O'Reilly Hacks
oreilly.comO'Reilly NetworkSafari BookshelfConferences Sign In/My Account | View Cart   
Book List Learning Lab PDFs O'Reilly Gear Newsletters Press Room Jobs  



revhost netblock lookup
Find out what netblock someone is on, by IP or domain name

Contributed by:
Unknown User anonymous2
[05/07/03 | Discuss (1) | Link to this hack]

Sometimes it can be useful to find out more information about a computer's upstream ISP, as well as its approximate geographic location. ARIN, The American Registry for Internet Numbers, provides this information on their DNS servers. In order to get this information from ARIN, you need to query their DNS servers by IP. A lot of times, it's more convenient to look it up by domain name. The revhost script allows you to do netblock lookups by either IP or domain name automatically. To use it, just type: [me@myserver]$ revhost oreilly.com [whois.arin.net] UUNET Technologies, Inc. UUNET1996B (NET-208-192-0-0-1) 208.192.0.0 - 208.255.255.255 SONIC.NET, INC. UU-208-201-224 (NET-208-201-224-0-1) 208.201.224.0 - 208.201.255.255 # ARIN WHOIS database, last updated 2003-05-07 20:10 # Enter ? for additional hints on searching ARIN's WHOIS database. Here is the source code listing for revhost. To make it a permanent fixture on your system, make sure it's executable and put it someplace like /usr/local/bin/revhost ------------- BEGIN CODE LISTING ------------- #!/bin/sh # ----------------------------------------------------------------------------- # revhost # ----------------------------------------------------------------------------- # performs netblock lookups by hostname or IP by querying the ARIN DNS database # ----------------------------------------------------------------------------- # requires: whois, host, awk, cut, test/[ # ----------------------------------------------------------------------------- # bail out if we weren't called with an argument if [ ! $1 ]; then echo "Usage: revhost [hostname]"; exit; fi IP_ADDX=""; # did we get an IP or a hostname? FIRST_CHAR=`echo $1 | cut -b1` IS_IP=`expr $FIRST_CHAR + 1 2>/dev/null` if [ $IS_IP ]; then # we got an IP IP_ADDX=$1; else # it's a hostname, do a lookup to convert to IP IP_ADDX=`host $1 | awk '{print $4}' | head -1`; fi # query the ARIN DNS server by IP whois -h whois.arin.net $IP_ADDX; -------------- END CODE LISTING --------------

See also: man whois
http://whois.arin.net


O'Reilly Home | Privacy Policy

© 2007 O'Reilly Media, Inc.
Website: | Customer Service: | Book issues:

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.