Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Contact Us
Online Help
Domain Status
Man Pages

Virtual Servers

Topology Map

Server Agreement
Year 2038

USA Flag



Man Pages
HINFO(1) FreeBSD General Commands Manual HINFO(1)

hinfo - display (spam) host information

hinfo --help
hinfo --version
hinfo [-bdenstuvw] [+bdenuvw] [-f config] [-p pager]
[-s nameserver] [-t timeout]
[IP | hostname | URL]...
(See the OPTIONS section for alternate option syntax with long option names.)

Hinfo is a utility that will display information about a host. It is primarily designed to find the owner of an IP block in order to direct spam complaints to where they may do some good.
Hinfo decrypts obfuscated IPs and URLs, and will find the host portion of a URL or email address. You can feed it most forms of obfuscated addresses that I've seen and have it extract the IP or hostname.
Hinfo also does DNS lookups to check validity. It will alert if bogus or forged rDNS records are present.
If hinfo is given a hostname domain based blacklist checks are done if the -d option is not specified. If the rDNS isn't forged, domain based lookups are done on it as well.
The IP is then checked with a number of IP based blackhole lists if the -b option is not specified. If the hostname has multiple IPs, all are checked.
Unless the -w option is specified, the whois database is then queried for the owner of the IP block containing this address. Most irrelevant noise is not displayed. Unfortunately, this output is non-uniformly formated and can be difficult to read.
The output is sent through the users pager by default. (Pager can be selected with the -p option, or eliminated with the -n option.) The -u option can be used for HTML formatted output. (implies -n)
Duplicate IPs or hostnames will only be processed once. This is so the high-overhead lookups are not repeated if multiple hostnames with the same IP are on the same command line.
Some optional messages are printed at higher verbosity. -vvv will select all such messages, and +vvv will turn off all such messages.
If it appears that multiple NIC handles have been returned, by default a whois query is done on the first. Use the -e option to lookup all of them, or +e to not look up any.
The -t option specified the time to wait for DNS and whois responses in seconds. It's a compromise between how long running hinfo takes and how complete the information it displays is. The current default is 25 seconds, values 15-60 are reasonable. If you frequently get timeout messages, you may want to increase this or exclude the slow-responding DNSBL.

Most options can be given in either a long or short name form, and may preceded by + rather than - for reverse meaning.
-b or --no-blackhole
Do not use blackhole lists
+b or +-no-blackhole
Use blackhole lists
-d or --no-domain
Do not use domain based queries
+d or +-no-domain
Use domain based queries
-e or --expand-handles
Expand all NIC handles
+e or +-expand-handles
Do not expand any NIC handles
-f or --config-file config
Read configuration options from config. If this is the first option, this will be instead of .hinforc or /etc/hinfo.conf rather than in addition to.
-h or --help
Print the list of options and exit.
-n or --no-pager
Do not use pager on output
-p or --pager pager
Use pager rather than $PAGER
-s or --nameserver
Use DNS server nameserver
-t or --timeout timeout
Stop waiting for DNS and whois responses timeout seconds after the last response
-u or --html
Format output as html
+u or +-html
Do not format output as html
-v or --verbose
request more verbose output. May be specified multiple times for additional verbosity.
+v or +-verbose
Request less verbose output. May be specified multiple times for reduced verbosity.
Display program and configuration versions and exit
-w or --no-whois
Do not do IP block lookups
+w or +-no-whois
Do IP block lookups

The blackhole lists to use, information on whois servers, and the default settings of the options are configured in the file ~/.hinforc, /etc/hinfo.conf, or /usr/local/etc/hinfo.conf. (Only the first found is processed, so if you have a .hinforc, /etc/hinfo isn't read unless you have "use '/etc/hinfo.conf';" in it.) It should be possible to figure it out from the supplied example, but knowing perl would be helpful. If the -f option is the first option, the file specified there is the only one processed.

Blars <>


For information on the current version, see
Version 0.94: 10 Nov 2002

Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.