MacOS – Whois command corrupted on mac

dnsmacososx-maverickswhois

Whois lookup is not displaying correct information. Dig and other network commands work perfectly correct and I'm able to connect to any/everything. However, this whois lookup corruption concerns me. Any ideas? Thanks! The reason I ask is because this is needed for a networking class (professor showed whois in conjunction with showing how to program firewall rules, and I need to be able to do that for the final). It works 'normally' (that is, lists domain info) on other's computers, and if I connect via telnet to internic, I can get it, but the whois command on my mac won't. Any ideas?

Example:

whois google.com

Whois Server Version 2.0 Domain names in the .com and
.net domains can now be registered with many different competing
registrars. Go to http://www.internic.net for detailed information.

GOOGLE.COM.ZZZZZZZZZZZZZZZZZZZZZZZZZZ.HAVENDATA.COM
GOOGLE.COM.ZZZZZZZZZZZZZ.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM
GOOGLE.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM
GOOGLE.COM.ZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM
GOOGLE.COM.ZNAET.PRODOMEN.COM GOOGLE.COM.YUCEKIRBAC.COM
GOOGLE.COM.YUCEHOCA.COM
GOOGLE.COM.WORDT.DOOR.VEEL.WHTERS.GEBRUIKT.SERVERTJE.NET GOOGLE.COM.VN
GOOGLE.COM.VABDAYOFF.COM GOOGLE.COM.UY GOOGLE.COM.UA GOOGLE.COM.TW
GOOGLE.COM.TR GOOGLE.COM..FIND.CRACKZ.WITH.SEARCH.GULLI.COM
GOOGLE.COM.SPROSIUYANDEKSA.RU
GOOGLE.COM.SPAMMING.IS.UNETHICAL.PLEASE.STOP.THEM.HUAXUEERBAN.COM
GOOGLE.COM.SOUTHBEACHNEEDLEARTISTRY.COM GOOGLE.COM.SHQIPERIA.COM
GOOGLE.COM.SA GOOGLE.COM.PK GOOGLE.COM.PE
GOOGLE.COM.NS2.CHALESHGAR.COM GOOGLE.COM.NS1.CHALESHGAR.COM
GOOGLE.COM.MY GOOGLE.COM.MX GOOGLE.COM.LOLOLOLOLOL.SHTHEAD.COM
GOOGLE.COM.LASERPIPE.COM
GOOGLE.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET
GOOGLE.COM.IS.HOSTED.ON.PROFITHOSTING.NET
GOOGLE.COM.IS.APPROVED.BY.NUMEA.COM GOOGLE.COM.HK
GOOGLE.COM.HAS.LESS.FREE.***.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM
GOOGLE.COM.HACKED.BY.JAPTRON.ES GOOGLE.COM.FIBERTREAT.COM
GOOGLE.COM.DO GOOGLE.COM.CO GOOGLE.COM.CN GOOGLE.COM.BR
GOOGLE.COM.BEYONDWHOIS.COM GOOGLE.COM.AU GOOGLE.COM.ARTVISUALRIO.COM
GOOGLE.COM.AR GOOGLE.COM.AFRICANBATS.ORG GOOGLE.COM To single out one
record, look it up with "xxx", where xxx is one of the of the records
displayed above. If the records are the same, look them up with "=xxx"
to receive a full display for each record.

Last update of whois database: Wed, 19 Mar 2014 21:21:54 UTC <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the
registry is currently set to expire. This date does not necessarily
reflect the expiration date of the domain name registrant's agreement
with the sponsoring registrar. Users may consult the sponsoring
registrar's Whois database to view the registrar's reported date of
expiration for this registration. TERMS OF USE: You are not authorized
to access or query our Whois database through the use of electronic
processes that are high-volume and automated except as reasonably
necessary to register domain names or modify existing registrations;
the Data in VeriSign Global Registry Services' ("VeriSign") Whois
database is provided by VeriSign for information purposes only, and to
assist persons in obtaining information about or related to a domain
name registration record. VeriSign does not guarantee its accuracy. By
submitting a Whois query, you agree to abide by the following terms of
use: You agree that you may use this Data only for lawful purposes and
that under no circumstances will you use this Data to: (1) allow,
enable, or otherwise support the transmission of mass unsolicited,
commercial advertising or solicitations via e-mail, telephone, or
facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree
not to use electronic processes that are automated and high-volume to
access or query the Whois database except as reasonably necessary to
register domain names or modify existing registrations. VeriSign
reserves the right to restrict your access to the Whois database in
its sole discretion to ensure operational stability. VeriSign may
restrict or terminate your access to the Whois database for failure to
abide by these terms of use. VeriSign reserves the right to modify
these terms at any time. The Registry database contains ONLY .COM,
.NET, .EDU domains and Registrars.

Best Answer

The whois command on your Mac is perfectly fine.

You're simply querying a different NICNAME server with each tool. The BSD whois tool in MacOS 10 uses the whois-servers.net. mechanism, and in this case is querying the com.whois-servers.net. NICNAME server, run by Verisign Incorporated. Other people's computers are using a different whois command that probably hardwires whois.networksolutions.com., run by Network Solutions LLC, as the NICNAME server.

What you see is what the different NICNAME servers are actually publishing. This is nothing to do with your client tool at all. People have actually registered all of those. Note what the MacOS manual says about the Network Solutions NICNAME server. You're querying the registry's NICNAME server, and seeing a whole load of registrations made through several different registrars, from MarkMonitor to Tucows. The other people are querying one registrar's NICNAME server, and seeing only the registrations made through that specific registrar.

Run 

whois '=google.com'
with the BSD whois tool and you'll receive extended output from the registry's NICNAME server showing where each registrar's individual NICNAME server is. (The output in your question tells you this very trick.) Again, this is a server-side function, and not all NICNAME servers work the same way — as you can see if you try the same trick with the Network Solutions LLC NICNAME server.

One of the reasons that whois commands vary is that the days of there being one place, or even a few places, to go for NICNAME service are long past. You're using one of the more modern whois tools that uses one of two available DNS mechanisms to automatically locate the NICNAME server to use for any given domain name. Other, clunkier and higher-maintenance, whois tools have hardwired NICNAME server names, or configuration files that need regular servicing.

Further reading

  • Jonathan de Boyne Pollard (2010). whois. Internet Utilities for OS/2 user guide.
  • whois. 2004-06-14. MacOS 10 Manual Pages. Apple corporation.
  • Marco d'Itri. whois. Ubuntu manual pages. Canonical.
  • "Site Configuration". GNU jwhois manual. Free Software Foundation.
  • Jonathan de Boyne Pollard (2009). "NICNAME clients that use SRV lookups". Some application clients use SRV lookups, a few (to their embarrassment) do not.. Frequently Given Answers.
  • Jonathan de Boyne Pollard (2009). Providing your own NICNAME service.. Frequently Given Answers.
Related Question