What is Who is Lookup?

What is Who is Lookup? — Gathering network-related information such as “Whois” information about the target organization is important when planning a hack. in this section, we will discuss whois footprinting.

Whois foorprinting focuses on how to perform a Whois lookup, analyzing the Whois lookup results, and the tools used to gather Whois information.

Whois Lookup

Whois is a query and response protocol used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonimous system. This protocol listens to requests on port 43 (TCP). Regional Internet Registries (RIRs) maintain Whois databases and it contains the personal information of domain owners. For each resource, Whois database provides text records with information about the resource itself, and relevant information of assignees, registrants, and administrative information (creation and expiration dates.)

Two types of data models exist to store and lookup Whois information:

• Thick Whois — Stores the complete Whois information from all the registrats for the particular set of data.
• Thin Whois — Stores the complete Whois server of the registrar of a domain, which in turn holds complete details on the data being looked up.

Whois Query returns following information

• Domain name details
• Contact details of domain owner
• Domain name servers
• Expiry records
• NetRange
• Records last updated
• When a domain has been created

An attacker queries a Whois database server to obtain information about the target domain name, contact details of its owner, expiry date, creation date and so on. and the Whois server responds to the query with the requsted information.

Using this information an attacker can create a map of the organization’s network, mislead domain owners with social engineering, and then obtain internal details of the network.

What is Who is Lookup?

Regional Internet Registries (RIRs)

The RIRs include:

ARIN (American Registry for Internet Numbers)

Source: https://www.arin.net

ARIN provides services related to the technical coordination and management of Internet number resources. ARIN offers its service in form of three areas:

• Registration — pertains to the technical coordination and management of Internet number resources.
• Organization — petains to the interaction between ARIN members and stakeholders and ARIN.
• Policy Development — facilitates the development of policy for the technical coordination and management of Internet numbers resources in the ARIN region.

Arin also develops technical services to support the evolving needs of the Internet community.

AFRINIC (African Network Information Center)

Source : https://www.afrinic.net

The acronymn, AFRINIC, is the RIR for Africa, responsible for the distribution and management of Internet number resources such as IP addresses and ASN (Autonomous System Numbers) for the African region.

APNIC (Asia Pacific Network Information Center)

Source: https://www.apnic.net

APNIC is one of five RIRs charged with ensuring the fair distribution and responsible management of IP addresses and related resources required for the stable and reliable operation of the global Internet.

RIPE (Reseaux IP Europeens Network Coordination Centre)

Source : https://www.ripe.net

RIPE NCC provides Internet Resource allocations, registration services, and coordination activities that support the operation of the Internet globally.

LACNIC (Latin American and Carribbean Network Information Center)

Source: https://www.lacnic.net

LACNIC is an international non-government organization’s responsible for assigning and administrating Internet Number resources (IPV4, IPV6) autonomous system numbers, reverse resolution, and other resources for the Latin America and Caribbean Region.

Whois Lookup Result Analysis

Whois services such as https://whois.domaintools.com or http://www.tamos.com can help to perform Whois lookups. The following figure shows a result analysis of a Whois lookup obtained with the two mentioned Whois services. The services perform whois lookup by entering the target’s domain or IP Address. The domaintools.com service provides Whois information such as registrant information, email, administrative contact information, created and expiry date, and a list of domain servers. The SmartWhois available at http://www.tamos.com gives information about an IP address, hostname, or domain, including country, state or province, city, phone number, fax number, name of the network provider, administrator, and technical support contact information. It also assists in finding the owner of the domain, the owner’s contact information, the owner of the IP address block, registered date of the domain and so on. It supports Internationalized Domain Names (IDNs), which means one can query domain names that user non-English characters. It also supports IPV6 addresses.

Whois Lookup Tools

Whois Lookup Tools extract information such as IP address, hostname or domain name, registrant information, DNS records including country, city, state, phone and fax numbers, network service providers, administrators and technical support information for any IP address or domain name.

There are numerous tools available to retrieve Whois information, including:

Some of the Whois Lookup Tools for Cell Phones Include:

For Whois Lookup Tools Visit Post Click Here

If You Like This Blog For Improving Please Comment Down

For More Hacking Content Click Here

Originally published at https://exploitbyte.com on January 14, 2021.