[45551] in North American Network Operators' Group
Re: Querying Large Number of Whois Records?
daemon@ATHENA.MIT.EDU (David Charlap)
Thu Feb 7 10:27:58 2002
Message-ID: <3C629CCE.FC4DEF21@marconi.com>
Date: Thu, 07 Feb 2002 10:27:10 -0500
From: David Charlap <David.Charlap@marconi.com>
MIME-Version: 1.0
To: nanog@merit.edu
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Spencer.Wood@dot.state.oh.us wrote:
>
> We are wanting a way to go though our web servers logs, and try to
> get a idea of where our traffic is coming from......
>
> We have a script that works really great, but we have to put a pause
> in it to keep from overloading ARIN...
If you are trying to determine the corporate entities your connections
are coming from (e.g. AOL, vs. Earthlink, vs. Microsoft, etc....), this
might work.
If you are trying to determine geographic location, you will find this
method frought with errors. For instance, the address block I'm sending
this message from is registered to FORE Systems in Warrendale, PA. But
I am actually in a remote office (Vienna, VA), connected to Warrendale
via a corporate leased-line. We also have offices in foreign countries
which may use addresses from the same netblock, so even localizing the
connection to a nationality may not work.
Of course, even if you get the information you want, you are still
assuming that the WHOIS database is accurate, which is not always true.
-- David
