1.1.1.1 是哪裡的 IP?
要查一個IP是哪裡的,應該用whois服務,查詢辦法很多,比如:
- Unix自帶whois 命令
interesting:~ ssss$ whois 1.1.1.1
#
# Query terms are ambiguous. The query is assumed to be:
# "n 1.1.1.1"
#
# Use "?" to get help.
#
#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=1.1.1.1?showDetails=trueshowARIN=falseext=netref2
#
NetRange: 1.0.0.0 - 1.255.255.255
CIDR: 1.0.0.0/8
OriginAS:
NetName: APNIC-1
NetHandle: NET-1-0-0-0-1
Parent:
NetType: Allocated to APNIC
Comment: This IP address range is not registered in the ARIN database.
Comment: For details, refer to the APNIC Whois Database via
Comment: http://WHOIS.APNIC.NET or APNIC - Query the APNIC Whois Database
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to APNIC - About network abuse
RegDate:
Updated: 2010-07-30
Ref: http://whois.arin.net/rest/net/NET-1-0-0-0-1
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: http://whois.arin.net/rest/org/APNIC
ReferralServer: whois://http://whois.apnic.net
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: http://whois.arin.net/rest/poc/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: http://whois.arin.net/rest/poc/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: WHOIS Terms of Use
#
% [http://whois.apnic.net node-6]
% Whois data copyright terms APNIC - APNIC Whois Database Acceptable Use Agreement
inetnum: 1.1.1.0 - 1.1.1.255
netname: Debogon-prefix
descr: APNIC Debogon Project
descr: APNIC Pty Ltd
country: AU
admin-c: AR302-AP
tech-c: AR302-AP
mnt-by: APNIC-HM
mnt-routes: MAINT-AU-APNIC-GM85-AP
mnt-irt: IRT-APNICRANDNET-AU
status: ASSIGNED PORTABLE
changed: hm-changed@apnic.net 20110922
source: APNIC
role: APNIC RESEARCH
address: PO Box 3646
address: South Brisbane, QLD 4101
address: Australia
country: AU
phone: +61-7-3858-3188
fax-no: +61-7-3858-3199
e-mail: research@apnic.net
remarks: ++++++++++++++++++
remarks: + Address blocks listed with this contact
remarks: + are withheld from general use and are
remarks: + only routed briefly for passive testing.
remarks: +
remarks: + If you are receiving unwanted traffic
remarks: + it is almost certainly spoofed source
remarks: + or hijacked address usage.
remarks: +
remarks: + IP address spoofing
remarks: + Regional Internet registry
remarks: +
remarks: ++++++++++++++++++
nic-hdl: AR302-AP
tech-c: AH256-AP
admin-c: AH256-AP
mnt-by: MAINT-APNIC-AP
changed: hm-changed@apnic.net 20110822
source: APNIC
- Windows下面下載工具可以查詢:
Whois
- 在RIR的whois網頁上查詢:
APNIC - Query the APNIC Whois Database
從上面的一段可以看出,這個地址段是試驗性IP,擁有者是APNIC Research,用作被動測試(Passive testing),也就是說你可以收到路由,但是不應該收到由此地址段發來的數據包。
這個地址是有故事的。
由於大量的互聯網設備是由非專業人士配置的(特別是早先),很多人不懂什麼叫私網地址,更不知道怎麼用,在配置他的設備時隨便用1.1.1.1這樣的地址,但這樣就有問題了,1.1.1.1不是私網地址,所以在很多情況下數據包就會被路由到公網(Internet)上。
由於有大量的這樣垃圾數據跑到了互聯網上,最終確實就會被路由到擁有1.1.1.1這個地址的設備上,對於這個設備來說就好像不停地承受著DDOS攻擊, 正常公司誰也不想,也難以承受這麼大量的數據。
所以最後決定留在APNIC(亞太互聯網信息中心, 負責全亞太地區的IP地址分配的機構),作為實驗用途使用。據說從中還能分析出很多有趣的事情,具體就不清楚了。
找一台Mac 或者linux的電腦, 在終端敲 "whois 1.1.1.1" 就能看到這個地址的一些信息, 可以看到它是屬於"APNIC-LABS" 也就是APNIC實驗室的.
$ curl ipinfo.io/1.1.1.1
{
"ip": "1.1.1.1",
"hostname": "No Hostname",
"city": null,
"country": "AU",
"loc": "-27.0000,133.0000",
"org": "AS15169 Google Inc."
}
有很多問題其實你只需在百度上敲一下回車或者滑鼠一個輕輕的拖動就能找到答案,比如百度搜索_1.1.1.1
推薦閱讀:
※為什麼TCP的MSS協商沒有按照小的來?
※關於IP數據報轉發的疑問?
※個人計算機裡面包含網路7層協議的所有協議嗎,每一層分別對應哪個部分?
※交換機mac表的獲取?
※rip,ospf屬於應用層協議,但是路由器只是工作在下三層啊,網路層,數據鏈路層,以及物理層,這怎麼解釋啊?