Service whois.jinr.ru

It is intended for simplification of reception of data about email addresses of those responsible for administration of external IP networks. The data is extracted from various external registries (RIPE, ARIN, APNIC) and is cached on the local server to speed up subsequent requests.

Access to the service is made

- using the standard utility whois, part of the majority of Unix operating systems whois -h whois.jinr.ru ip

The emails field can contain several email addresses. The confirmed field contains the address from which the confirmation was received at least once.

Typical situations in which the service may come in handy:

- Your host has been scanned from IP to ports (or there was an attempt to find a password). With the help of service whois.jinr.ru we determine the administrator's email and send to this address a fragment of its log-file with the indication of the time offset GMT + 4

- spam was received from an external IP address ... a similar procedure, instead of a fragment of the log in the text of the message, the full header of the spam message is given.

Notes:

1. I have a firewall enabled, suspicious packages are blocked. Is it worth while to write somewhere?

Definitely yes. Most administrators and support services staff respond to such messages, infected computers are being treated, or blocking access to the network. Perhaps the administrators of the remote network are not yet aware of the problematic computer and need to inform them about it.

2. Will they send me an answer?

At best, the robot will respond that the application is accepted for consideration.

3. Whois service does not provide data on the IP address.

Report this to the LIT Network Service