I hate co-incidences.
At the same time as this story appeared today
http://www.news.com/News/Item/0,4,30366,00.html?st.ne.140.head
whois queries started returning:
I hate co-incidences.
I don't think it's coincidental. Well, maybe it was... Using the default
server that ships with Red Hat Linux's whois, I got that message too. Using
rs8.internic.net, one of the other names in the "hunt group", worked, though.
At the same time as this story appeared today
http://www.news.com/News/Item/0,4,30366,00.html?st.ne.140.head
whois queries started returning:*
* WELCOME to InterNIC Registration Services
*
* Sorry, the system load is temporarily too heavy.
*
* Please wait a while and try again. Thanks
*It's currently 12:34am EST. and the response is still mostly the same.
A query still needs 5-10 attempts before a server responds.
Dig used to (a couple of weeks ago) show a bunch of servers. Now there
is only 1: 198.41.0.6Is anyone else having this problem?
Does anyone else have a solution?
We're trying to track down the source of a dos attack, and this kind of
screwing around to find contact data isn't helpful...
The computers are rs[0-8].internic.net. whois.internic.net is supposed to
work too, but I always forget to use it 
and it's not the compiled-in
default in my particular copy of whois.
Recompile whois and set the default host to whois.internic.net and you
may have better luck.
I hate co-incidences.
I don't think it's coincidental. Well, maybe it was... Using the default
server that ships with Red Hat Linux's whois, I got that message too. Using
rs8.internic.net, one of the other names in the "hunt group", worked, though.
I think I remember that NetSol was using or experimenting with some dynamic load balancing system to help scale up some of their services. If that work was successful then there may be several hosts behind a load balancer... effectively hidden behind a single IP address which seems to be the driver in the assumption that there's now only one host.
We use sililarly configured infrastructure to deploy most of our services (at Critical Path) and believe me... we've got dozens of hosts with many "hiding" behind single IP addresses...
Just a thought I'd put out there before the ISP community heads to northern Virginia with torches and pitchforks.
Yes. And as I think I mentioned, we should probably be reconfiguring our
whois clients to use whois.internic.net. However, I'd REALLY REALLY like for
someone from NetSol to verify this for me. (Please?)
The thing is, whois's standard out-of-the-box config doesn't default to
whois.internic.net...