China
Africa
Explore chapters and articles related to this topic
Reconnaissance
Published in Nicholas Kolokotronis, Stavros Shiaeles, Cyber-Security Threats, Actors, and Dynamic Mitigation, 2021
Christos-Minas Mathas, Costas Vassilakis
“Whois” is another useful tool for performing information gathering. It was originally designed for Unix, but now it is available for Windows and also other platforms. “Whois” is a plain text protocol that queries a database with Internet resources. It reveals information about a registered domain, including the owner, the IP address block, the domain provider, and more. ReconDog provides a “Whois” database lookup functionality. We will use it to see what information we may find about scantest.uop.gr8 (see Figure 2.6). The information obtained includes the domain creation, last update and expiry dates, information about the registrar, the organization that registered the domain and its geographical location (here at a granularity of country), as well as the NSs registered for the domain.
Domains and Hosts
Published in Tom Hutchison, Paul Allen, Web Marketing for the Music Business, 2013
If you must have a certain domain name and it is not available, it may be possible to purchase the name from the current owner. The first step is to type the domain name into the address box of your browser and see what page comes up. Many times, domain speculators will post a “this domain for sale” link to contact them. Services such as GoDaddy provide domain backorder services that will monitor a domain name and notify you if and when it comes up for renewal or resale. They will also serve as your buyer’s representative if you want to purchase a name through a domain auction process. WHOIS is an internet function used to search for domain registration information. It identifies who owns the domain name and how to get in touch with them. Sometimes you can deal directly with the owner.
Cyber-Espionage Malware Attacks Detection and Analysis: A Case Study
Published in Journal of Computer Information Systems, 2022
Analysis of suspect network traffic observed the IP address by the “injector.exe” malware was attempting to communicate with the attacker. After determining the suspicious IP number, a domain name query was made from the address “https://whois.domaintools.com” for the IP number information. As a result of the query of the detected IP number, it was seen that the whois (domain name query) information belonging to the attacker could be reached.