WHOIS (pronounced as the phrase who is) is a query and response protocol that is widely used for querying databases that store the registered users or assignee’s of an Internet resource. Assigned Names and Numbers (ICANN), the organization tasked by the government with managing domain names, requires contact information for every domain owners to be publicly listed in a WHOIS database. This makes it easy for anyone to find and contact the owner of a domain name. WHOIS lists information such as phone numbers, emails, and home addresses.
20th century WHOIS servers were highly permissive and would allow wild-card searches. A WHOIS query of a person’s last name would yield all individuals with that name. A query with a given keyword returned all registered domains containing that keyword. A query for a given administrative contact returned all domains the administrator was associated with. Since the advent of the commercialized Internet, multiple registrars and unethical spammers, such permissive searching is no longer available.
However, WHOIS is still criticised for the lack of domain privacy. Currently ICANN broadly requires that the mailing address, phone number and e-mail address of those owning or administrating a domain name to be made publicly available through the WHOIS directories. The registrant’s (domain owner’s) contact details, such as address and telephone number, are easily accessible to anyone who queries a WHOIS server. However, that policy enables spammers, direct marketers, identity thieves, or other attackers to loot the directory for personal information about these people. Although ICANN has been exploring changing WHOIS to enable greater privacy, there is a lack of consensus among major stakeholders as to what type of change should be made.
There is a way to protect against this. On a .com or a .net domain the utilisation of private registrations (also known as domain privacy) show the contact information of the registrar is shown instead of the customer’s. With the offer of private registration from many registrars, some of the risk has been mitigated. Unfortunately, due to auDA regulations, domain privacy cannot be purchased for .com.au or .net.au domains.
Interested in looking up a domain? Here is one of the many WHOIS Lookup Tools.
Subscribe to our newsletter to keep up to date with all our tutorials including .NET development, database software changes and more.