Friday, October 26, 2018

Any legit way to do mass scripted whois queries?

We have a database of public IP's exported from our SD-WAN implementation, that represents the circuits we have at every branch.

Basically people got tired of manually updating the spreadsheet to reflect who the ISP is, as we transition between two different resellers, the moves/adds/changes of our branch circuits are crazy right now.

Our SD-WAN lets up export a list of all the IP information for every branch circuit, but it doesn't give us the name of the carrier.

For that we've been relying on whois lookups, and manually hand jamming the carrier name into the spreadsheet.

Now that this list has grown from around 300 or so to 1500 and is steadily growing beyond that, it's too much work to do so.

I think I can write a script that pretty easily automates doing the whois command, but there is one problem that concerns me. This ominous warning from ICANN

  1. Uses of WHOIS WHOIS is used for many purposes. Under ICANN organization's agreements, WHOIS may be used for any lawful purposes except to enable marketing or spam, or to enable high volume, automated processes to query a registrar or registry's systems, except to manage domain names. In addition to identifying domain name registrants, WHOIS data also allows network administrators and others to find and fix system problems and to maintain Internet stability. With it, they can determine the availability of domain names, combat spam or fraud, identify trademark infringement and enhance accountability of domain name registrants. WHOIS data is sometimes used to track down and identify domain name registrants who may be posting illegal content or engaging in phishing scams. These are just a few examples of how WHOIS helps maintain a healthy Internet ecosystem

Damn. We're not supposed to automate a script to hit their database like that? So where does one turn then to do this legitly?



No comments:

Post a Comment