RE: whois tricks was : Publishing Nimda Logs

["Steve Zenone" <Zenone () cats ucsc edu>]

Hello,

Matthew McGehrin wrote:
|On FreeBSD you can use the -a flag with the same results. Linux still uses
|the older format.
|
|i.e.: whois -a 204.70.128.1

The '-a' and '-h' flags do work well. However, the following 
syntax appears to be fairly standard between whois versions, 
thus eliminating the need to remember which flag to use, and 
to also give you the ability to define the whois server you 
wish to query:

 % whois 204.70.128.1 () whois arin net

You can substitute 'arin' with 'ripe' or 'apnic', etc (^arin^ripe).
The results will me similar to what Matthew listed within his
previous email.

> From a web perspective, I also like (takes the guess work, 
or leg work, out of figuring out if one should be using, ripe, 
apnic, etc):

 http://www.geektools.com/cgi-bin/proxy.cgi

Lastly, for helping confirm abuse contacts, abuse.net has a 
good database of registered abuse contacts (based upond domain 
name) at:

 http://www.abuse.net/lookup.phtml

Hope this helps.

Regards,
Steve