[DBWG] WHOIS filtering and the "-B" option

Mark Elkins mje at posix.co.za
Fri Nov 18 09:10:01 UTC 2016 

I usually run whois without the '-B' - realise stuff is filtered - then
re-run with '-B'. Unless, as Frank asks, there is some form of rate
limiting - then  there is probably little point in filtering. It would
be cute that if the request is from an IP address associated to the
results, that any form of rate limiting is ignored - if there is rate
limiting.

On 18/11/2016 09:46, Alan Barrett wrote:
> The AFRINIC WHOIS server “filters” results by default.  It seems to delete all fields that contain
 email addresses.
> 
> For example, here are two queries with and without “-B”:
> 
> $ whois -h whois.afrinic.net IT7-AFRINIC | egrep -v '^%|^$'
> person:         Infrastructure Team
> address:        AFRINIC Ltd
> address:        11th Floor, Standard Chartered Tower
> address:        19, Cybercity
> address:        Ebène
> address:        Mauritius
> phone:          +230 403 51 00
> nic-hdl:        IT7-AFRINIC
> source:         AFRINIC # Filtered
> 
> $ whois -h whois.afrinic.net -- '-B IT7-AFRINIC' | egrep -v '^%|^$
> person:         Infrastructure Team
> address:        AFRINIC Ltd
> address:        11th Floor, Standard Chartered Tower
> address:        19, Cybercity
> address:        Ebène
> address:        Mauritius
> phone:          +230 403 51 00
> e-mail:         sysadmin at afrinic.net
> nic-hdl:        IT7-AFRINIC
> changed:        hiba at afrinic.net 20130416
> changed:        radha.ramphul at afrinic.net 20160808
> source:         AFRINIC
> 
> I have two questions about this:
> 
> 1. Instead of deleting the lines that are “filtered”, would it make sense to replace them
with some sort of explanation that the information has been filtered?
For example, like this:
> 
> person:         Infrastructure Team
> address:        AFRINIC Ltd
> address:        11th Floor, Standard Chartered Tower
> address:        19, Cybercity
> address:        Ebène
> address:        Mauritius
> phone:          +230 403 51 00
> e-mail:         # Filtered
> nic-hdl:        IT7-AFRINIC
> changed:        # Filtered
> source:         AFRINIC # Filtered
> 
> 2. Is it useful to censor the email addresses by default?  It seems to me that this adds
no security (because the query can simply be repeated with the “-B”
option), and reduces the usefulness.
> 
> Alan Barrett


-- 
Mark James ELKINS  -  Posix Systems - (South) Africa
mje at posix.co.za       Tel: +27.128070590  Cell: +27.826010496
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3854 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.afrinic.net/pipermail/dbwg/attachments/20161118/0e2ecef5/attachment.p7s>

More information about the DBWG mailing list