With all this talk of tracing attacks I just noticed that whois -h whois.arin.net seems to not be as informative as it used to be. When looking up various ASN I sometimes get the information I want, but frequently I get: Sorry, you shouldn't see this record. or No match for ASN "..." (Sample ASes are 2855, 5400, 9057, 11486) Did I miss some policy change? -mark P.S. Fortunately, various radb-like entities still list information for a lot of ASes.
With all this talk of tracing attacks I just noticed that whois -h whois.arin.net seems to not be as informative as it used to be.
When looking up various ASN I sometimes get the information I want, but frequently I get:
Sorry, you shouldn't see this record.
or
No match for ASN "..."
(Sample ASes are 2855, 5400, 9057, 11486)
Did I miss some policy change?
I noticed this a little while ago and reported it to noc@arin.net - 10# host whois.arin.net whois.arin.net has address 192.149.252.22 whois.arin.net has address 192.149.252.21 My perspective is that the .22 server seems to be messed up, and that querying the .21 server gets good results. -mm-
I get responses from whois.arin.net for all but AS5400. 2855 and 9057 are handled by RIPE, but I still get a listing for the AS ranges assigned to RIPE. For 11486 I get:
whois -h whois.arin.net 11486 Worldcom Advance Networks (ASN-WAN) 1945 Old Gallows Road Vienna, VA 22182-3931 US
Autonomous System Name: WAN Autonomous System Number: 11486 For 5400, the first time I got:
whois -h whois.arin.net 5400 Sorry, you shouldn't see this record.
The ARIN Registration Services Host contains ONLY Internet [SNIP] but the second time I tried (some six minutes later) I got:
whois -h whois.arin.net 5400 European Regional Internet Registry/RIPE NCC (ASN-RIPE-ASNBLOCK5-ASNBLOCK) These ASNs have been further assigned to European users. Their contact information can be found in the RIPE database. See below how to use that database to obtain up-to-date information.
Autonomous System Name: RIPE-ASNBLOCK5 Autonomous System Block: 5377 - 5631 Doesn't seem normal, since this is the first time I've ever seen that type of behavior. -- Joseph W. Shaw - jshaw@insync.net Computer Security Consultant and Programmer Free UNIX advocate - "I hack, therefore I am." On Thu, 10 Feb 2000, Mark Kent wrote:
With all this talk of tracing attacks I just noticed that whois -h whois.arin.net seems to not be as informative as it used to be.
When looking up various ASN I sometimes get the information I want, but frequently I get:
Sorry, you shouldn't see this record.
or
No match for ASN "..."
(Sample ASes are 2855, 5400, 9057, 11486)
Did I miss some policy change?
-mark
P.S. Fortunately, various radb-like entities still list information for a lot of ASes.
That happened once with me today... I looked at it funny, showed it to a couple other folks who also looked at it funny, and then tried again and it worked. Sounds like some sort of overload condition with an inaccurate message... -rt -- Ryan Tucker <rtucker@netacc.net> Unix Systems Administrator NetAccess, Inc. Phone: +1 716 756-5596 3495 Winton Place, Building E, Suite 265, Rochester NY 14623 www.netacc.net On Thu, 10 Feb 2000, Mark Kent wrote:
With all this talk of tracing attacks I just noticed that whois -h whois.arin.net seems to not be as informative as it used to be.
When looking up various ASN I sometimes get the information I want, but frequently I get:
Sorry, you shouldn't see this record.
or
No match for ASN "..."
(Sample ASes are 2855, 5400, 9057, 11486)
Did I miss some policy change?
-mark
P.S. Fortunately, various radb-like entities still list information for a lot of ASes.
participants (4)
-
Joe Shaw
-
Mark E. Mallett
-
Mark Kent
-
Ryan Tucker