I've often been less than happy with the results
from the 'dig' command, so I've just installed ipw,
a little tool that does a better job of it.
DESCRIPTION
The ipw program attempts to obtain the most relevant IP address regis-
tration record for a given IP address. It does so by trying each of
several major WHOIS servers, in turn, until it finds a relevant record.
The WHOIS servers that are consulted for IP address registration
records are:
whois.arin.net
whois.ripe.net
whois.apnic.net
whois.aunic.net
...
If the case of ARIN registration records, if there are multiple regis-
tration records covering address ranges which include the given IP
address, then the record relating to the numerically smallest such
IP address range is selected and then printed to stdout.
[read: it returns the most relevant IP block owner]
There's also a nice perl cgi-wrapper to it, so you
can access ipw using Arachne.
Next time you run across a dotted-quad address
(maybe in the headers of a piece of spam, for instance)
and you want to know who owns it, try
http://wizard.dyndns.org/cgi-bin/ipw.pl
Remember, it might be looking through multiple
registries, so it's not always super fast.
Once you know the domain, you can plug that into
http://abuse.net/lookup.phtml to find a specific
e-mail address to complain to (the e-mail addy
of the IP-block administrator probably isn't the
best to use).
Hmmm... I wonder if ipw will compile under djgpp.
If anyone wants to give it a try...
http://wizard.dyndns.org/ipw.c
--
Steve Ackman
http://twovoyagers.com
Registered Linux User #79430
http://www.georgedillon.com/web/html_email_is_evil.shtml
"Point is, nothing here is unfamiliar or unexpected. How long does
it take before there's general recognition that Microsoft software
has no business on the Internet? - Dennis E. Powell re: Code Red
