Commands using whois (15)

  • Returns nothing if the domain exists and 'No match for domain.com' otherwise.


    6
    whois domainnametocheck.com | grep match
    Timothee · 2009-08-11 13:33:25 1

  • 4
    ASN=32934; for s in $(whois -H -h riswhois.ripe.net -- -F -K -i $ASN | grep -v "^$" | grep -v "^%" | awk '{ print $2 }' ); do echo " blocking $s"; sudo iptables -A INPUT -s $s -j REJECT &> /dev/null || sudo ip6tables -A INPUT -s $s -j REJECT; done
    koppi · 2016-04-08 11:30:12 0
  • Create a text file called domainlist.txt with a domain per line, then run the command above. All registries are a little different, so play around with the command. Should produce a list of domains and their expirations date. I am responsible for my companies domains and have a dozen or so myself, so this is a quick check if I overlooked any.


    3
    cat domainlist.txt | while read line; do echo -ne $line; whois $line | grep Expiration ; done | sed 's:Expiration Date::'
    netsaint · 2010-05-02 06:49:09 1
  • Useful if you f.i. want to block/allow all connections from a certain provider which uses successive netnames for his ip blocks. In this example I used the german Deutsche Telekom which has DTAG-DIAL followed by a number as netname for the dial in pools. There are - as always ;) - different ways to do this. If you have seq available you can use net=DTAG-DIAL ; for i in `seq 1 30`; do whois -h whois.ripe.net $net$i | grep '^inetnum:' | sed "s;^.*:;$net$i;" ; done or without seq you can use bash brace expansion net=DTAG-DIAL ; for i in {1..30}; do whois -h whois.ripe.net $net$i | grep '^inetnum:' | sed "s;^.*:;$net$i;" ; done or if you like while better than for use something like net=DTAG-DIAL ; i=1 ; while true ; do whois -h whois.ripe.net $net$i | grep '^inetnum:' | sed "s;^.*:;$net$i;" ; test $i = 30 && break ; i=$(expr $i + 1) ; done and so on. Show Sample Output


    2
    net=DTAG-DIAL ; for (( i=1; i<30; i++ )); do whois -h whois.ripe.net $net$i | grep '^inetnum:' | sed "s;^.*:;$net$i;" ; done
    drizzt · 2009-08-01 05:28:19 0
  • Change the $domain variable to whichever domain you wish to query. Works with the majority of whois info; for some that won't, you may have to compromise: domain=google.com; for a in $(whois $domain | grep "Domain servers in listed order:" --after 3 | grep -v "Domain servers in listed order:"); do echo ">>> Nameservers for $domain from $a Note that this doesn't work as well as the first one; if they have more than 3 nameservers, it won't hit them all. As the summary states, this can be useful for making sure the whois nameservers for a domain match the nameserver records (NS records) from the nameservers themselves. Show Sample Output


    2
    domain=google.com; for ns in $(whois $domain | awk -F: '/Name Server/{print $2}'); do echo ">>> Nameservers for $domain from $a <<<"; dig @$ns $domain ns +short; echo; done;
    laebshade · 2011-05-08 04:46:34 0

  • 2
    whois commandlinefu.com | grep -E '^\s{3}'
    ca9lar · 2019-04-09 21:09:30 0

  • 0
    while read line; do pais=$(whois "$line" | grep -E '[Cc]ountry') echo -n "IP=$line Pais=$pais" && echo done <listaip
    pathcl · 2010-10-25 15:39:50 4
  • Nice neat feedback showing contact infomation for as many domains as you wish to feed it. I used a list of domains, each one on a new line as supplied by our registar, as we needed to check they were all upto date and back them up as we are updating them all.


    0
    whois -H $(cat ./list_of_domains) | awk 'BEGIN{RS=""}/Registrant/,/Registration Service Provider:/ {print} END{print "----------------\n"}'
    djsmiley2k · 2011-01-11 12:55:34 0
  • Found on https://bitcointalk.org/index.php?topic=55520.0


    0
    for i in `wget -O url|grep '<a rel="nofollow"'|grep http|sed 's|.*<a rel="nofollow" class="[^"]\+" href="[^"]*https\?://\([^/]\+\)[^"]*">[^<]\+</a>.*|\1|'`;do if test -n "$(whois $i|grep -i godaddy)";then echo $i uses GoDaddy;fi;sleep 20;done
    coinbitsdotcom · 2011-12-24 19:12:18 0

  • 0
    cat domainlist.txt | while read line; do echo -ne $line; whois $line | grep Expiration ; done | sed 's:Expiration Date::'
    jun3337 · 2013-05-13 02:55:17 0
  • Retrieves AS route prefixes for IPv4 and IPv6, aggregates the routes to the minimal set, and adds netfilter rules to reject them. Relies on two helpers: IPv4 - "aggregate" by Joe Abley (package name 'aggregate'), IPv6 - "aggregate6" by Job Snijders ( https://github.com/job/aggregate6 ) Show Sample Output


    0
    ASN=32934; for IP in 4 6; do whois -h riswhois.ripe.net \!${IP/4/g}as${ASN} | sed -n '2 p' | tr \ \\n | aggregate${IP/4/} | while read NET; do ip${IP/4/}tables -I INPUT -S ${NET} -j REJECT; done; done
    iam_TJ · 2016-05-29 09:45:34 0
  • I don't know why you would want to echo "blocking ....", but my alternative is functionally equivalent with the extra echo.


    0
    ASN=32934;whois -H -h riswhois.ripe.net -- -F -K -i $ASN|awk '/^'$ASN'/ {if ($2 ~ /::/) {a="6"} else {a=""};b="sudo ip"a"tables -A INPUT -s "$2" -j REJECT"; print " blocking "$2;system(b)}'
    AndrewM · 2016-07-22 07:48:27 0
  • Outputs multiple whois from a plain text file.


    -2
    for domain in `cat list_of_domains.txt`; do echo $domain; whois $domain >> output.txt; done
    pathcl · 2010-02-15 17:13:45 1
  • This can be used in scripts, to find out the origin of target IP etc. Show Sample Output


    -5
    x=192.168.1.1; whois $x > $x.txt
    sxiii · 2011-01-17 03:33:49 0
  • It would be nice if commandlinefu.com had a better domain name. Will they pick one of the above; We'll see. Show Sample Output


    -11
    whois cmd.fu;whois cmdfu.com|grep -i cmdfu
    axelabs · 2009-02-19 08:57:50 3

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Convert JSON to YAML

HourGlass
Displays an animated hourglass for x amount of seconds

Display unique values of a column
the column number is '6'

Find all videos under current directory using MIME a.k.a not using extension
Videos are found using their MIME type. Thus no need to for an extension for the video file. This is a efficent version of "jnash" cmd (4086). Thanks for jnash. This cmd will only show video files while his cmd show files having "video" anywhere in path.

Randomize lines in a file
shuf is in the coreutils package

dd with progress bar and statistics to gzipped image
This is a useful command to backup an sd card with relative total size for piping to pv with a progressbar

Exclude inserting a table from a sql import
Starting with a large MySQL dump file (*.sql) remove any lines that have inserts for the specified table. Sometimes one or two tables are very large and uneeded, eg. log tables. To exclude multiple tables you can get fancy with sed, or just run the command again on subsequently generated files.

Recursive Ownership Change
Changing files ownership in a directory recursivley from a user to another

Hex math with bc
To do hex to binary: echo 'ibase=16; obase=2; 16*16' | bc # prints: 111100100 To do 16*16 from decimal to hex: echo 'ibase=10; obase=16; 16*16' | bc # prints: 100 You get the idea... Alternatively, run bc in interactive mode (see man page)

Create a file server, listening in port 7000
At client side: tar c myfile | nc localhost 7000 ##Send file myfile to server tar c mydir | nc localhost 7000 ## Send directory mydir to server


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: