What am I missing in this mnt-by query for MNT-ANONYMOUS?
inetnum: 37.114.49.0 - 37.114.49.255 netname: DE-NETWORK-ABUSE-3706 descr: Network-Abuse.info country: DE admin-c: HA2568-RIPE tech-c: HA2568-RIPE status: ASSIGNED PA mnt-by: MNT-INTERCOLO mnt-by: MNT-WEESLY source: RIPE # Filtered % Information related to 'HA2568-RIPE' person: Holger Anonymous address: Please contact us by E-Mail phone: +49.180.4100100 abuse-mailbox: abuse@network-abuse.info remarks: ******************************************* remarks: * SPAM / ABUSE / SECURITY / OTHERS * remarks: ******************************************* remarks: * For spam/abuse/security issues please * remarks: * contact : abuse@network-abuse.info * remarks: ******************************************* remarks: * For other information or issues please * remarks: * sent to abuse@network-abuse.info * remarks: ******************************************* nic-hdl: HA2568-RIPE mnt-by: MNT-ANONYMOUS source: RIPE # Filtered and network-abuse.info is domain clocked on godaddy - Domain Name:NETWORK-ABUSE.INFO Created On:19-Sep-2011 12:28:46 UTC Last Updated On:21-Jun-2012 09:56:51 UTC Expiration Date:19-Sep-2013 12:28:46 UTC Now for what I wanted to ask. A RIPE query from the command line doesnt show anything. suresh@oc2751464200 22:27:52 <~> $ whois -h whois.ripe.net -i mnt-by MNT-ANONYMOUS [Querying whois.ripe.net] [whois.ripe.net] %ERROR:101: no entries found % % No entries found in source RIPE. But he has at least two other interesting (to a postmaster for a large email service, hint, hint) netblocks this guy has - 37.114.43.0/24 37.114.45.0/24 Doing a RIPE full text search does get me these and other netblocks inetnum: 89.144.17.0 - 89.144.18.255 mnt-by=MNT-WEESLY ISP4P-MNT MNT-ANONYMOUS inetnum: 185.10.68.0 - 185.10.69.255 mnt-by=MNT-ANONYMOUS inetnum: 185.10.70.0 - 185.10.70.255 mnt-by=MNT-ANONYMOUS inetnum: 185.10.71.128 - 185.10.71.159 mnt-by=MNT-ANONYMOUS inetnum: 185.10.71.160 - 185.10.71.167 mnt-by=MNT-ANONYMOUS inetnum: 185.10.71.192 - 185.10.71.255 mnt-by=MNT-ANONYMOUS mntner: MNT-ANONYMOUS mnt-by=MNT-ANONYMOUS, referral-by=MNT-ANONYMOUS, mntner=MNT-ANONYMOUS route: 185.10.68.0/22AS198599 mnt-by=MNT-ANONYMOUS route: 37.114.43.0/24AS5577 mnt-by=MNT-ANONYMOUS ROOT-MNT route: 37.114.45.0/24AS198599 mnt-by=MNT-ANONYMOUS route: 37.114.46.0/24AS198599 mnt-by=MNT-ANONYMOUS route: 37.114.47.0/24AS198599 mnt-by=MNT-ANONYMOUS route: 37.114.48.0/24AS198599 mnt-by=MNT-ANONYMOUS route: 37.114.49.0/24AS198599 mnt-by=MNT-ANONYMOUS route: 37.114.51.0/24AS198599 mnt-by=MNT-ANONYMOUS -- Suresh Ramasubramanian (ops.lists@gmail.com)
Dear Suresh I think this may be a problem with your command line client. From my command line I get a long list of results returned for the query: $ whois -rG -i mnt-by MNT-ANONYMOUS I also see the same results from our web query page: http://apps.db.ripe.net/search/query.html?searchtext=MNT-ANONYMOUS&flags=r&sources=RIPE_NCC&grssources=&inverse=MNT_BY&types=#resultsAnchor Regards Denis Walker Business Analyst RIPE NCC Database Group On 04/03/2013 18:02, Suresh Ramasubramanian wrote:
inetnum: 37.114.49.0 - 37.114.49.255 netname: DE-NETWORK-ABUSE-3706 descr: Network-Abuse.info country: DE admin-c: HA2568-RIPE tech-c: HA2568-RIPE status: ASSIGNED PA mnt-by: MNT-INTERCOLO mnt-by: MNT-WEESLY source: RIPE # Filtered
% Information related to 'HA2568-RIPE'
person: Holger Anonymous address: Please contact us by E-Mail phone: +49.180.4100100 abuse-mailbox: abuse@network-abuse.info <mailto:abuse@network-abuse.info> remarks: ******************************************* remarks: * SPAM / ABUSE / SECURITY / OTHERS * remarks: ******************************************* remarks: * For spam/abuse/security issues please * remarks: * contact : abuse@network-abuse.info <mailto:abuse@network-abuse.info> * remarks: ******************************************* remarks: * For other information or issues please * remarks: * sent to abuse@network-abuse.info <mailto:abuse@network-abuse.info> * remarks: ******************************************* nic-hdl: HA2568-RIPE mnt-by: MNT-ANONYMOUS source: RIPE # Filtered
and network-abuse.info <http://network-abuse.info> is domain clocked on godaddy -
Domain Name:NETWORK-ABUSE.INFO <http://NETWORK-ABUSE.INFO> Created On:19-Sep-2011 12:28:46 UTC Last Updated On:21-Jun-2012 09:56:51 UTC Expiration Date:19-Sep-2013 12:28:46 UTC
Now for what I wanted to ask. A RIPE query from the command line doesnt show anything.
suresh@oc2751464200 22:27:52 <~> $ whois -h whois.ripe.net <http://whois.ripe.net> -i mnt-by MNT-ANONYMOUS [Querying whois.ripe.net <http://whois.ripe.net>] [whois.ripe.net <http://whois.ripe.net>]
%ERROR:101: no entries found % % No entries found in source RIPE.
But he has at least two other interesting (to a postmaster for a large email service, hint, hint) netblocks this guy has -
37.114.43.0/24 <http://37.114.43.0/24> 37.114.45.0/24 <http://37.114.45.0/24>
Doing a RIPE full text search does get me these and other netblocks
inetnum: 89.144.17.0 - 89.144.18.255 mnt-by=MNT-WEESLY ISP4P-MNT MNT-ANONYMOUS
inetnum: 185.10.68.0 - 185.10.69.255 mnt-by=MNT-ANONYMOUS
inetnum: 185.10.70.0 - 185.10.70.255 mnt-by=MNT-ANONYMOUS
inetnum: 185.10.71.128 - 185.10.71.159 mnt-by=MNT-ANONYMOUS
inetnum: 185.10.71.160 - 185.10.71.167 mnt-by=MNT-ANONYMOUS
inetnum: 185.10.71.192 - 185.10.71.255 mnt-by=MNT-ANONYMOUS
mntner: MNT-ANONYMOUS mnt-by=MNT-ANONYMOUS, referral-by=MNT-ANONYMOUS, mntner=MNT-ANONYMOUS
route: 185.10.68.0/22AS198599 <http://185.10.68.0/22AS198599> mnt-by=MNT-ANONYMOUS
route: 37.114.43.0/24AS5577 <http://37.114.43.0/24AS5577> mnt-by=MNT-ANONYMOUS ROOT-MNT
route: 37.114.45.0/24AS198599 <http://37.114.45.0/24AS198599> mnt-by=MNT-ANONYMOUS
route: 37.114.46.0/24AS198599 <http://37.114.46.0/24AS198599> mnt-by=MNT-ANONYMOUS
route: 37.114.47.0/24AS198599 <http://37.114.47.0/24AS198599> mnt-by=MNT-ANONYMOUS
route: 37.114.48.0/24AS198599 <http://37.114.48.0/24AS198599> mnt-by=MNT-ANONYMOUS
route: 37.114.49.0/24AS198599 <http://37.114.49.0/24AS198599> mnt-by=MNT-ANONYMOUS
route: 37.114.51.0/24AS198599 <http://37.114.51.0/24AS198599> mnt-by=MNT-ANONYMOUS
-- Suresh Ramasubramanian (ops.lists@gmail.com <mailto:ops.lists@gmail.com>)
Hi all, On Mar 4, 2013, at 9:19 AM, "Denis Walker" <denis@ripe.net> wrote:
Dear Suresh
I think this may be a problem with your command line client. From my command line I get a long list of results returned for the query: $ whois -rG -i mnt-by MNT-ANONYMOUS
I don't know if it counts as a top tip but I telnet to whois.ripe.net on port 43 and enter the search query that way instead of trying to get a client to do what I want. HTH, Leo
I tried the two. My whois client is rather elderly but is pretty bog standard, being the one bundled with a stable Linux distro On Monday, March 4, 2013, Leo Vegoda wrote:
Hi all,
On Mar 4, 2013, at 9:19 AM, "Denis Walker" <denis@ripe.net <javascript:;>> wrote:
Dear Suresh
I think this may be a problem with your command line client. From my command line I get a long list of results returned for the query: $ whois -rG -i mnt-by MNT-ANONYMOUS
I don't know if it counts as a top tip but I telnet to whois.ripe.net on port 43 and enter the search query that way instead of trying to get a client to do what I want.
HTH,
Leo
-- --srs (iPad)
Hi Suresh,
I tried the two. My whois client is rather elderly but is pretty bog standard, being the one bundled with a stable Linux distro
if you are using an whois client that is not clearly tuned to take care of the specific RIPE DB options you are better off to enclose the query with all it's options in a single quoted comand line parameter such as whois -h whois.ripe.net "-i mnt-by MNT-ANONYMOUS" Ruediger
Hi All There are many different options and some work (or not) on different systems. One that does seem to work, at least on both linux and OSX is this: $ whois -h whois.ripe.net -- "-B dw-ripe" Hope this helps. regards Denis Walker Business Analyst RIPE NCC Database Group On 05/03/2013 11:13, Ruediger Volk wrote:
Hi Suresh,
I tried the two. My whois client is rather elderly but is pretty bog standard, being the one bundled with a stable Linux distro
if you are using an whois client that is not clearly tuned to take care of the specific RIPE DB options you are better off to enclose the query with all it's options in a single quoted comand line parameter such as
whois -h whois.ripe.net "-i mnt-by MNT-ANONYMOUS"
Ruediger
On 05-Mar-2013 3:43 PM, "Ruediger Volk" <rv@x37.nic.dtag.de> wrote:
whois -h whois.ripe.net "-i mnt-by MNT-ANONYMOUS"
Exact same syntax I used except for the double quotes --srs (htc one x)
On 5 Mar 2013, at 11:06, Suresh Ramasubramanian wrote:
Exact same syntax I used except for the double quotes
I expect you need the '--' token shown in Denis's example. /Niall
* Suresh Ramasubramanian:
On 05-Mar-2013 3:43 PM, "Ruediger Volk" <rv@x37.nic.dtag.de> wrote:
whois -h whois.ripe.net "-i mnt-by MNT-ANONYMOUS"
Exact same syntax I used except for the double quotes
The double quotes are important, and the query argument shouldn't start with a dash, so use this: whois -h whois.ripe.net " -i mnt-by MNT-ANONYMOUS"
participants (6)
-
Denis Walker -
Florian Weimer -
Leo Vegoda -
Niall O'Reilly -
Ruediger Volk -
Suresh Ramasubramanian