Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-disclosure] www.whois.sc
From: Andreas Gietl (a.gietle-admin.de)
Date: Tue Jun 14 2005 - 08:09:46 CDT
As the results are not very accurate and i see no possibility to gain
these information directly from the host running the ip or any entries
in die ptr for the ip, i guess they just keep a database of domains and
ther ip-adresses and do a lookup on the ip for that ip.
Jimmy Stewpot wrote:
> I have recently seen a web page www.whois.sc. One of the features that
> they have is a "reverse ip" lookup. With that tool I can lookup the IP
> address of a server and it will return how many domains are hosted on it.
> What I have been trying to figure out is how does that work? I did a
> tcpdump on the server that I looked up and it didnt see any abnormal
> packets. Does anyone have any idea how that feature works?
> For example If lookup the following :
> It comes back and shows me several domain names hosted (two to be exact).
> Can anyone shed some light on that?
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
e-admin internet gmbh
Andreas Gietl tel +49 941 3790392 (sipgate)
93051 Regensburg mobil +49 171 6070008
PGP/GPG-Key unter http://www.e-admin.de/gpg.html
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/