[Dshield] IP Address --> Country Script
justin at jfoobar.com
Wed Dec 17 18:10:54 GMT 2003
At 08:51 AM 12/17/2003 -0600, Samantha Fetter wrote:
>you can also do it as
>whois 188.8.131.52 | grep -i "country:"
>as the -i will force it to ignore case.
I have noticed that often a whois for an IP generates multiple lines of
"country" output and these countries do not always match up. It is usually
pretty easy to pick the correct country (by examining the data associated
with the most narrow IP allocation range) within the whois
output. However, only seeing the country lines returned via grep will not
afford one that opportunity (nor would they want it since this is supposed
to be scripted, dang it :)).
Is it consistent that the first return (i.e. the data at the top of whois
output) is the most narrow range and therefore the most accurate?
Also, there are some countries (Japan comes immediately to mind) where the
whois output often does not contain a country line at all.
-------------- next part --------------
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.459 / Virus Database: 258 - Release Date: 2/25/2003
More information about the list