Re: Lookup of IP Address

["R. DuFresne" <dufresne () sysinfo com>]

On Tue, 22 May 2001, Martin wrote:

> > Is there publicly available a means of looking up an IP address - e.g. it's
> > ISP or DNS?
>
> first, try to find out if a reverse lookup returns anything...
>
> nslookup 111.222.111.222
>
> if that doesn't return anything, you will then need to look for the netblock
> owner. plug the IP into the whois search engines at these three sites:
>
> www.apnic.net - Asia Pacific NIC
> www.ripe.net - Europe NIC
> www.arin.net - American NIC
>
> this will show who has leased that range of IPs, but be aware that they may
> have subleased them to someone else.

Save yourself the work, let the system do the walking, create this little
diddy:

#!/bin/sh
whois $1 () whois thur de

<you solaris folks will need to modify the whois command line to suit your
needs>

I named it fullwho, and then when seeking info that nslookup does not find
quickly, use this little tools to gleen info on the IP/netblocks in
question.  Polls all the other whois engine for you, the folks at thur.de
did a great job with this, my thanks to the folks working on it.

There are, if I recall, a few other engine like this, use those as they
become identified, and they should as this thread progresses, if this one
suits not your particular taste.

Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  darkstar.sysinfo.com
                  http://darkstar.sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards