A whois lookup will tell you a lot of information about who owns an internet domain. On Linux, you can run whois lookups from the command line. We’ll walk you through it.

Whois查询将告诉您许多有关谁拥有互联网域的信息。 在Linux上，您可以从命令行运行whois查找。 我们将引导您完成整个过程。

Whois系统 (The whois System)

The whois system is a listing of records that contains details about both the ownership of domains and the owners. The  (ICANN) regulates domain name registration and ownership, but the list of records is held by many companies, known as registries.

whois系统是记录列表，其中包含有关域所有权和所有者的详细信息。 地址 (ICANN)监管域名的注册和所有权，但是记录列表由许多公司(称为注册管理机构)持有。

Anyone can query the list of records. When you do, one of the registries will handle your request and send you details from the appropriate whois record.

任何人都可以查询记录列表。 完成后，其中一个注册管理机构将处理您的请求，并从适当的whois记录向您发送详细信息。

Before we go any further, it’s important that you’re familiar with the following terms:

在继续进行之前，请务必熟悉以下术语：

• Registry: A company that manages a list containing a set of domain names (there are many of these).

  注册表：一家管理包含一组域名(很多域名)的列表的公司。

• Registrant: The legal owner of the domain; it’s registered to this person.

  注册人：域名的合法所有者； 它已注册到此人。

• Registrar: A registrant uses a registrar to make his or her registration.

  注册服务商：注册人使用注册服务商进行注册。

A whois record contains all the contact information associated with the person, company, or other entity that registered the domain name. Some registrations contain more information than others, and some registries return differing amounts of information.

Whois记录包含与注册域名的个人，公司或其他实体相关联的所有联系信息。 一些注册所包含的信息比其他注册所包含的信息更多，而某些注册所返回的信息量却不同。

A typical whois record will contain the following information:

典型的whois记录将包含以下信息：

• The name and contact information of the registrant: The owner of the domain.

  注册人的姓名和联系信息：域的所有者。

• The name and contact information of the registrar: The organization that registered the domain name.

  注册商的名称和联系信息：注册域名的组织。

• The registration date.

  注册日期。

• When the information was last updated.

  信息的最新更新时间。

• The expiration date.

  到期日期。

You can make whois requests on the web, but, with the Linux whois command, you can perform lookups right from the command line. This is useful if you need to perform a lookup from a computer without a graphical user interface, or if you want to do so from a shell script.

您可以在网络上发出whois请求，但是使用Linux whois命令，您可以直接从命令行执行查找。 如果您需要从没有图形用户界面的计算机上执行查找，或者想要从Shell脚本中执行查找，这将非常有用。

安装Whois (Installing whois)

The whois command was already installed on Ubuntu 20.04. If you need to install it on your version of Ubuntu, you can do so with the following command:

在Ubuntu 20.04上已经安装了whois命令。 如果需要在Ubuntu版本上安装它，可以使用以下命令进行安装：

sudo apt-get install whois

On Fedora, use the command below:

在Fedora上，使用以下命令：

sudo dnf install whois

And finally, on Manjaro, type the following:

最后，在Manjaro上，键入以下内容：

sudo pacman -Syu whois

将Whois与域名一起使用 (Using whois with a Domain Name)

You can use the whois command with domain names or  (IP) addresses. A slightly different set of information is returned for each of these.

您可以将whois命令与域名或 (IP)地址一起使用。 对于这些信息，返回的信息集略有不同。

We’ll use a domain name for our first example:

我们将在第一个示例中使用域名：

whois cnn.com

The response from the whois registry starts with a summary, and then repeats itself with extra information included. We’ve included an example below with trademark statements and terms of use removed:

Whois注册表的响应以摘要开头，然后重复其自身并包含额外的信息。 我们在下面提供了一个示例，其中删除了商标声明和使用条款：

Domain Name: CNN.COMRegistry Domain ID: 3269879_DOMAIN_COM-VRSNRegistrar WHOIS Server: whois.corporatedomains.comRegistrar URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.htmlUpdated Date: 2018-04-10T16:43:38ZCreation Date: 1993-09-22T04:00:00ZRegistry Expiry Date: 2026-09-21T04:00:00ZRegistrar: CSC Corporate Domains, Inc.Registrar IANA ID: 299Registrar Abuse Contact Email: domainabuse@cscglobal.comRegistrar Abuse Contact Phone: 8887802723Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibitedDomain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibitedDomain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibitedDomain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibitedName Server: NS-1086.AWSDNS-07.ORGName Server: NS-1630.AWSDNS-11.CO.UKName Server: NS-47.AWSDNS-05.COMName Server: NS-576.AWSDNS-08.NETDNSSEC: unsigned

This is reasonably self-explanatory. We see various details about the registrar and registry, including contact details, registration dates, and so on. There are a few entries in the list that you might not recognize.

这是不言而喻的。 我们会看到有关注册商和注册管理机构的各种详细信息，包括联系方式，注册日期等。 列表中有一些您可能无法识别的条目。

The  (IANA) oversees and coordinates things like top-level zones, addressing systems, and the . This registry is number 299, which is indicated in the listing as “IANA ID: 299.”

(IANA)负责监督和协调顶级区域， 寻址系统以及 。 该注册表为299，在清单中以“ IANA ID：299”表示。

The “domain status” lines show the state in which the domain is, and it can be in several simultaneously. The states are defined in the . Some of these are rarely seen, and others are restricted to certain situations, such as legal disputes.

“域状态”行显示了域所在的状态，并且可以同时处于多个域中。 状态在中定义。 其中一些很少见，而另一些则仅限于某些情况，例如法律纠纷。

The following states are attached to this registration:

此注册附加以下状态：

• clientTransferProhibited: The domain’s registry will reject requests to transfer the domain from the current registrar to another.

  clientTransferProhibited：域的注册表将拒绝将域从当前注册器转移到另一个注册器的请求。

• serverDeleteProhibited: The domain cannot be deleted.

  serverDeleteProhibited：无法删除该域。

• serverTransferProhibited: The domain cannot be transferred to another registrar.

  serverTransferProhibited：无法将域转移到另一个注册商。

• serverUpdateProhibited: The domain cannot be updated

  serverUpdateProhibited：无法更新域

The last three are usually enabled at the registrant’s request, or if a legal dispute is in progress. In this case, CNN probably requested these to be enforced to “lock down” the company’s domain.

通常，后三者应注册人的要求启用，或者如果发生法律纠纷。 在这种情况下，CNN可能要求强制执行这些操作以“锁定”公司的域名。

“!DNSSEC” stands for , a scheme that allows a DNS name resolver to cryptographically check that the data it received from the DNS zone is valid and hasn’t been tampered with.

“！DNSSEC”代表“ ，该方案允许DNS名称解析器以密码方式检查从DNS区域接收到的数据是否有效且未被篡改。

The longer part of the response is shown below:

响应的较长部分如下所示：

Domain Name: cnn.comRegistry Domain ID: 3269879_DOMAIN_COM-VRSNRegistrar WHOIS Server: whois.corporatedomains.comRegistrar URL: www.cscprotectsbrands.comUpdated Date: 2018-04-10T16:43:38ZCreation Date: 1993-09-22T04:00:00ZRegistrar Registration Expiration Date: 2026-09-21T04:00:00ZRegistrar: CSC CORPORATE DOMAINS, INC.Registrar IANA ID: 299Registrar Abuse Contact Email: domainabuse@cscglobal.comRegistrar Abuse Contact Phone: +1.8887802723Domain Status: clientTransferProhibited http://www.icann.org/epp#clientTransferProhibitedDomain Status: serverDeleteProhibited http://www.icann.org/epp#serverDeleteProhibitedDomain Status: serverTransferProhibited http://www.icann.org/epp#serverTransferProhibitedDomain Status: serverUpdateProhibited http://www.icann.org/epp#serverUpdateProhibitedRegistry Registrant ID:Registrant Name: Domain Name ManagerRegistrant Organization: Turner Broadcasting System, Inc.Registrant Street: One CNN CenterRegistrant City: AtlantaRegistrant State/Province: GARegistrant Postal Code: 30303Registrant Country: USRegistrant Phone: +1.4048275000Registrant Phone Ext:Registrant Fax: +1.4048271995Registrant Fax Ext:Registrant Email: tmgroup@turner.comRegistry Admin ID:Admin Name: Domain Name ManagerAdmin Organization: Turner Broadcasting System, Inc.Admin Street: One CNN CenterAdmin City: AtlantaAdmin State/Province: GAAdmin Postal Code: 30303Admin Country: USAdmin Phone: +1.4048275000Admin Phone Ext:Admin Fax: +1.4048271995Admin Fax Ext:Admin Email: tmgroup@turner.comRegistry Tech ID:Tech Name: TBS Server OperationsTech Organization: Turner Broadcasting System, Inc.Tech Street: One CNN CenterTech City: AtlantaTech State/Province: GATech Postal Code: 30303Tech Country: USTech Phone: +1.4048275000Tech Phone Ext:Tech Fax: +1.4048271593Tech Fax Ext:Tech Email: hostmaster@turner.comName Server: ns-576.awsdns-08.netName Server: ns-1086.awsdns-07.orgName Server: ns-47.awsdns-05.comName Server: ns-1630.awsdns-11.co.ukDNSSEC: unsigned

This gives us more or less the same information as the summary, with extra sections about the registrant and their contact details for administrative and technical purposes.

这为我们提供了与摘要大致相同的信息，并为管理和技术目的提供了有关注册人及其联系方式的更多内容。

The registrant name is given as “Domain Name Manager.” Sometimes, for a fee, companies choose to let their registrar register the domain on their behalf under a generic name the registrar maintains for this purpose. That appears to be the case here. However, as the address of the registrant is “1 CCN Center,” it’s obvious who the registrant is.

注册者名称为“域名管理器”。 有时，公司会收费(选择收费)，让其注册服务商以其通常所使用的通用名称代表其注册域名。 这里似乎是这种情况。 但是，由于注册人的地址是“ 1 CCN中心”，因此显然是谁。

通过IP地址使用Whois (Using whois with an IP Address)

Using whois with an IP address is just as simple as using it with a domain name. Just specify an IP address after whois, like so:

使用whois和IP地址就像使用whois一样简单。 只需在whois之后指定一个IP地址，如下所示：

whois 205.251.242.103

This is the output returned by whois:

这是whois返回的输出：

NetRange: 205.251.192.0 - 205.251.255.255CIDR: 205.251.192.0/18NetName: AMAZON-05NetHandle: NET-205-251-192-0-1Parent: NET205 (NET-205-0-0-0-0)NetType: Direct AllocationOriginAS: AS16509, AS39111, AS7224Organization: Amazon.com, Inc. (AMAZON-4)RegDate: 2010-08-27Updated: 2015-09-24Ref: https://rdap.arin.net/registry/ip/205.251.192.0OrgName: Amazon.com, Inc.OrgId: AMAZON-4Address: 1918 8th AveCity: SEATTLEStateProv: WAPostalCode: 98101-1244Country: USRegDate: 1995-01-23Updated: 2020-03-31Ref: https://rdap.arin.net/registry/entity/AMAZON-4OrgAbuseHandle: AEA8-ARINOrgAbuseName: Amazon EC2 AbuseOrgAbusePhone: +1-206-266-4064 OrgAbuseEmail: abuse@amazonaws.comOrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARINOrgNOCHandle: AANO1-ARINOrgNOCName: Amazon AWS Network OperationsOrgNOCPhone: +1-206-266-4064 OrgNOCEmail: amzn-noc-contact@amazon.comOrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARINOrgRoutingHandle: ADR29-ARINOrgRoutingName: AWS Dogfish RoutingOrgRoutingPhone: +1-206-266-4064 OrgRoutingEmail: aws-dogfish-routing-poc@amazon.comOrgRoutingRef: https://rdap.arin.net/registry/entity/ADR29-ARINOrgRoutingHandle: IPROU3-ARINOrgRoutingName: IP RoutingOrgRoutingPhone: +1-206-266-4064 OrgRoutingEmail: aws-routing-poc@amazon.comOrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARINOrgTechHandle: ANO24-ARINOrgTechName: Amazon EC2 Network OperationsOrgTechPhone: +1-206-266-4064 OrgTechEmail: amzn-noc-contact@amazon.comOrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARINRTechHandle: ROLEA19-ARINRTechName: Role AccountRTechPhone: +1-206-266-4064 RTechEmail: ipmanagement@amazon.comRTechRef: https://rdap.arin.net/registry/entity/ROLEA19-ARINRAbuseHandle: ROLEA19-ARINRAbuseName: Role AccountRAbusePhone: +1-206-266-4064 RAbuseEmail: ipmanagement@amazon.comRAbuseRef: https://rdap.arin.net/registry/entity/ROLEA19-ARINRNOCHandle: ROLEA19-ARINRNOCName: Role AccountRNOCPhone: +1-206-266-4064 RNOCEmail: ipmanagement@amazon.comRNOCRef: https://rdap.arin.net/registry/entity/ROLEA19-ARIN

The first section contains information regarding the organization that owns the IP address we searched for (in this case, one of many owned by Amazon). We’re also given some identifiers used to identify Amazon.com, Inc. internally by the registry.

第一部分包含有关拥有我们搜索的IP地址的组织的信息(在这种情况下，这是Amazon拥有的许多地址之一)。 我们还为注册表提供了一些用于内部识别Amazon.com，Inc.的标识符。

The second section contains the address and name of the registrant, Amazon.com, Inc. The web address in the “Ref:” field contains this information in (JSON) format.

第二部分包含注册人Amazon.com，Inc.的地址和名称。“ Ref：”字段中的网址包含 (JSON)格式的此信息。

The other sections contain contact information that allows you to report issues regarding abuse, network operation, traffic routing, and so on.

其他部分包含联系信息，使您可以报告有关滥用，网络操作，流量路由等的问题。

在脚本中使用Whois (Using whois in a Script)

To use whois in a script, let’s assume we have a set of domains for which we need to check the expiration dates. We can accomplish this with a small shell script.

要在脚本中使用whois，我们假设我们有一组域需要检查到期日期。 我们可以使用一个小的Shell脚本来完成此任务。

Type this into an editor, and save it as “get-expiry.sh”:

在编辑器中输入以下内容，并将其另存为“ get-expiry.sh”：

#!/bin/bashDOMAIN_LIST="howtogeek.com reviewgeek.com lifesavvy.com cloudsavvyit.com"echo "Expiration dates:"for domain in $DOMAIN_LISTdo  echo -n "$domain :: "  whois $domain | grep 'Expiration' | awk '{print $5}'done

Set the script  by using the chmod command, as shown below:

使用chmod命令将脚本设置 ，如下所示：

chmod +x get-expiry.sh

Run the script by calling it by name:

通过按名称调用脚本来运行脚本：

./get-expiry.sh

The expiration date for each domain is extracted from the response from whois by using grep to “Expiration,” and using awk to .

通过使用grep “ Expiration”的并使用awk 从whois的响应中提取每个域的到期日期。

便利与自动化 (Convenience and Automation)

Yes, you can also perform whois lookups online. However, having the whois command available in the terminal window and scripts offers convenience, flexibility, and gives you the option to automate some of your workload.

是的，您还可以在线执行whois查找。 但是，在终端窗口和脚本中提供whois命令可以提供便利，灵活性，并为您提供一些自动化工作负载的选项。

翻译自: