The whois Database

Click here to load reader

  • date post

    31-Dec-2015
  • Category

    Documents

  • view

    29
  • download

    0

Embed Size (px)

description

The whois Database. Introduction and Usage. Overview. What is the whois database? Why use it? Who uses it? Database query process Database update process. What is the whois Database?. Network Management Database Contains information about address space DNS domains IP routing policies - PowerPoint PPT Presentation

Transcript of The whois Database

  • The whois DatabaseIntroduction and Usage

  • Overview

    What is the whois database?Why use it?Who uses it?Database query processDatabase update process

  • What is the whois Database?

    Network Management Database

    Contains information aboutaddress spaceDNS domainsIP routing policiescontact information

  • Why use the Database?QueriesAscertain custodianship of a resourceObtain details of technical contacts for a networkInvestigate security incidentsTrack source of network abuse or spam email

    UpdatesRegister use of Internet resourcesIP networks, ASNs, reverse DNS, etc.Update existing recordsFulfill responsibilities as resource holder

  • Who uses the Database?QueriesInternet Service ProvidersSite network managers and engineersAny Internet user

    UpdatesInternet registries (RIRs, LIRs)Internet Service ProvidersAnyone who holds an Internet resource

  • Database ObjectsDatabase object types

    OBJECT PURPOSEpersoncontact persons rolecontact groups/rolesinetnumIPv4 address allocations/assignmentsinet6numIPv6 address allocations/assignmentsaut-numautonomous system numberas-macrogroup of autonomous systemsdomainreverse domainsrouteprefixes being announcedmntner(maintainer) database authorisation

  • Contact InformationExample object - person

    person:address:address:country:phone:fax-no:e-mail:nic-hdl:mnt-by: changed:source:Brajesh Jain B 115 SARVODAYA ENCLAVE NEW DELHI 110017 TH +91-11-6864138 +91-11-6865888 [email protected] BJ16-AP MAINT-IN-ESTEL-BCJ [email protected] 20000429 APNIC AttributesValues

  • Network InformationExample object - inetnuminetnum: netname:descr:descr:country:admin-c:tech-c:mnt-by:mnt-lower:changed:source:203.113.0.0 - 203.113.31.255 TOTNET-AP Telephone Organization of THAILAND(TOT) Telephone and IP Network Service Provider THNM18-APRC80-APAPNIC-HMMAINT-TH-SS163-AP [email protected] 19990922APNICAttributesValues

  • Database Query - Search KeysOBJECT TYPE ATTRIBUTES - SEARCH KEYS*whois supports queries on any of these objects/keys

  • Database Query - Inetnum Notes Incomplete addresses padded with .0 Address without prefix interpreted as /32% whois 203.127.128.0 - 203.127.159.255

    % whois SINGNET-SG% whois 202.127.128.0/19

  • Database Query - InetnumRIPE extended whois clientftp://ftp.ripe.net/ripe/dbase/software/ripe-dbase-3.0.tar.gz

    Flags used for inetnum queriesNonefind exact match- L find all less specific matches- m find first level more specific matches- M find all More specific matches - r turn off recursive lookups

  • Database Query - Inetnuminetnum hierarchy: whois 210.8.0.0/16 210.8.30/23All less specifics (-L)210/70/0Exact match210.8/16All morespecifics (-M)1st levelmoreSpecific (-m)

  • -M will find all assignments in a range in the database% whois -M 202.144.0.0/19Database Query - Inetnum

  • % whois -i person EC119-APDatabase Query - Inverse

  • Whois Web Interface

  • Whois Web Interface

  • Database Query - OptionsSummary of other flags- iinverse lookup on given attribute- T search only for objects of given type - tgive template for given type- vverbose information for given type- hspecify database server site For more information try... whois -h whois.apnic.net HELPwhois -h whois.ripe.net HELP

  • Database Update ProcessEmail requests to Each request contains an object templateUpdate RequestTemplate

  • Database Update ProcessUpdate transactionsCreate a new object Change attributes of an objectDeletean object

    Updates are submitted by emailE-mail to:

    Email message contains template with new or updated object

    Template

  • Object Templatewhois -t Recognised by the RIPE whois client/serverperson: [mandatory] [single] [primary/look-up key]address: [mandatory] [multiple] [ ]country: [optional] [single] [ ]phone: [mandatory] [multiple] [ ]fax-no: [optional] [multiple] [ ]e-mail: [optional] [multiple] [look-up key]nic-hdl: [mandatory] [single] [primary/look-up key]remarks: [optional] [multiple] [ ]notify: [optional] [multiple] [inverse key]mnt-by: [optional] [multiple] [inverse key]changed: [mandatory] [multiple] [ ]source: [mandatory] [single] [ ]% whois -h whois.ripe.net -t person

  • Database Update ProcessAutomatic request processing Automatic robot for all database updatesEmail template for create/update/delete

    Templates are syntax checkedWarningsErrors

    Database service support

    Parse

  • Data ProtectionAuthorisationmnt-by attribute references a mntner (maintainer) object mnt-by should be used with every object

    AuthenticationUpdates to an object must pass authentication rule specified by its maintainer object

    Auth.

  • Data ProtectionFailed AuthorisationTemplate NOT corrected and object NOT acceptedAutomatic email notification sent to requestorAutomatic email notification sent to notify address

    Successful updateIf Parse and Auth. steps succeed, database is updatedConfirmation by email to requestor

  • Authentication/AuthorisationMaintainer object exampleinetnum: 193.1.2.0/24descr: SYNFUX-NETmnt-by:MAINT-AU-SYNFLUX

    mntner:MAINT-AU-SYNFLUXdescr:Synflux International Pty. country:AUadmin-c: UG1-APtech-c: UG1-APupd-to: [email protected]: [email protected]: CRYPT-PW apnbVcktyz6UYmnt-by: MAINT-AU-SYNFLUXchanged: [email protected] 19990404

  • Authentication/Authorisation

    Maintainer specific attributesnotify:Sends notification of any changes to maintained objects to email address specifiedmnt-by:Maintainers must also be protected! (Normally by themselves)auth:Authentication method for this maintainer

  • Authentication/Authorisationauth attribute gives authentication method

    NONEStrongly discouraged!MAIL-FROMVery weak authentication. DiscouragedCRYPT-PWCrypt (Unix) password encryptionUse web page to create your maintainerPGP-KEY

  • Questions