IP tracking?

I was wondering if it was possible to find out more than just the Host of the ip user. For instance, if I was to log onto my msg board and their ip address is logged, besides finding out that they are using COMCAST's network, would I be able to find out anything else?
tek07Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Aneesh RetnakaranDatabase AdministratorCommented:
something like this,

Tracert hotmail.com
0
masnrockCommented:
Legally, no. I meant, the way that SOME networks are set up, if you can get names associated with IPs, you can get an idea of what area they're located in. There are programs that let you do tracing, but they're not always accurate.
0
masnrockCommented:
Well, actually... if you were using a script of some sort, you could find out things like the browser and I think the OS they're using and several other things. Do a search for CGI environmental variables to get a sample of things that can be obtained. But you wouldn't be doing that starting from ONLY the IP address.
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

tek07Author Commented:
yeah that's all i've been able to do. it was just out of curiosity, so i guess there's no real way of tracking down online harrassers.
0
masnrockCommented:
Ahh... yeah, otherwise, you'd have to essentially go through law enforcement and ISPs.
0
ahoffmannCommented:
> so i guess there's no real way of tracking down online harrassers.
no there is no way, except you physically control all servers and devices inbetwwen the harrasser and your server simultanously exactly in that moment the connection is stablished.
This is most likely a legal not a technical problem.
0
csgeekpyroCommented:
With a little bit of javascript you may be able to glean more information about their machine and setup, like window size, browser, color depth, screen size, os, such that you could more or less uniquely fingerprint this user and block him, or better yet, schedule his posts for automatic deletion 5 mins after he posts them.  That way he won't suspect anything and think that the board admin is just *really* on top of things :)
0
ahoffmannCommented:
javascript??
for me the only legal reason to mention that in a *Security TA* is in conjunction with malware ;-)
Do you really think a harrasser allows you to execute malware in his browser?
0
csgeekpyroCommented:
I don't mean resort to malware.  Plenty of legitimate scripts (for instance, the one provided with awstats) do this to get statistical info from visitors.  My website uses a script that gets screen size and color depth, so I know what my pages look like to most of my visitors.  It's not malware, just asking the browser a few things it might know.

If the visitor is doing something illegal, and not just annoying, complain to his ISP.  They know who he is and can deal with him if he is using their service for an illegal purpose.
0
PaulThorntonCommented:
Using the DNS name can be unreliable as a number of addresses don't have reverse DNS to map the address back to a name.

The IP registries (ARIN in the US, RIPE in Europe, APNIC in the Asia Pacific region, LACNIC in Latin America and AFRINIC in Africa) all have registrations of which blocks of addresses are registered to which organisation.  Unfortunately, if the vast majoirity of your users are home broadband people with one address you are likely to find big assignments of IP addresses in the registry databases to "XYZ provider broadband users".

For IP addresses used by most businesses - ie: more than just 1 address - there will usually be something registered for the owner.

The database you need to look in is the Whois database; for example you can query the one on Arin's home page (www.arin.net) or RIPE's (www.ripe.net).  There is a protocol (the whois protocol) to get this information directly from the database server - a google for 'windows whois client' will provide a wealth of shareware that might help.
0
SunBowCommented:
> IP tracking?

Sure

> possible to find out more than just the Host of the ip user
> would I be able to find out anything else?

Those with dedicated addresses can have their names and addresses made available as the licensee (registration process requires human contact)

aneeshattingal > Tracert hotmail.com

:-))    cute

> yeah that's all i've been able to do. it was just out of curiosity, so i guess there's no real way of tracking down online harrassers.

Oh. OK, I'll agree with masnrock too...
Odds are that a harasser does not think they will be caught, getting randomly obscure IP from ISP or whatever.

ahoffmann >  think a harrasser allows you to execute malware

hmm. Interesting question. My guess is yes they would, but I don't happen to know any harassers, or avoid them well, or whatever

csgeekpyro > If the visitor is doing something illegal, and not just annoying, complain to his ISP.

by all means.
and .... what is this deal about message and harassing?
For example, if you are the coder or manager, have IDs and passwords and kick their tail back across the border if they refuse to obey rules. If they break in, kill their address, even to point of denying entire ISP

If it is not your message board, like
www.experts-exchange.com
then raising issue with site administrator is in order, and if they do not act then the board is no good, move on, there's plenty to pick from on that front

PaulThornton > Using the DNS name can be unreliable as a number of addresses don't have reverse DNS to map the address back to a name.

not really, all can have a name, it just might be the name of an ISP, not the actual punk-rocker across the street (or jock... or ...) from where you live - who needs education in manners. The reverse lookup issue is more LAN based than WAN

>  there will usually be something registered for the owner.

:-))
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
PaulThorntonCommented:
I wasn't very clear about the IP address reverse DNS...  Of course, as SunBow says, all IP addresses can resolve back to a hostname - however don't rely on all of them actually doing so as configuring this is sadly quite a neglected part of IP address administration for some providers (mentioning no names, of course!).
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.