Name from IPAddress

Or you could use PING -A <IP_address> --either will work. (The -A parameter tells PING to attempt a reverse DNS lookup).

As above.

the above will give you the domain name of the IP address as reported by the DNS server.

If you want to know who owns and registered the address then try a WHOIS database.

http://www.ripe.net/ripencc/pub-services/db/whois/whois.html
http://www.netsol.com/cgi-bin/whois/whois
http://www.internic.net/cgi-bin/whois

Or just:
Nslookup <IP>

However, only a very moronic hacker would be attacking from an IP that is registered in any DNS server.  If he/she is, than most likely he/she is spoofing or relaying off of somebody else's IP so the information is probably useless :)

I would have to agree with Scraig84, without intercepting it it with a packet sniffer, the information from where it came from would be useless.

Sam Spade is a very good tool to give you all the information you want from one interface:

http://www.pcworld.com/downloads/file_description.asp?fid=4709

Or NeoTrace Pro shows you on a map where the source IP came from. Quite entertaining....

You may try the ping or trace commands but if the other computer is beside a firewall too, good chance you could be rejected by the other firewall. All kind of tools are good but.....

Also is you use a connection (modem, adsl, cable, etc) with dhcp you may have pick-up an IP of someone who shared files (like WinMX, Napster, etc) this address is a address book somewhere in those system. In addition they may also change IP each time they get on the internet.

Hope this will help

Most of the traffic that I want to find is on my local network.

I have tried ping -a, but this does not always work

I will test some of the other solutions

Back Soon
Andrew

>  Is there any way of obtaining the name of the computer from the IPAddress.

"Ping -a ..." assuming MS OS, then pjknibbs provided this
Do not abuse it. Do not assume that the machine "has to" respond, it does not.

More properly, the answer is to request the reverse lookup from the referenced DNS server. Oops, I mean ditto Nenadic, who said it, more completely imo.

> Sam Spade is a very good tool to

I disagree. I used it for awhile, but then it got to be too cumbersome, uninformative, timing out, under construction, whatever. The site wasted too much of my time. But last visit there did demonstrate that there are a variety of similar question types that could have easy answers. Give you that.

> However, only a very moronic hacker ...

You can often view info for neighborhood 'script kiddie', but outside your local group I agree with scraig84, give it up (accuracy assumption).

> agree with Scraig84, without intercepting it it with a packet sniffer, the information from where it came from would be useless.

Point is that the sniffer is reduced to uselessness, in and of itself

> good chance you could be rejected by the other firewall.

Incomplete, IMO, the ID problem is the nature of proxy, but the trace itself has gone further

> In addition they may also change IP each time they get on the internet.

More common than news-wiz's allude, leaving us false assumptions

> Most of the traffic that I want to find is on my local network.

Odds are it is people you want to talk to. Consider relationships of client and server, your desire to browse, to get updates to display or to file.

You want to have icon to see if something is available on your network? You will get a a requisite packet, or not see it. Similarly, admin may run programs to display users connected (or not) as part of troubleshooting problems (before they get real big)

> I have tried ping -a, but this does not always work

Then nothing else will. Well, what I mean is if it is not in DNS then no tool that depends on DNS for an answer will succeed. The same tools can be used on other dns servers. But that takes longer to explain. Do more nsLookUps (on your own - it has help available)

> Most of the traffic that I want to find is on my local network.

Sorry, not really doable (easily) if any size at all and not in position of authority - perhaps NetAdmin. For one, even having rules such as naming desktops by employee name or sequence number, NetAdmins are notorious for NOT following same policies that THEY say that others must. So they hide themselves better. This includes hiring out for 'professional' services such as from MCI! In the larger world, note that you do NOT need a name defined (in DNS) in order to transmit internet packets. The packets DO require address. The name(s) are used to simplify finding address for human consumption, thus the references above mentioning the you can lookup in reverse, or inverse, the meaning is that the 'normal' lookup is from name to address.

! What does this mean? Common users will never really need their names in dns, for they do not commonly communicate that way, don't have to lookup each other.  Many H/W devices also do not need names, such as for hubs printers switches... More commonly, names are first used for servers, so if their IP address changes, for whatever reason, for communication purposes their names can be hardcoded, and they can skip any reconfiguration needs that otherwise would have occured if the address (of other server) were hardcoded. One exception is DNS server itself. It's a catch-22 to try to find dns server based on its name. It cannot translate name until it translates its IP, not doable. Still, for many reasons, the dns server is usually listed in its own tables.

There are exeptions, because we are referring here to two separate tables, one for translating each way. Not a single table where there are two directions of use. Thus, name+address can be in one table but not other. This is also called ERROR (likely human). There may be a valid reason to have lookup capability in one table but not the other. I cannot think of a single one today.

Best answer is ping-a or have you be more clear on real need here. IMHO, KISS it (don't guess, just spell it out).

> Is there any way of obtaining the name of the computer from the IPAddress.

yes, "ping -a ..."

> I am sure this is relativly simple

wasn't it? Just a few simple letters.

If name is not provided by that simple command, then it is not defined in DNS and not retrieveble, and there is your answer. Spelled more completely by more modern tracert and Windoze pingers that display name as "undefined" (at cost - high cost of network bandwidth and program's time to completion status, relatively speaking --- prove this yourself by running simple ping -a, or tracert, that returns a name, vs one that does not,,, while the screen tells you 10ms or maybe 2 ms; take a look at your watch instead. Trust me, the seconds will tick on by).

> I will test some of the other solutions

They won't help, unless you had mapped to wrong dns server, which I consider unlikely since you likely succeeded in using dns several times in order to find experts-exchange.

> I have have a firewall on my computer wich will display the IPAddress of anyone attemting to gain access to my computer.

So?

If you can simplify this using logs, and cutting back on the servers you can lookup, then half of remainder you should be able to figure out just by the nature of knowing that you need certain behaviors for your business. Now, depending of firewall, you ought have a small list of computers left. One may be for dns, another dhcp, another for polling, maybe snmp, but you should have a list of ports for those you have yet to identify. If your firewall won't describe them to you, by all means come back to experts-exchange to ask about one of the ports you get hit on. Similarly, if you have identified bad_guy, there may be other means to locate chair, feel free to return here for that. Until then,

Let's be grateful this big monster of internet still runs, despite it all. (if eyes still open, then, here:)

            http://www.iana.org/assignments/port-numbers

tracert (windows) or traceroute (unix and cisco) will show you the hops to the machine, and if you can resolve internet addresses, the names of the routers.  Like said above any half decent hacker is not going to have a dns record for the ip address it originated (if not spoofed).  Tracing it will show you to a point which network it originated from.  I.E. if you origninate from PSINet you may see PSINet at the top, then as you resolve further you'll see cw.net (Cable and Wireless).  This will at least give you an idea of where it's coming from, and if it was an attack, the network the ip is attached too should handle it.

The solution for your problem is:

Better you install WINS in on one of the windows NT/2000 server. Make all the systems wins client's of that server.
Only this will work for your LAN.

OK
bye

Administration will be contacting you shortly.

Question(s) below appears to have been abandoned. Your options are:
 
1. Accept a Comment As Answer (use the button next to the Expert's name).
2. Close the question if the information was not useful to you. You must tell the participants why you wish to do this, and allow for Expert response.
3. Ask Community Support to help split points between participating experts, or just comment here with details and we'll respond with the process.
4. Delete the question. Again, please comment to advise the other participants why you wish to do this.

For special handling needs, please post a zero point question in the link below and include the question QID/link(s) that it regards.
http://www.experts-exchange.com/jsp/qList.jsp?ta=commspt
 
Please click the Help Desk link on the left for Member Guidelines, Member Agreement and the Question/Answer process.  http://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp

Please click you Member Profile to view your question history and keep them all current with updates as the collaboration effort continues, to track all your open and locked questions at this site.  If you are an EE Pro user, use the Power Search option to find them.

To view your open questions, please click the following link(s) and keep them all current with updates.
http://www.experts-exchange.com/questions/Q.20163146.html
http://www.experts-exchange.com/questions/Q.20184793.html
http://www.experts-exchange.com/questions/Q.20272260.html


To view your locked questions, please click the following link(s) and evaluate the proposed answer.
http://www.experts-exchange.com/questions/Q.20265319.html

PLEASE DO NOT AWARD THE POINTS TO ME.  
 
------------>  EXPERTS:  Please leave any comments regarding your closing recommendations if this item remains inactive another seven (7) days.  Also, if you are interested in the cleanup effort, please click this link http://www.experts-exchange.com/jsp/qManageQuestion.jsp?ta=commspt&qid=20274643
 
Thank you everyone.
 
Moondancer
Moderator @ Experts Exchange