I might agree with the security involved in being able to query the database. However, I don't agree with the limitation of what records can be accessed. As recently as last night (apparently before the "server" feature became unavailable) I used this tool to get information that pertained to me on records that were not "mine". I recently had a new /24 routed to me by my upstream, and after examining my filter logs I saw a slew of nameservice requests battering me from many locations to an IP address that wasn't even active on my new network. A quick query on the netblock with the "host" wildcard showed a nameservers that _used_ to be in my address space. Then, queries about that nameserver with the "server" command told me what domain contacts I needed to talk to in order to have them change their primary/secondary listings at the InterNIC. Email is sub-optimal, due to complexity of access and speed. Can you say you've never had problems with their _current_ store-and-forward order systems? (eg: domain registration) Besides, the exception rules become a LOT more difficult to deal with - if I have to look something up that is NOT under my contact name, do I really want to talk with the domain registration army they have answering the help lines at the NIC? (especially after what I'm sure will be a huge hiring binge after their stock run!) Do you think they have the SLIGHTEST clue what I'm talking about? Nope. I don't feel like wasting my time, either. Just my $.02 - I believe in authorization trails and unlimited access to data. If the unlimited access becomes a problem... deny authorization. Give me all the tools, and if they're abused, then take the access away. Has there been any "official" comment from the InterNIC as to why this "whois" feature suddenly doesn't work as of some time last night? Or is this merely "broken" instead of deactivated? JT At 03:30 PM 12/18/98 -0500, Jeffrey Haas wrote:
On Fri, Dec 18, 1998 at 01:31:16PM -0600, Phil Howard wrote:
But a means still needs to exist for the authorized contact for a host to be able to get the full server list that Internic has for that host. Sending the list by e-mail to the contact of record would seem to me to be the best way to do it.
I would wholeheartedly support locking out the server directive if I was given one of these two methods:
authenticate yourself by telneting into internic.net at the whois prompt. From there, I could then issue a query for all domains that list my server's NIC handles.
So, in my case, I'm MNO5. I could then query for anything that MNO5 is either: o a contact o a dns server attached to my contact
I could even live with the request being done live and then e-mailed to me.
I would _really_ love a way to lame delegate my stuff via password login as well in a batch fashion.
I'm wondering if part of the problem is they're changing DB systems, and don't have the appropriate macros installed yet.
-- *-----------------------------* Phil Howard KA9WGN * --
-- Jeffrey Haas "Denial of Spamming is not a crime." elezar@pfrc.org -- Russell Nelson <nelson@crynwr.com>