Whois
Un article de Backtrack-fr.
Sommaire |
[modifier] Introduction
Lors d'un audit la premiere chose à faire est la recolte d'information aussi bien humaine que technique, en l'occurence WHOIS permet de recuperer ces 2 types d'informations et principalement des informations concernant le possesseur du nom de domaine.
Premiers pas vers la collecte d'information. Le whois est incontournable. Il interroge les serveurs publics dédiés aux renseignements de nom de domaine et ip. Il affichera les informations de son propriétaire(si présentes).
Le site officiel pour les whois sur les domaines en .fr
* http://www.afnic.fr/outils/whois/
[modifier] Usage
whois [OPTION]... OBJECT...
[modifier] Options
-l one level less specific lookup [RPSL only]
-L find all Less specific matches
-m find first level more specific matches
-M find all More specific matches
-c find the smallest match containing a mnt-irt attribute
-x exact match [RPSL only]
-d return DNS reverse delegation objects too [RPSL only]
-i ATTR[,ATTR]... do an inverse lookup for specified ATTRibutes
-T TYPE[,TYPE]... only look for objects of TYPE
-K only primary keys are returned [RPSL only]
-r turn off recursive lookups for contact information
-R force to show local copy of the domain object even
if it contains referral
-a search all databases
-s SOURCE[,SOURCE]... search the database from SOURCE
-g SOURCE:FIRST-LAST find updates from SOURCE from serial FIRST to LAST
-t TYPE request template for object of TYPE ('all' for a list)
-v TYPE request verbose template for object of TYPE
-q [version|sources|types] query specified server info [RPSL only]
-F fast raw output (implies -r)
-h HOST spécifier l'host du serveur
-p PORT spécifier le port du serveur
-H masque les informations relatives aux législations
--verbose mode bavardage
--help affiche ce menu d'aide et quitte
--version affiche les informations de version et quitte
[modifier] Exemple
bt ~ # whois -a free.fr %% %% This is the AFNIC Whois server [bonnie.nic.fr]. %% %% Rights restricted by copyright. %% See http://www.afnic.fr/afnic/web/legal %% %% Use '-h' option to obtain more information about this service. %% %% [::ffff:88.168.0.191 REQUEST] >> -V Md4.7 -a free.fr %% domain: free.fr address: Proxad address: 8, rue ville l'Eveque address: 75008 Paris address: FR admin-c: ACP23-FRNIC tech-c: TCP8-FRNIC zone-c: NFC1-FRNIC nserver: freens1-g20.free.fr 212.27.60.19 nserver: freens2-g20.free.fr 212.27.60.20 mnt-by: FR-NIC-MNT mnt-lower: FR-NIC-MNT changed: nic@nic.fr 20060327 source: FRNIC role: Administrative Contact for ProXad address: Free SAS / ProXad address: 8, rue de la ville l'Eveque address: 75008 Paris address: FR phone: +33 1 73 50 20 00 fax-no: +33 1 73 50 25 01 e-mail: hostmaster@proxad.net trouble: Information: http://www.proxad.net/ trouble: Spam/Abuse requests: mailto:abuse@proxad.net admin-c: RA999-FRNIC tech-c: NH1184-FRNIC nic-hdl: ACP23-FRNIC notify: ripe-notify@proxad.net mnt-by: PROXAD-MNT changed: nhyvernat+ripe@corp.free.fr 20040217 source: FRNIC role: Technical Contact for ProXad address: Free SAS / ProXad address: 8, rue de la ville l'Eveque address: 75008 Paris address: FR phone: +33 1 73 50 20 00 fax-no: +33 1 73 50 25 01 e-mail: hostmaster@proxad.net trouble: Information: http://www.proxad.net/ trouble: Spam/Abuse requests: mailto:abuse@proxad.net admin-c: RA999-FRNIC tech-c: NH1184-FRNIC nic-hdl: TCP8-FRNIC notify: ripe-notify@proxad.net mnt-by: PROXAD-MNT changed: nhyvernat+ripe@corp.free.fr 20040217 source: FRNIC role: NIC France Contact address: Afnic address: immeuble international address: 2, rue Stephenson address: Montigny-Le-Bretonneux address: 78181 Saint Quentin en Yvelines Cedex address: FR phone: +33 1 39 30 83 00 e-mail: hostmaster@nic.fr admin-c: NFC1-FRNIC tech-c: PL12-FRNIC tech-c: JP-FRNIC tech-c: MS1887-FRNIC tech-c: VL-FRNIC tech-c: PR1249-FRNIC tech-c: PV827-FRNIC tech-c: GO661-FRNIC tech-c: MS-FRNIC tech-c: AI1-FRNIC nic-hdl: NFC1-FRNIC mnt-by: FR-NIC-MNT changed: tech@nic.fr 20011025 changed: tech@nic.fr 20020711 changed: sylvie.lacep@afnic.fr 20040805 changed: hostmaster@nic.fr 20041207 changed: hostmaster@nic.fr 20050823 source: FRNIC
