Whois Domain Search - Usage Examples
If a business or home computer is under attack by a remote user or computer, your firewall software should have the log of the intrusion or network attack. A hostname search using a whois tool can help identify the computer name, location or network provider of the attacker. When you have this information, you can use it to file an abuse report.
Phishers and spammers can be taken care of by authorities if anyone files a report with evidence, logs and whois search results. A whois query is a great way to fight back against the bad guys.
Scammers, rogueware and malware distributors are easy to identify using a whois tool or search service. An example of a rogue domain is is-download.com. The is-download.com is serving the rogue Internet Security 2010 program. Using a whois query for the domain, you will find the following information about the domain registrant or owner:
The registrant is located in Russia and we can use the above information to report abuse. If the hosting provider or domain registrar is responsible enough, they will take down or disable the offending domain name and the hosting provider should take the website offline.
Malware distributors that will install additional malicious files onto a compromised computer will also have to give up their IP address. The IP address can be used by people to query the database of whois services. The information on the hostname, hosting provider or internet service provider should help you gather information which can later be used to block and report them.
Discussion forum administrators also have access to whois search via their forum software. It is a very useful option to immediately check the location of forum members or newly registered members that have abuse their website e.g. spammers or scammers.