Redhat / CentOS Install whois client

last updated in Categories , , ,

How do I install whois client to see whois information about domain and ip address using command line options under Fedora / RHEL / Redhat / CentOS / Scientific Linux?

The whois command searches for an object in a RFC 3912 database. Red Hat/CentOS/RHEL/Fedora Linux comes with client for the whois directory service called whois or jwhois. The jwhois is a whois client that accepts both traditional and finger-style queries under RHEL. You can install the same using the yum command.

Redhat / CentOS Install whois client command

Login as root and type the following yum command to install the jwhois client:
# yum install jwhois
OR
# yum install whois
Sample outputs:

Loaded plugins: priorities, rhnplugin
70 packages excluded due to repository priority protections
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package jwhois.x86_64 0:4.0-18.el6 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package      Arch         Version             Repository                  Size
================================================================================
Installing:
 jwhois       x86_64       4.0-18.el6          rhel-x86_64-server-6       104 k

Transaction Summary
================================================================================
Install       1 Package(s)
Upgrade       0 Package(s)

Total download size: 104 k
Installed size: 0  
Downloading Packages:
jwhois-4.0-18.el6.x86_64.rpm                             | 104 kB     00:00     
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : jwhois-4.0-18.el6.x86_64                                 1/1 

Installed:
  jwhois.x86_64 0:4.0-18.el6                                                    

Complete!

How do I use whois command?

The syntax is:
whois domain
whois public-ip-address
whois [options] public-ip-address

This version of the whois client tries to guess the right server to ask for the specified object. If no guess can be made it will connect to whois.networksolutions.com for NIC handles or whois.arin.net for IPv4 addresses and network names. You can use the whois command as follows:
$ whois cyberciti.biz
$ whois 75.126.153.206

Sample outputs:

[Querying whois.arin.net]
[Redirected to rwhois.softlayer.com:4321]
[Querying rwhois.softlayer.com]
[rwhois.softlayer.com]
%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-SOFTLAYER.75.126.128.0/19
network:Auth-Area:75.126.128.0/19
network:Network-Name:SOFTLAYER-75.126.128.0
network:IP-Network:75.126.153.200/29
network:IP-Network-Block:75.126.153.200-75.126.153.207
network:Organization;I:SoftLayer Technologies, Inc.
network:Street-Address:1950 Stemmons Freeway Suite 2043
network:City:Dallas
network:State:TX
network:Postal-Code:75207
network:Country-Code:US
network:Tech-Contact;I:sysadmins@softlayer.com
network:Abuse-Contact;I:abuse@softlayer.com
network:Admin-Contact;I:IPADM258-ARIN
network:Created:20070218
network:Updated:20091220
network:Updated-By:ipadmin@softlayer.com
 
%referral rwhois://root.rwhois.net:4321/auth-area=.
%ok

Lookup for domain names

Simply run:
whois cyberciti.biz
Redhat CentOS Install whois client on RHEL

Getting help about whois command

Type the following command:
$ man whois
OR
$ whois --help

Usage: whois [OPTION]... OBJECT...
 
-h HOST, --host HOST   connect to server HOST
-p PORT, --port PORT   connect to PORT
-H                     hide legal disclaimers
      --verbose        explain what is being done
      --help           display this help and exit
      --version        output version information and exit
 
These flags are supported by whois.ripe.net and some RIPE-like servers:
-l                     find the one level less specific match
-L                     find all levels less specific matches
-m                     find all one level more specific matches
-M                     find all levels of more specific matches
-c                     find the smallest match containing a mnt-irt attribute
-x                     exact match
-b                     return brief IP address ranges with abuse contact
-B                     turn off object filtering (show email addresses)
-G                     turn off grouping of associated objects
-d                     return DNS reverse delegation objects too
-i ATTR[,ATTR]...      do an inverse look-up for specified ATTRibutes
-T TYPE[,TYPE]...      only look for objects of TYPE
-K                     only primary keys are returned
-r                     turn off recursive look-ups for contact information
-R                     force to show local copy of the domain object even
                       if it contains referral
-a                     also search all the mirrored databases
-s SOURCE[,SOURCE]...  search the database mirrored from SOURCE
-g SOURCE:FIRST-LAST   find updates from SOURCE from serial FIRST to LAST
-t TYPE                request template for object of TYPE
-v TYPE                request verbose template for object of TYPE
-q [version|sources|types]  query specified server info

Conclusion

WHOIS is a query and response protocol used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block. This page explained how to install whois client on Redhat (RHEL)/CentOS using yum command. See whois server list for top level domains here.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Start the discussion at www.nixcraft.com

Historical Comment Archive

9 comment

  1. I already installed jwhois but the output is always

    [root@mo ~]# whois 67.xxx.xx.xxx
    [Querying whois.arin.net]
    [Unable to connect to remote host]

    How do I fix this? Is there a port that I need to allow in my firewall?

  2. I know the question above is old, but you need to have TCP port 43 open. You may also need to open up ports for referral whois (rwhois), which is usually TCP port 4321.

  3. I know it is a reply to an old answer but I have the same issue as Ryan. I have installed jwhois via yum but still have the following result on any domain queried:-
    [root@machine]# whois somedomain.com
    [Querying whois.verisign-grs.com]
    [Unable to connect to remote host]

    Have tried opening both the ports suggested by Dan but still the same issue.
    Help would be very welcome here.

  4. Hi, Nick,

    I’m not able to test it currently, but you might want to try testing the connectivity to see if there’s something else blocking your connection. Try:

    telnet whois.verisign-grs.com 43

    And see if it connects. You can also verify where it’s trying to go with tcpdump:

    tcpdump -s0 -p ‘host whois.verisign-grs.com’

    Likely the port is blocked, the response is blocked (perhaps missing an established), or the response isn’t recognized (such as PAT changing the IP address or port).

    -Dan

  5. By the way, if you’re not on a busy network, you can run tcpdump in promiscuous mode (no -p) and remove the filter to see all of the traffic. I usually write it to a file (-wfilename.cap) and then analyze it with wireshark.

    Still, have a question? Get help on our forum!