In Linux, the whois is a command-line tool or a system that lists records and contains information about both the domain’s owner and ownership. Using the whois command, anyone can search for domain records. The company ICANN (Internet Corporation for Names and Numbers) controls the registration of domain names and ownership. However, a number of companies known as ‘Registries’ keeps the list of records. Therefore, if you request a list of records, the registry will handle your request and send you the information according to the appropriate whois record.
The whois command contains the contact information of the domain’s owner, the company that registered the domain name, the domain registration date, last modified details, and expiration details. We can make all these domain requests via the web but, in the Linux system, the whois command is available that performs the information lookups through the command line.
This article will demonstrate to you how to install and use the whois command on Ubuntu / Debian distribution. Here, we will execute all commands on Ubuntu 20.04 distribution.
Installing whois on Ubuntu
The ‘whois’ command is already installed in all the latest Ubuntu distributions. However, if you do not have an installation of ‘whois’ on your system due to any reason, you can easily install whois on your Ubuntu system. Update the package apt repository using this command:
Now, install whois by using this command:
Display the installed version of whois command using this command:
How Does the whois Command Work?
We can use the ‘whois’ command in the Linux system in different ways. For example, we can use the whois command with the domain names, IP (Internet Protocol) addresses, and in a Bash script. Let’s explore the use of the ‘whois’ command with the help of some examples:
Use of whois Command with Domain Name
As we mentioned earlier, we can use the domain name with the `whois’ command. For example, we want to retrieve the information about the domain name ‘google.com’. To do this, use the following command:
The above command displays some set of information about the domain name ‘google.com’. The output you received from the ‘whois’ registry displays the summary and extra information about the specified domain.
Here, the ‘domain status’ represent the domain state and it can be in different states at the same time. Few states are rarely seen whereas others are restricted to a specific scenario. The commonly attached domain states to the registration are given below:
clientTransferProhibited: The domain’s registry rejects the transfer of the specified domain from the current registrar to others.
serverDeleteProhibited: The domain can’t be removed or deleted.
serverTransferProhibited: The domain can’t be shifted to other registrars.
serverUpdateProhibited: The domain can’t be modified. “!DNSSEC” is known as Domain Name System Security Extensions. It allows the DNS name resolver to check that the received data from the DNS zone is correct and hasn’t been changed. In other words, whois gives us more or less information as a summary about a domain name.
Use of whois Command with IP Address
When we use the whois command with a specific IP address, it shows the information related to the company or organization that owns the IP address.
The output of the ‘Ref:’ line keeps all information in JSON (JavaScript Object Notation) format. Moreover, it shows the contact information that enables you to report your problem regarding abuse and traffic routing. Network operation, etc. To explore more about the whois command options and usage, visit the man page:
Conclusion
We explored in this article how to install the whois command in the Ubuntu distribution. The whois command is helpful for searching the contact information for domains and IP addresses in case of a networking problem.