocol. Since HTTP connects are almost never prevented by a firewall, this method provides an easy way to overcome network restrictions. Country Code Top Level Domains There are two types of top-level domains: generic and country code. Generic Top Level Domains (gTLD) are used on a global basis and include tlds like Com, Net, org, Info, biz, Aero, etc. Country code Top Level Domains (ccTLD) are meant for use by individual countries, as they deem necessary. Examples include .US, .UK, .AU, .IN, etc. Some country code domains are open to registration on a global basis. However most of the country code domains are restricted. Whois Servers for ccTLDs The registries for country code TLDs maintain their own whois servers. Here are a few examples UK: whois.nic.uk US: whois.nic.us ca: whois.cira.ca de: whois.nic.de ws: whois.nic.ws au: whois.aunic.net nu: whois.nic.nu Strange Whois Results Whois Results for Microsoft.Com Have you tried looking up Microsoft.Com using whois.crsnic.net (or rs.internic.net)? This is what you will get back! (edited output) Whois Server Version 1.3 Domain names in the .com, .net, and .org domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. MICROSOFT.COM.WILL.CRASH.IN.6MN.ORG MICROSOFT.COM.WILL.BE.....WITH.MY.SPANNER .NET MICROSOFT.COM.WANADOODOO.COM MICROSOFT.COM.SUX.BUT.PYROFREAK.ORG.R ULEZ.... MICROSOFT.COM.SHOULD.....BECAUSE.LINUXIS GOD.COM MICROSOFT.COM.RAWKZ.MUH.WERLD.MENTAL FLOSS.CA MICROSOFT.COM.IS.SOON.GOING.TO.THE.... MICROSOFT.COM.IS.NOT.SEXYCOOL.ORG MICROSOFT.COM.HAS.ITS.OWN.CRACKLAB.CO M MICROSOFT.COM.FILLS.....BELLIGERENCE.NET ... The Explanation No, no one has cracked Microsoft's website or the registry database. It is done by simply creating name servers with those names. If you look carefully, all those additional entries are not top level domain names. They are all name servers. The registry not only stores information on domain names but also the name servers. So, if the owner of myowndomain00.com creates a name server called, say "microsoft.com.is.whatever.myowndomain00.com" and registers it at their registrar as a valid name server, the information will find its way into the registry zone file. When you do a simple lookup for just "microsoft.com" the whois server pulls out all entries that start with 'microsoft.com'. These entries will include not only domain names but also name servers. Looking up COM and NET Domains, the right way So how do you find the actual information for Microsoft.Com? Add the word domain followed by a blank space before the actual domain name. So in this case do a lookup for domain microsoft.com instead of just microsoft.com. The above tells the whois server to pull out only domain name records and not name servers. Note that it is better to do the above for all Com and Net domain lookups, since the same problem can occur with any domain. Site Visitor's Geographical Location An often asked question is... "Can we use a tool like Whois View or IP Lookup to determine the geographical location of a site visitor?" The answer is a partial yes. However there are a number of issues involved depending on how you intend to implement it. There are no serious problems involved if you intend to use IP address only as a method of roughly identifying the geographical location. However it is not a good idea to make important decisions based on the IP address of the visitor. Problems with geographical identification Not all IP based identifications are accurate. IP lookups only allow you to locate the address of an organization that owns the block. It doesn't mean that the IP is actually allocated/used in the same country (fortunately in most cases the IP addresses are allocated in the same country). People move around. Some one from France could move to Germany during the weekend and then browse from there. If your website uses the IP address to present a site customized to the geographical area, ensure that there is a way for your visitor to change the default selection (like providing a drop-down box for selecting the country). Even now there are sites that simply don't provide such an option. Your site visitor may be browsing using a proxy server located in another country or continent. IP based geographical identification will be completely inaccurate in this case. Credit Card Fraud Detection An area where IP address lookup is very useful is for credit card fraud identification. If you are merchant who ships costly products after taking a credit card payment you would want to ensure that the order is is not made using a stolen card. One common feature of many fake credit card orders is that the orders often originate from a different country. If John Doe from Maryland, USA orders a product and then you notice that his Internet Service provider is in a totally different country, there is probably some thing wrong. Use Whois View to check the IP address of the person who made the order and verify that there is nothing suspicious. Please note that people travel and the purchase could be genuine. So don't always assume that all such purchases are fraud. ================================================== ======== So thats it for today fellow members. I hope this was informative and answers some your questions. There is a lot more to the whois system than could possibly be explained in one article, or even one lifetime... Basicly it's complicated because it's designed to help, if that makes any sense.  -------- (It sux I have to disclaim before I tell you about a very cool company) I have no connection with Softnik except that they have an excelent catalog of outstanding tools, both freeware and shareware, and I really appreciate the full features he has allowed in the demos. Man these are the timesavers and have the "drill down" abilities that can make the difference between xx and xxx.  Here are some of his freeware tools. If you have ????: NamePros.com http://www.namepros.com/showthread.php?t=175546 never used DNA before, you are in for a real good time and we'll see you in a few days....  >>> Softnik Technologies <<< Domain Status Domainfilter Domain Name Analyzer  ~ Cyberian ~
__________________ Remember who your loyalties are divided between, and choose for the right reasons who deserves them. |
|
|
03-10-2006, 06:20 PM
| #4 (permalink) |
| NamePros Expert  Join Date: Oct 2003 Location: ANForum
Posts: 5,218
| wow..super cool stuff. thanks a lot cyberian  
__________________ |www.vb-skins.com|- Quality Premade Vbulletin skins for Your VB forum makeover |www.Banjir.com|-Free image hosting?[B]For Sale!|AlphaScripts|Money Generating Scripts FREE VB Skins |
|
|
|
03-10-2006, 06:36 PM
| THREAD STARTER #5 (permalink) | ||||
| Senior Member Join Date: Apr 2004 Location: Emerald Triangle
Posts: 4,592
|
????: NamePros.com http://www.namepros.com/showthread.php?t=175546 Cyberian (formally kid5150)
__________________ Remember who your loyalties are divided between, and choose for the right reasons who deserves them. | ||||
|
|
|
03-10-2006, 10:55 PM
| #7 (permalink) |
| NamePros Regular Join Date: Oct 2005 Location: India
Posts: 608
| what a wonderful article that was! rep added.
__________________ My blog (beta) Bachelor.co.in - Gemstone.co.in Assets.co.in - PropertyDealers.org MortgageFirms.org - eLearner.org |
|
|
|
03-11-2006, 01:25 AM
| #8 (permalink) |
| Ravaged By Age  Join Date: Jun 2004 Location: PST + 8
Posts: 3,502
  | Unless of course its a Verisign run .TV whois lookup for then the answer to "what is a .TV whois?" would be: "A random system of time wasting root registry protocols, neither one matching another, vague, difficult, pointless, liquid and irrelevant" There, ive solved the riddle... So when you get this message from the root registry: It is our policy not to return whois information for domains owned by other registrars. Sit back, deep breath, realise its only verisign, smile and then go about your day.
__________________ |
|
|
|
03-11-2006, 06:30 AM
| THREAD STARTER #9 (permalink) | ||||
| Senior Member Join Date: Apr 2004 Location: Emerald Triangle
Posts: 4,592
| Hi Ian.... Yea, Thats for sure!!!! Of all the ext's, .tv has got to be the hardest lookup. My managment proggys show my .tv's as available.... You'de think that you guys up in the TV forum would have found at least one workaround by now.... lol
__________________ Remember who your loyalties are divided between, and choose for the right reasons who deserves them. | ||||
|
|
|
03-11-2006, 06:36 AM
| #10 (permalink) |
| Senior Member  Join Date: Dec 2004 Location: balkhis.com
Posts: 3,158
 | excellent post cyberian very informative article
__________________ Balkhis - Helpful tips regarding marketing, SEO, Web Design and SEO. Uzzz Productions - Custom Web Designs | WordPress Beginners Guide |
|
|
|
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| soooo many yahoo's | redhippo | Domain Name Discussion | 5 | 07-12-2005 11:26 PM |
| .DE Sale | jane118 | Domains For Sale - Make Offer | 0 | 07-21-2004 08:45 PM |
| Deleted Domain List Site FREE | dropscripts | For Sale / Advertising Board | 12 | 09-24-2003 07:16 AM |
 |
All times are GMT -7. The time now is 03:36 PM.
