One of the least glamorous parts of network security is capturing information on Internet hosts that exhibit malicious intent. Here is a script that I’ve created to help automate the process of collecting WHOIS information:
# This script uses native whois command to return the WHOIS information
# of the IP Addresses provided.
# $ ./downloadWHOIS.sh 188.8.131.52
# $ ./downloadWHOIS.sh 184.108.40.206 220.127.116.11 18.104.22.168 etc.
# Set path to save files:
# Set filename prefix and/or suffix:
for args in "$@"
whois $args > $path$prefix$args$suffix
I haven’t tested this script in a true Linux environment, but it works fine in Cygwin. (Not my preferred environment, but it’s what I have to work with.)
Have any scripts you’d like to share? I’d like to see what you’ve come up to make your tedious tasks easier to tackle.
I’ve also created a GitHub Gist for this shell script.