Librería Portfolio

Discusses the evolution of WHOIS and how policy changes will affect WHOIS' place in IT today and in the future

This book provides a comprehensive overview of WHOIS. The text begins with an introduction to WHOIS and an in-depth coverage of its forty-year history. Afterwards it examines how to use WHOIS and how WHOIS fits in the overall structure of the Domain Name System (DNS). Other technical topics covered include WHOIS query code and WHOIS server details. The book also discusses current policy developments and implementations, reviews critical policy documents, and explains how they will affect the future of the Internet and WHOIS. Additional resources and content updates will be provided through a supplementary website.


Includes an appendix with information on current and authoritative WHOIS services around the world
Provides illustrations of actual WHOIS records and screenshots of web-based WHOIS query interfaces with instructions for navigating them
Explains network dependencies and processes related to WHOIS utilizing flowcharts
Contains advanced coding for programmers
Visit the book´s companion website http://whois.knujon.com for technical and policy documents concerning WHOIS, WHOIS code examples, internet locations for WHOIS databases and more.

WHOIS Running the Internet: Protocol, Policy, and Privacy is written primarily for internet developers, policy developers, industry professionals in law enforcement, digital forensic investigators, and intellectual property attorneys.

Garth O. Bruen is an Internet policy and security researcher whose work has been published in the Wall Street Journal and the Washington Post. Since 2012 Garth Bruen has served as the North American At-Large Chair to the Internet Corporation of Assigned Names and Numbers (ICANN). In 2003 Bruen created KnujOn.com with his late father, Dr. Robert Bruen, to process and investigate Internet abuse complaints (SPAM) from consumers. Bruen has trained and advised law enforcement at the federal and local levels on malicious use of the Domain Name System in the way it relates to the WHOIS record system. He has presented multiple times to the High Technology Crime Investigation Association (HTCIA) as well as other cybercrime venues including the Anti-Phishing Working Group (APWG) and the National Center for Justice and the Rule of Law at The University of Mississippi School of Law. Bruen also teaches the Fisher College Criminal Justice School in Boston where he develops new approaches to digital crime.



Table of Contents

Introduction: What Is WHOIS? 1

I.1 Conventions Used in this Text 4

I.2 Flow of this Text 5

I.3 WHOIS from versus WHOIS about 5

I.4 Origin of the Term WHOIS 6

I.5 Why WHOIS Is Important (or Should Be) to Everyone 7

I.6 What Kind of Use and Contact Is Permitted for WHOIS 7

I.7 Where Is the WHOIS Data? 8

I.8 Identifying Remote Communication Sources 8

I.9 Getting Documentation 11

1 The History of Whois 13

1.1 In the Beginning 13

1.2 The Sands of Time 14

1.2.1 Seals 15

1.2.2 From Signal Fires on the Great Wall to Telegraphy 15

1.2.3 The Eye of Horus 17

1.3 1950s: On the Wires and in the Air 18

1.3.1 Sputnik Changes Everything 18

1.3.2 Telegraphs, Radio, Teletype, and Telephones 19

1.3.3 WRU: The First WHOIS 20

1.4 1960s: Sparking the Internet to Life 26

1.4.1 SRI, SAIL, and ITS 26

1.4.2 Doug Engelbart: The Father of Office Automation 27

1.5 1970s: Ok, Now That We Have an Internet, How Do We Keep Track of Everyone? 27

1.5.1 Elizabeth "Jakeö Feinler 27

1.5.2 The ARPANET Directory as Proto ]WHOIS 27

1.5.3 The Site Status List 28

1.5.4 Distribution of the HOSTS Table 30

1.5.5 Finger 30

1.5.6 Sockets 31

1.5.7 Into the VOID with NLS IDENTFILE 32

1.5.8 N AME/FINGER RFC 742 (1977) 33

1.5.9 Other Early Models 35

1.6 1980s: WHOIS Gets Its Own RFC 36

1.6.1 The DNS 37

1.6.2 WHOIS Updated for Domains (1985) 38

1.6.3 Oops! The Internet Goes Public 39

1.7 1990s: The Internet as We Know It Emerges 40

1.7.1 Referral WHOIS or RWhois RFC 1714 (1994) 41

1.7.2 WHOIS++ RFCs 1834 and 1835 (1995) 41

1.7.3 ICANN Takes over WHOIS (1998) 42

1.8 2000s: WHOIS Standards 42

1.8.1 ICANN's Registrar Accreditation Agreement and WHOIS (2001) 43

1.8.2 WHOIS Protocol Specification 2004 RFC 3912 (2004) 43

1.8.3 Creaking of Politics 44

References 45

2 Using Whois 47

2.1 Domain WHOIS Data 48

2.1.1 Record Terminology 48

2.2 Domain WHOIS Fields 52

2.2.1 Status 54

2.2.2 Registrar 54

2.2.3 Nameservers 55

2.2.4 Registrant, Administrative, Technical, and Billing 56

2.2.5 Names and Organizations 56

2.2.6 Emails 57

2.2.7 Addresses 58

2.2.8 Phone Numbers 58

2.2.9 Record Dates 59

2.2.10 DNSSEC 59

2.2.11 Other Information 60

2.3 Getting Records about Various Resources 60

2.3.1 Starting at the Top: The Empty Domain 60

2.3.2 Query WHOIS for a TLD as a Domain 61

2.3.3 WHOIS for A Registrar or Registry 62

2.3.4 Nameservers 63

2.3.5 Registrar and Registry 64

2.3.6 Special Cases 65

2.3.7 Dealing with Weird Results 73

2.4 IP WHOIS 74

2.4.1 Five Regional NICs 75

2.4.2 CIDR and ASN 80

2.4.3 IPv4 and IPv6 81

2.5 ccTLDs and IDNs 82

2.5.1 ccTLDs 82

2.5.2 IDNs 84

2.5.3 Language versus Script 85

2.5.4 ASCII 85

2.5.5 Unicode 86

2.5.6 Getting WHOIS Records for IDNs 87

2.6 WHOIS Services 87

2.6.1 Port 43 Command Line or Terminal 88

2.6.2 Clients 89

2.6.3 Representational State Transfer (RESTFul) WHOIS 97

2.6.4 Web ]Based WHOIS 97

2.6.5 Telnet to WHOIS Server 99

2.6.6 More Services, Software, and Packages 100

2.6.7 WHOIS Functions, Switches, and Tricks 102

2.6.8 Obscure, Archaic, and Obsolete WHOIS Services 104

References 105

3 Research and Investigations 107

3.1 Completely Disassembling a WHOIS Record 108

3.1.1 A Normal, Safe Domain: cnn.com 108

3.1.2 Deconstructing the WHOIS for a Spammed Domain 116

3.1.3 Illicit Domain WHOIS 120

3.1.4 Virus Domain WHOIS 121

3.1.5 Tracking Cybersquatters and Serial Trademark Violators 123

3.1.6 N etwork Security Administrator Issues 124

3.1.7 Protecting Your Domain with Accurate WHOIS 125

3.2 More Tools 126

3.2.1 Ping 126

3.2.2 Traceroute 126

3.2.3 Secondary Sources, Historical Data, and Additional Tools 126

References 129

4 Whois in the Domain Name System (Dns) 131

4.1 The Big Mistake 131

4.2 Basics of the DNS 133

4.2.1 TCP/IP, Layers, and Resolvers 133

4.2.2 How a Domain Becomes a Website 134

4.2.3 WHOIS Pervades the DNS 134

4.2.4 ICANN, IANA, Registries, and Registrars 135

4.2.5 .ARPA: Special Architectural TLD 138

4.2.6 Setting the Example with Reserved Domains 139

4.2.7 DNS RFCs 882, 883, 1033, and 1034 140

4.3 DNS RR 141

4.3.1 Berkeley Internet Name Domain 141

4.3.2 Shared WHOIS Project 141

4.3.3 Using the DiG 142

4.3.4 Graphic DNS Software