home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  


TCP/IP Network Administration

TCP/IP Network AdministrationSearch this book
Previous: 13.5 Mailing Lists Chapter 13
Internet Information Resources
Next: 13.7 Summary
 

13.6 The White Pages

archie helps you locate important programs. The Web helps you retrieve important documents. whois helps you locate important people. One of the most important pieces of information in a network is who is in charge at the other end. In Chapter 11, Troubleshooting TCP/IP , we pointed out that it is important to know who is responsible for the other end of the link when troubleshooting a network problem. whois is a tool that helps you find this out.

whois obtains the requested information from the Internet white pages. The white pages is a database of information about responsible people that is maintained by the InterNIC. When you request an official network number or domain name, you are asked to provide your NIC handle , which is the index of your personal record in the white pages database. If you don't have a handle, the InterNIC assigns you one and automatically registers you in the white pages. Because of this, everyone who is responsible for an official network or domain has an entry in the white pages, and that entry can be retrieved by anyone who needs to contact them.

Many UNIX systems provide a whois command to query the InterNIC white pages. The general form of this command is:

% 

whois

 [

-h 



server

] 

name

The name field is the information to be searched for in the white pages database. The server field is the name of a system containing the white pages. Use rs.internic.net to locate responsible people, which is the default on most systems.

In the following example, we search for an entry for Craig Hunt . An individual's name is entered in the white pages as: last-name, first-name initial . So we ask to search for Hunt, Craig . [5]

[5] whois hunt would return several matches. Be as specific as possible to reduce the number of matches.

% 

whois 'Hunt, Craig'


[rs.internic.net]
Hunt, Craig (CH999)   info@foo.bar      +1 (123) 555 6789
Hunt, Craig W. (CWH3) Hunt@ENH.NIST.GOV    (301) 975-3827

To single out one record, look it up with "!xxx", where xxx is the
handle, shown in parenthesis following the name, which comes first.

The InterNIC Registration Services Host contains ONLY Internet
Information (Networks, ASN's, Domains, and POC's).
Please use the whois server at nic.ddn.mil for MILNET Information.

If multiple matches are returned, as in this case, follow with a query for the individual's NIC handle to get the full information display. To query for the NIC handle, which is the field enclosed in parentheses directly following the username, simply enter the handle on the whois command line. The message at the end of the sample output implies that handles are entered as !xxx. This is not true. The UNIX whois command does not require the ! syntax. For example, to get more details about CWH3, enter:

% 

 whois cwh3


[rs.internic.net]
Hunt, Craig W. (CWH3)          Hunt@ENH.NIST.GOV
  National Institute of Standards and Technology
  Computer Systems and Communications Division
  Technology Building, Room A151
  Gaithersburg, MD 20899
  (301) 975-3827 (FTS) 879-3827

  Record last updated on 03-Dec-90.
  Database last updated on 15-Jul-97 04:35:06.

User information is generally only useful if you know exactly who you want to send email to and you don't know his or her address. The white pages database contains several other kinds of records, a few of which are very helpful for locating the people responsible for networks, domains, and hosts throughout the Internet. These record types are:

Domain

Provides detailed contact information for the people responsible for the specified domain.

Network

Provides detailed information for the contacts for the specified network.

Host

Provides general information about the specified host. This record type is not as useful as the others.

These record types can be used in the whois query to speed processing and limit the amount of output. All of the record types shown above can be abbreviated to their first two letters.

A sample query for the domain ora.com produces the following results:

% 

whois 'do ora.com'


O'Reilly & Associates (ORA-DOM1)
   101 Morris Street
   Sebastopol, CA 95472

   Domain Name: ORA.COM

   Administrative Contact, Technical Contact, Zone Contact:
      Pearce, Eric  (EP86)  eap@ORA.COM
      707-829-0515 x221
   Billing Contact:
      Johnston, Rick  (RJ724)  rick@ORA.COM
      707-829-0515 x331

   Record last updated on 28-Jan-97.
   Record created on 14-Jun-89.
   Database last updated on 15-Jul-97 04:35:06 EDT.

   Domain servers in listed order:

   NS.ORA.COM                   207.25.97.8
   NS.SONGLINE.COM              204.148.41.1

The query displays the name, address, and telephone number of the contacts for the domain, as well as a list of hosts providing authoritative name service for the domain.

To query the host record for a specific host, in this case one of the name servers listed above, simply query the desired hostname. For example, to find out more about ns.songline.com , enter:

% 

whois 'host ns.songline.com'


[No name] (NS2441-HST)

   Hostname: NS.SONGLINE.COM
   Address: 204.148.41.1
   System: Sun Sparc20 running Solaris 2.4

   Record last updated on 21-Aug-95.
   Database last updated on 15-Jul-97 04:35:06 EDT.

This query displays the hostname, IP address, and the system type: essentially the same information we could get from DNS.

A much more interesting query is for the point of contact for a specific network. To find out, enter a whois query with the network number. In our example, the IP address of one of the servers is 207.25.97.8. This is a class C address, so the network number is 207.25.97.0. The query is constructed as shown in the example below:

% 

whois 'net 207.25.97.0'


ANS CO+RE Systems, Inc. (NETBLK-ANS-C-BLOCK4)
   100 Clearbrook Rd
   Elmsford, NY 10523

   Netname: ANS-C-BLOCK4
   Netblock: 207.24.0.0 - 207.27.255.255
   Maintainer: ANS

   Coordinator:
      Vaidya, Vijay  (VV38)  vijay@ANS.NET
      914-789-5360
   Alternate Contact:
      ANS Hostmaster  (AH-ORG)  hostmaster@ANS.NET
      (800)456-6300  fax: (914)789-5310


   Domain System inverse mapping provided by:

   NS.ANS.NET                   192.103.63.100
   NIS.ANS.NET                  147.225.1.2

   Record last updated on 02-Sep-96.
   Database last updated on 15-Jul-97 04:35:06 EDT.

This query could also be done by network name, ANS-C-BLOCK4 in our example, but frequently you won't know the network name until you get the response from your query. In addition to the network name and number, this query tells you who is responsible for this network, and what name servers provide in-addr.arpa domain service for this network.

With the information from these queries, we could contact the domain administrator and the network administrator. From these key contacts, we could learn about the administrators of individual systems in their domain or on their network. This information could put us directly in touch with the other system administrator we need to talk to when debugging a network problem.

Not all systems have a local whois command. If your system doesn't, telnet to rs.internic.net and enter whois at the command-line prompt. You'll then be prompted with Whois: . At this prompt enter any name you wish to search for, or enter help for more information.