Re: whois tricks was : whois is what?

["Matthew McGehrin" <mcgehrin () reverse net>]

Sorry my friend :) I think you meant to type -h instead of @ :)

the -h flag works on both Linux and FreeBSD.

I am unsure about Solaris, but using the '@' symbol appears to not be an
option with FreeBSD.

FreeBSD 2.2.8
matthew@host1:/usr/home/matthew> whois -h
usage: whois [-adpr] [-h hostname] name ...


FreeBSD 4.5
matthew@monkey:/usr/home/matthew> whois -h
whois: option requires an argument -- h
usage: whois [-adgimpQrR6] [-c country-code | -h hostname] name ...

-- Matthew


----- Original Message -----
From: "Steve Zenone" <Zenone () cats ucsc edu>
To: <vuln-dev () securityfocus com>
Sent: Wednesday, May 08, 2002 2:31 PM
Subject: RE: whois tricks was : Publishing Nimda Logs


Hello,

Matthew McGehrin wrote:
|On FreeBSD you can use the -a flag with the same results. Linux still uses
|the older format.
|
|i.e.: whois -a 204.70.128.1

The '-a' and '-h' flags do work well. However, the following
syntax appears to be fairly standard between whois versions,
thus eliminating the need to remember which flag to use, and
to also give you the ability to define the whois server you
wish to query:

 % whois 204.70.128.1 () whois arin net

You can substitute 'arin' with 'ripe' or 'apnic', etc (^arin^ripe).
The results will me similar to what Matthew listed within his
previous email.

> From a web perspective, I also like (takes the guess work,
or leg work, out of figuring out if one should be using, ripe,
apnic, etc):

 http://www.geektools.com/cgi-bin/proxy.cgi

Lastly, for helping confirm abuse contacts, abuse.net has a
good database of registered abuse contacts (based upond domain
name) at:

 http://www.abuse.net/lookup.phtml

Hope this helps.

Regards,
Steve