Whois package on NethServer Fail2ban Module

fail2ban

(Gabriel GHEORGHIU) #21

net


(Mark Verlinde) #22

my output of whois 8.8.8.8

[root@ ~]# whois 8.8.8.8

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/whois_reporting/index.html
#



# start

NetRange:       8.0.0.0 - 8.127.255.255
CIDR:           8.0.0.0/9
NetName:        LVLT-ORG-8-8
NetHandle:      NET-8-0-0-0-1
Parent:         NET8 (NET-8-0-0-0-0)
NetType:        Direct Allocation
OriginAS:
Organization:   Level 3 Parent, LLC (LPL-141)
RegDate:        1992-12-01
Updated:        2018-04-23
Ref:            https://whois.arin.net/rest/net/NET-8-0-0-0-1



OrgName:        Level 3 Parent, LLC
OrgId:          LPL-141
Address:        100 CenturyLink Drive
City:           Monroe
StateProv:      LA
PostalCode:     71203
Country:        US
RegDate:        2018-02-06
Updated:        2018-02-22
Ref:            https://whois.arin.net/rest/org/LPL-141


OrgAbuseHandle: IPADD5-ARIN
OrgAbuseName:   ipaddressing
OrgAbusePhone:  +1-877-453-8353
OrgAbuseEmail:  ipaddressing@level3.com
OrgAbuseRef:    https://whois.arin.net/rest/poc/IPADD5-ARIN

OrgTechHandle: IPADD5-ARIN
OrgTechName:   ipaddressing
OrgTechPhone:  +1-877-453-8353
OrgTechEmail:  ipaddressing@level3.com
OrgTechRef:    https://whois.arin.net/rest/poc/IPADD5-ARIN

# end


# start

NetRange:       8.8.8.0 - 8.8.8.255
CIDR:           8.8.8.0/24
NetName:        LVLT-GOGL-8-8-8
NetHandle:      NET-8-8-8-0-1
Parent:         LVLT-ORG-8-8 (NET-8-0-0-0-1)
NetType:        Reallocated
OriginAS:
Organization:   Google LLC (GOGL)
RegDate:        2014-03-14
Updated:        2014-03-14
Ref:            https://whois.arin.net/rest/net/NET-8-8-8-0-1



OrgName:        Google LLC
OrgId:          GOGL
Address:        1600 Amphitheatre Parkway
City:           Mountain View
StateProv:      CA
PostalCode:     94043
Country:        US
RegDate:        2000-03-30
Updated:        2017-12-21
Ref:            https://whois.arin.net/rest/org/GOGL


OrgTechHandle: ZG39-ARIN
OrgTechName:   Google LLC
OrgTechPhone:  +1-650-253-0000
OrgTechEmail:  arin-contact@google.com
OrgTechRef:    https://whois.arin.net/rest/poc/ZG39-ARIN

OrgAbuseHandle: ABUSE5250-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-650-253-0000
OrgAbuseEmail:  network-abuse@google.com
OrgAbuseRef:    https://whois.arin.net/rest/poc/ABUSE5250-ARIN

# end



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/whois_reporting/index.html
#

in other words your curllpit is getting whois to work maybe others have insights on this :hushed:


(Gabriel GHEORGHIU) #23

@mark_nl : Thank you for your support!

@stephdl: There is other way than from Software center to remove all F2B and all dependencies (whois, jwhois, pwhois, perl-net-whois-ip, perl-net-whois-raw, …)?

TIA,
Gabriel


(Gabriel GHEORGHIU) #24

@stephdl
@mark_nl

OK!

The problem is the port 43 which must be opened on my UTM (outbound traffic from DMZ to WAN). This port is used by IANA for WHOIS services.

How can I remove all F2B to reinstall?

EDIT:

No need to reinstall. Now it’s working!
Thank you all for support!

Kind regards,
Gabriel


(Stéphane de Labrusse) #25

For the sake of sysadmin, how did you solve your issue please


(Gabriel GHEORGHIU) #26

My NS email server is placed in DMZ.
For outgoing traffic from DMZ to WAN, I open only necessary ports.
During tests with @mark_nl (thank you again!), I thought that Whois service need an open port to communicate with whois.arin.net.
“I asked” Google to tell me which ports must be opened on firewall to reach whois.arin.net. And Google told me! VIVA LAS … GOOGLE! :wink:

Thank you again for your time!


(Stéphane de Labrusse) #27

ok nothing that we can do on the nethserver side


(Gabriel GHEORGHIU) #28

No, nothing wrong from NethServer!
Maybe is good to know for some scenarios.
On Tips & Tricks.