WHOIS (DNS-related)
When a DNS domain is registered, the registrant provides some standard information which is called the “WHOIS” data.
Note that the WHOIS protocol is different than the DNS protocol. For example, the WHOIS protocol has (TCP?) port 43 reserved, while DNS uses port 53 (primarily UDP).
Note that this article is mainly focused on using WHOIS with DNS data. There is also the RIR-based WHOIS lookup, which provides information about who has been assigned official control over an IP address block. Both of these sort of lookups are referred to as a “WHOIS” lookup, which does present some possible cause for confusion.
- WHOIS protocol RFC
-
IETF RFC 3912: WHOIS Protocol Specification marked IETF RFC 954: NICNAME/WHOIS as obsolete, which itself is an update from the older IETF RFC 812: NICNAME/WHOIS.
- Other info
- Wikipedia on WHOIS
- WHOIS clients
-
Looking up WHOIS data is often done with:
- WHOIS for Unix
-
The
whois - WHOIS for Microsoft Windows
-
Inconveniently, Microsoft Windows has not come with a WHOIS client (at least, not to the knowledge of the author of this text, at the time of this writing). However, there are some downloadable options available.
-
LTR Data's
whois -
LTR Data's “Tools and Utilities for Windows”: section on “Small command line utilities” provides a client. Source code is available. This author has been known to make some very streamlined executables, so this is probably the best bet for a quality program. A key reason for this excellence is the program's usage of LTR Data's minwcrt. (Related details are mentioned at TOOGAM's Software Archive: “Software Development” section, information related to code by “LTR Data”.) The program provides a fairly high amount of functionality.
The program's home page ( LTR Data's “Tools and Utilities for Windows”: section on “Small command line utilities”) describes this as a “Win32 port of the GNU
whoiswhois-Vas a parameter that does the same thing as--verbose, but this software does not support the-Vshortcut. The software does support--verbose, and the difference is likely just caused by difference in software versions.)When using this software, you probably want to specify
-a, which will cause the program to try multiple online databases as it works to provide the requested information.whois-aexample.comIt is unfortunate that this software has been known to be flagged by anti-virus software, when obtained straight from LTR Data's website. This is probably just because LTR Data uses the highly efficient minwcrt (Minimal Windows C Run-Time Library) which, unfortunately, hasn't been as widely adopted as some less efficient libraries. If you get this flagged, it is recommended to complain to the anti-virus vendor. Hopefully this will happen better over time, perhaps as more people learn about minwcrt.
- Nirsoft WhoisCL
- Nirsoft WhoisCL is a command line program.
- Sysinternals WHOIS
-
Sysinternals WHOIS is probably more well-known just because Sysinternals software has started to be distributed by Microsoft. If the (built-into-Microsoft-Windows) WebDAV client is started, this can be run remotely from the command line, without requiring much effort to try to first download the file.
netstart WebClient\\whoislive.microsoft.com\Tools\\\whoislive.microsoft.com\Tools\example.orgThis may be documented a bit further in the section for WebDAV clients.
The
-accepteulawrites a registry entry, which could also be created with:REGQUERY HKCU\Software\Sysinternals\Whois /v EulaAcceptedREGADD HKCU\Software\Sysinternals\Whois /v EulaAccepted /t REG_DWORD /d 1(If that registry entry doesn't exist, then the software prompts the user.)
NirSoft WhoisThisDomain provides a GUI and supports command line options.
-
LTR Data's
- WHOIS for OS/2
-
If memory is correctly serving this text's author, WHOIS data could be looked up using OS/2, and OS/2 might have even come with a WHOIS client without needing to download the software. (Perhaps that required OS/2 3.0 WARP and the Internet add-on bundled with that operating system.)
- Web pages
- http://whois.icann.org