In Linux there are numerous commands, each with a specific functionality, one of these commands is whois, which serves as a client for the WHOIS directory service . The WHOIS system is a consultation and response protocol thanks to which it is possible to consult databases where registered users who are in an Internet resource are stored, this can be a domain name or an IP address, but logically we can use whois for more advanced management topics.
ICANN (Internet Corporation for Assigned Names and Numbers) is responsible for regulating the registrations and ownership of existing domain names on the network, but there are many registries that are controlled by the organizations themselves.
Terms of Service
When using the whois command we must take into account the following terms:
- Registry: refers to the company that manages the list where a set of domain names is hosted
- Registrant: is the legal owner of the domain
- Register: makes use of a registrar to register
When we access the details with whois, we will have access to the contact information associated with the person or company that registered the domain name on the network, that is why when using whois we access details such as:
- The name and contact information of the registrant
- The name and contact information of the registrar
- Last update of the registry
- Registration expiration date
The whois usage syntax is as follows:
whois [-h HOST] [-p PORT] [-aCFHlLMmrRSVx] [-g RESOURCE: LINE] [-i ATTR] [-S RESOURCE] [-T TYPE] object
TechnoWikis will explain how to install and use whois in Linux, for this case we will use Ubuntu 20.04.
To stay up to date, remember to subscribe to our YouTube channel! SUBSCRIBE
1. Install Whois on Linux
We can use any of the following commands to install whois:
On Ubuntu or Debian: sudo apt install whois On Fedora or CentOS: sudo dnf install whois In Manjaro: sudo pacman -Syu whois
2. How to use Whois in Linux
It is possible to use the whois command with either domain names or IP addresses, for example, we enter the following:
We press Enter and as a result we will obtain the following. We can see all the details of the records as we have explained above.
The Internet Assigned Numbers Authority (IANA) has the task of managing, supervising and controlling the zones of the top-level Domain Name System, the IP protocol addressing systems and the list of registries, in this case that registry is the number 379 located in the line "Register IANA ID".
The “Domain Status” lines indicate the current status of the domain and it is possible to see additional lines such as:
- clientTransferProhibited: refers to the domain registry which will reject requests in order to transfer the domain from the current registrar to another.
- serverDeleteProhibited - Indicates that the domain cannot be deleted.
- serverTransferProhibited: The domain does not allow to be transferred to another registrar.
- serverUpdateProhibited: domain cannot be updated
At the bottom of the summary we see additional details:
Some of the whois usage parameters are:
-h HOST: Establish a connection to the WHOIS database host.
-H: Suppresses the display of legal waivers
-p PORT: allows us to connect to the PORT network port.
--verbose: full details
--help: display whois help
3. How to use Whois with an IP in Linux
Whois gives us the ability to manage the records of a particular IP address, for this we enter the following:
In the first part of the summary we find details of the organization that owns the entered IP address, in the second section we find the address and name of the registrant and in the other sections we can see parameters on the operation of the network, traffic routing and more values available.
Based on the type of organization the record will be obtained, for example, if we use Google's public DNS address (18.104.22.168) we will see this:
We have seen how this command is of great help to view the records of a domain on the network in detail.