I remember in the past that companies such as Network Solutions will steal your searched domain name when you perform a domain search at their website.
I want to know, is the built-in command whois safe from this perspective? What the server the command pointed to, and do they collect information?
The whois command is no more safe from a privacy perspective than the server that is queried. It bypasses the front end website, but you still don't know if the server you are querying logs your query. Looking through the source code of the whois command I see that, at least for .com and .net, it uses whois.networksolutions.com.
If you are concerned about the privacy of your whois queries you can specify what service the whois command should use. The -h option of whois allows you to specify what service to use. I just tried this out and it seems to work as expected, example: whois -h whois.name.com stackexchange.com. You can also add rules for what servers to use in /etc/whois.conf to make things more permanent.
Of course there is no way of making sure that your queries are not logged anyway, in the end you will just have to trust some website or whois service.
whois is only very remotely related to the domain name system (DNS). whois tells you things like to whom an address block is allocated to. These queries usually go to the RIRs (ARIN, RIPE NCC, APNIC, LacNIC, AfriNIC). If you want to know whether a certain DNS-domain is available, you must ask some domain registrar.
