Скачать презентацию The whois Database Introduction and Usage Anne Lord Скачать презентацию The whois Database Introduction and Usage Anne Lord

6aa119e7d55be0277df3fa4407caa74e.ppt

  • Количество слайдов: 27

The whois Database Introduction and Usage Anne Lord & Mirjam Kühne . Af. NOG The whois Database Introduction and Usage Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net

Overview • • • What is the whois database? Why use it? Who uses Overview • • • What is the whois database? Why use it? Who uses it? Database query process Database update process Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 2

What is the whois Database? • Network Management Database • Contains information about – What is the whois Database? • Network Management Database • Contains information about – – address space DNS domains IP routing policies contact information Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 3

Why use the Database? • Queries – – Ascertain custodianship of a resource Obtain Why use the Database? • Queries – – Ascertain custodianship of a resource Obtain details of technical contacts for a network Investigate security incidents Track source of network abuse or “spam” email • Updates – – Register use of Internet resources IP networks, ASNs, reverse DNS, etc. Update existing records Fulfill responsibilities as resource holder Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 4

Who uses the Database? • Queries – Internet Service Providers – Site network managers Who uses the Database? • Queries – Internet Service Providers – Site network managers and engineers – Any Internet user • Updates – Internet registries (RIRs, LIRs) – Internet Service Providers – Anyone who holds an Internet resource Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 5

Database Objects • Database object types OBJECT person role inetnum inet 6 num aut-num Database Objects • Database object types OBJECT person role inetnum inet 6 num aut-num as-macro domain route mntner Anne Lord & Mirjam Kühne PURPOSE contact persons contact groups/roles IPv 4 address allocations/assignments IPv 6 address allocations/assignments autonomous system number group of autonomous systems reverse domains prefixes being announced (maintainer) database authorisation . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 6

Contact Information Example object - ‘person’ Values Attributes Brajesh Jain B 115 SARVODAYA ENCLAVE Contact Information Example object - ‘person’ Values Attributes Brajesh Jain B 115 SARVODAYA ENCLAVE NEW DELHI 110017 TH +91 -11 -6864138 +91 -11 -6865888 [email protected] vsnl. net. in BJ 16 -AP MAINT-IN-ESTEL-BCJ person: address: country: phone: fax-no: e-mail: nic-hdl: mnt-by: changed: source: Anne Lord & Mirjam Kühne [email protected] vsnl. net. in 20000429 APNIC. Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 7

Network Information Example object - ‘inetnum’ Attributes inetnum: netname: descr: country: admin-c: tech-c: mnt-by: Network Information Example object - ‘inetnum’ Attributes inetnum: netname: descr: country: admin-c: tech-c: mnt-by: mnt-lower: changed: source: Anne Lord & Mirjam Kühne Values 203. 113. 0. 0 - 203. 113. 31. 255 TOTNET-AP Telephone Organization of THAILAND(TOT) Telephone and IP Network Service Provider TH NM 18 -AP RC 80 -AP APNIC-HM MAINT-TH-SS 163 -AP [email protected] net 19990922 APNIC. Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 8

Database Query - Search Keys OBJECT TYPE person role mntner inetnum domain aut-num as-macro Database Query - Search Keys OBJECT TYPE person role mntner inetnum domain aut-num as-macro route inet 6 num * ATTRIBUTES - SEARCH KEYS name, nic-hdl, e-mail maintainer name network number, name domain name as number as-macro name route value network number, name whois supports queries on any of these objects/keys Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 9

Database Query - Inetnum % whois 203. 127. 128. 0 - 203. 127. 159. Database Query - Inetnum % whois 203. 127. 128. 0 - 203. 127. 159. 255 % whois 202. 127. 128. 0/19 % whois SINGNET-SG inetnum: 203. 127. 128. 0 - 203. 127. 159. 255 netname: SINGNET-SG descr: Singapore Telecommunications Ltd descr: 31, Exeter Road, #02 -00, Podium Block descr: Comcentre, 0923 country: SG admin-c: CWL 3 -AP tech-c: CWL 3 -AP mnt-by: APNIC-HM changed: [email protected] net 19990803 source: APNIC • Notes • Incomplete addresses padded with “. 0” • Address without prefix interpreted as “/32” Anne Lord & Mirjam Kühne. Af. NOG Workshop, 10 May 2001. http: //www. ripe. net 10

Database Query - Inetnum • RIPE extended whois client ftp: //ftp. ripe. net/ripe/dbase/software/ripe-dbase-3. 0. Database Query - Inetnum • RIPE extended whois client ftp: //ftp. ripe. net/ripe/dbase/software/ripe-dbase-3. 0. tar. gz • Flags used for inetnum queries None -L -m -M -r find exact match find all less specific matches find first level more specific matches find all More specific matches turn off recursive lookups Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 11

Database Query - Inetnum inetnum hierarchy: whois 210. 8. 0. 0/16 0/0 All less Database Query - Inetnum inetnum hierarchy: whois 210. 8. 0. 0/16 0/0 All less specifics (-L) 210/7 210. 8/16 Exact match 1 st level more Specific (-m) 210. 8. 30/23 Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 All more specifics (-M) . http: //www. ripe. net 12

Database Query - Inetnum ‘-M’ will find all assignments in a range in the Database Query - Inetnum ‘-M’ will find all assignments in a range in the database % whois -M 202. 144. 0. 0/19 inetnum: netname: descr: . . inetnum: descr: . . . Anne Lord & Mirjam Kühne 202. 144. 0. 0 - 202. 144. 31. 255 SILNET-AP Satyam Infoway Pvt. Ltd. , 202. 144. 13. 104 - 202. 144. 13. 111 SOFTCOMNET SOFTCOM LAN (Internet)IP. 202. 144. 1. 0 - 202. 144. 1. 255 SILNET Satyam Infoway's Chennai LAN. Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 13

Database Query - Inverse % whois -i person EC 119 -AP inetnum: netname: descr: Database Query - Inverse % whois -i person EC 119 -AP inetnum: netname: descr: country: admin-c: tech-c: …… 202. 166. 224. 0 - 202. 166. 255 NECTW-BIGLOBE ISP Division of NEC Taiwan Ltd. TW SC 23 -AP EC 119 -AP aut-num: as-name: descr: tech-c: AS 9283 NECTW-AS ISP Division of NEC Taiwan Ltd. EC 119 -AP mntner: descr: admin-c: tech-c: NECTW-ISP-AP NEC Biglobe Taiwan wide SC 23 -AP EC 119 -AP person: address: country: phone: e-mail: nic-hdl: Emily Hui Chou ISP Division of NEC Taiwan Ltd. TW +886 -2 -85001787 [email protected] net. tw EC 119 -AP Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 14

Whois Web Interface Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May Whois Web Interface Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 15

Whois Web Interface Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May Whois Web Interface Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 16

Database Query - Options • Summary of other flags -i -T -t -v -h Database Query - Options • Summary of other flags -i -T -t -v -h inverse lookup on given attribute search only for objects of given type give template for given type verbose information for given type specify database server site • For more information try. . . whois -h whois. apnic. net HELP whois -h whois. ripe. net HELP Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 17

Database Update Process – Email requests to <auto-dbm@ripe. net> – Each request contains an Database Update Process – Email requests to – Each request contains an object template Update Request Template Parse Whois Server Data Base Auth. Error Warnings/Errors returned Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 18

Database Update Process • Update transactions Template –Create a new object –Change attributes of Database Update Process • Update transactions Template –Create a new object –Change attributes of an object –Delete an object • Updates are submitted by email • E-mail to: • Email message contains template with new or updated object Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 19

Object Template whois -t <object type> • Recognised by the RIPE whois client/server % Object Template whois -t • Recognised by the RIPE whois client/server % whois -h whois. ripe. net -t person: address: country: phone: fax-no: e-mail: nic-hdl: remarks: notify: mnt-by: changed: source: [mandatory] [optional] [optional] [mandatory] Anne Lord & Mirjam Kühne . [single] [multiple] [multiple] [single] [primary/look-up key] [ ] [ ] [look-up key] [primary/look-up key] [ ] [inverse key] [ ] Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 20

Database Update Process • Automatic request processing Parse <auto-dbm@ripe. net> – Automatic “robot” for Database Update Process • Automatic request processing Parse – Automatic “robot” for all database updates – Email template for create/update/delete • Templates are syntax checked – Warnings – Errors • Database service support Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 21

Data Protection • Authorisation – “mnt-by” attribute references a “mntner” (maintainer) object – “mnt-by” Data Protection • Authorisation – “mnt-by” attribute references a “mntner” (maintainer) object – “mnt-by” should be used with every object Auth. • Authentication – Updates to an object must pass authentication rule specified by its maintainer object Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 22

Data Protection • Failed Authorisation – Template NOT corrected and object NOT accepted – Data Protection • Failed Authorisation – Template NOT corrected and object NOT accepted – Automatic email notification sent to requestor – Automatic email notification sent to “notify” address • Successful update – If Parse and Auth. steps succeed, database is updated – Confirmation by email to requestor Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 23

Authentication/Authorisation – Maintainer object example inetnum: descr: mnt-by: 193. 1. 2. 0/24 SYNFUX-NET MAINT-AU-SYNFLUX Authentication/Authorisation – Maintainer object example inetnum: descr: mnt-by: 193. 1. 2. 0/24 SYNFUX-NET MAINT-AU-SYNFLUX mntner: descr: country: admin-c: tech-c: upd-to: mnt-nfy: auth: mnt-by: changed: MAINT-AU-SYNFLUX Synflux International Pty. AU UG 1 -AP [email protected] com. au CRYPT-PW apnb. Vcktyz 6 UY MAINT-AU-SYNFLUX [email protected] com. au 19990404 Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 24

Authentication/Authorisation • Maintainer specific attributes – notify: • Sends notification of any changes to Authentication/Authorisation • Maintainer specific attributes – notify: • Sends notification of any changes to maintained objects to email address specified – mnt-by: • Maintainers must also be protected! (Normally by themselves) – auth: • Authentication method for this maintainer Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 25

Authentication/Authorisation • ‘auth’ attribute gives authentication method – NONE • Strongly discouraged! – MAIL-FROM Authentication/Authorisation • ‘auth’ attribute gives authentication method – NONE • Strongly discouraged! – MAIL-FROM • Very weak authentication. Discouraged – CRYPT-PW • Crypt (Unix) password encryption • Use web page to create your maintainer – PGP-KEY Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net 26

Questions Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . Questions Anne Lord & Mirjam Kühne . Af. NOG Workshop, 10 May 2001 . http: //www. ripe. net