WHOIS (DNS-related)

When a DNS domain is registered, the registrant provides some standard information which is called the “WHOIS” data.

Note that the WHOIS protocol is different than the DNS protocol. For example, the WHOIS protocol has (TCP?) port 43 reserved, while DNS uses port 53 (primarily UDP).

Note that this article is mainly focused on using WHOIS with DNS data. There is also the RIR-based WHOIS lookup, which provides information about who has been assigned official control over an IP address block. Both of these sort of lookups are referred to as a “WHOIS” lookup, which does present some possible cause for confusion.

WHOIS protocol RFC

IETF RFC 3912: WHOIS Protocol Specification marked IETF RFC 954: NICNAME/WHOIS as obsolete, which itself is an update from the older IETF RFC 812: NICNAME/WHOIS.

Other info
Wikipedia on WHOIS
WHOIS clients

Looking up WHOIS data is often done with:

WHOIS for Unix

The whois command came with 4.3BSD and shows up in many newer operating systems.

WHOIS for Microsoft Windows

Inconveniently, Microsoft Windows has not come with a WHOIS client (at least, not to the knowledge of the author of this text, at the time of this writing). However, there are some downloadable options available.

LTR Data's whois

LTR Data's “Tools and Utilities for Windows”: section on “Small command line utilities” provides a client. Source code is available. This author has been known to make some very streamlined executables, so this is probably the best bet for a quality program. A key reason for this excellence is the program's usage of LTR Data's minwcrt. (Related details are mentioned at TOOGAM's Software Archive: “Software Development” section, information related to code by “LTR Data”.) The program provides a fairly high amount of functionality.

The program's home page ( LTR Data's “Tools and Utilities for Windows”: section on “Small command line utilities”) describes this as a “Win32 port of the GNU whois client.” Therefore, GNU inetutils manual: whois invocation might be the most official manual for this code. (There may be some differences though. The online manual mentions -V as a parameter that does the same thing as --verbose, but this software does not support the -V shortcut. The software does support --verbose, and the difference is likely just caused by difference in software versions.)

When using this software, you probably want to specify -a, which will cause the program to try multiple online databases as it works to provide the requested information.

whois -a example.com

It is unfortunate that this software has been known to be flagged by anti-virus software, when obtained straight from LTR Data's website. This is probably just because LTR Data uses the highly efficient minwcrt (Minimal Windows C Run-Time Library) which, unfortunately, hasn't been as widely adopted as some less efficient libraries. If you get this flagged, it is recommended to complain to the anti-virus vendor. Hopefully this will happen better over time, perhaps as more people learn about minwcrt.

Nirsoft WhoisCL
Nirsoft WhoisCL is a command line program.
Sysinternals WHOIS

Sysinternals WHOIS is probably more well-known just because Sysinternals software has started to be distributed by Microsoft. If the (built-into-Microsoft-Windows) WebDAV client is started, this can be run remotely from the command line, without requiring much effort to try to first download the file.

net start WebClient
\\live.microsoft.com\Tools\whois /?
\\live.microsoft.com\Tools\whois -v -nobanner -accepteula example.org

This may be documented a bit further in the section for WebDAV clients.

The -accepteula writes a registry entry, which could also be created with:

REG QUERY HKCU\Software\Sysinternals\Whois /v EulaAccepted
REG ADD HKCU\Software\Sysinternals\Whois /v EulaAccepted /t REG_DWORD /d 1

(If that registry entry doesn't exist, then the software prompts the user.)

NirSoft WhoisThisDomain provides a GUI and supports command line options.

WHOIS for OS/2

If memory is correctly serving this text's author, WHOIS data could be looked up using OS/2, and OS/2 might have even come with a WHOIS client without needing to download the software. (Perhaps that required OS/2 3.0 WARP and the Internet add-on bundled with that operating system.)

Web pages