Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

IP tracking?

Posted on 2006-04-05
12
Medium Priority
?
365 Views
Last Modified: 2010-04-11
I was wondering if it was possible to find out more than just the Host of the ip user. For instance, if I was to log onto my msg board and their ip address is logged, besides finding out that they are using COMCAST's network, would I be able to find out anything else?
0
Comment
Question by:tek07
  • 3
  • 2
  • 2
  • +4
12 Comments
 
LVL 75

Expert Comment

by:Aneesh Retnakaran
ID: 16382055
something like this,

Tracert hotmail.com
0
 
LVL 33

Expert Comment

by:masnrock
ID: 16382168
Legally, no. I meant, the way that SOME networks are set up, if you can get names associated with IPs, you can get an idea of what area they're located in. There are programs that let you do tracing, but they're not always accurate.
0
 
LVL 33

Expert Comment

by:masnrock
ID: 16382239
Well, actually... if you were using a script of some sort, you could find out things like the browser and I think the OS they're using and several other things. Do a search for CGI environmental variables to get a sample of things that can be obtained. But you wouldn't be doing that starting from ONLY the IP address.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:tek07
ID: 16382507
yeah that's all i've been able to do. it was just out of curiosity, so i guess there's no real way of tracking down online harrassers.
0
 
LVL 33

Expert Comment

by:masnrock
ID: 16382930
Ahh... yeah, otherwise, you'd have to essentially go through law enforcement and ISPs.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16383090
> so i guess there's no real way of tracking down online harrassers.
no there is no way, except you physically control all servers and devices inbetwwen the harrasser and your server simultanously exactly in that moment the connection is stablished.
This is most likely a legal not a technical problem.
0
 
LVL 5

Expert Comment

by:csgeekpyro
ID: 16383989
With a little bit of javascript you may be able to glean more information about their machine and setup, like window size, browser, color depth, screen size, os, such that you could more or less uniquely fingerprint this user and block him, or better yet, schedule his posts for automatic deletion 5 mins after he posts them.  That way he won't suspect anything and think that the board admin is just *really* on top of things :)
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 16384221
javascript??
for me the only legal reason to mention that in a *Security TA* is in conjunction with malware ;-)
Do you really think a harrasser allows you to execute malware in his browser?
0
 
LVL 5

Expert Comment

by:csgeekpyro
ID: 16384497
I don't mean resort to malware.  Plenty of legitimate scripts (for instance, the one provided with awstats) do this to get statistical info from visitors.  My website uses a script that gets screen size and color depth, so I know what my pages look like to most of my visitors.  It's not malware, just asking the browser a few things it might know.

If the visitor is doing something illegal, and not just annoying, complain to his ISP.  They know who he is and can deal with him if he is using their service for an illegal purpose.
0
 

Expert Comment

by:PaulThornton
ID: 16385876
Using the DNS name can be unreliable as a number of addresses don't have reverse DNS to map the address back to a name.

The IP registries (ARIN in the US, RIPE in Europe, APNIC in the Asia Pacific region, LACNIC in Latin America and AFRINIC in Africa) all have registrations of which blocks of addresses are registered to which organisation.  Unfortunately, if the vast majoirity of your users are home broadband people with one address you are likely to find big assignments of IP addresses in the registry databases to "XYZ provider broadband users".

For IP addresses used by most businesses - ie: more than just 1 address - there will usually be something registered for the owner.

The database you need to look in is the Whois database; for example you can query the one on Arin's home page (www.arin.net) or RIPE's (www.ripe.net).  There is a protocol (the whois protocol) to get this information directly from the database server - a google for 'windows whois client' will provide a wealth of shareware that might help.
0
 
LVL 24

Accepted Solution

by:
SunBow earned 1000 total points
ID: 16386414
> IP tracking?

Sure

> possible to find out more than just the Host of the ip user
> would I be able to find out anything else?

Those with dedicated addresses can have their names and addresses made available as the licensee (registration process requires human contact)

aneeshattingal > Tracert hotmail.com

:-))    cute

> yeah that's all i've been able to do. it was just out of curiosity, so i guess there's no real way of tracking down online harrassers.

Oh. OK, I'll agree with masnrock too...
Odds are that a harasser does not think they will be caught, getting randomly obscure IP from ISP or whatever.

ahoffmann >  think a harrasser allows you to execute malware

hmm. Interesting question. My guess is yes they would, but I don't happen to know any harassers, or avoid them well, or whatever

csgeekpyro > If the visitor is doing something illegal, and not just annoying, complain to his ISP.

by all means.
and .... what is this deal about message and harassing?
For example, if you are the coder or manager, have IDs and passwords and kick their tail back across the border if they refuse to obey rules. If they break in, kill their address, even to point of denying entire ISP

If it is not your message board, like
www.experts-exchange.com
then raising issue with site administrator is in order, and if they do not act then the board is no good, move on, there's plenty to pick from on that front

PaulThornton > Using the DNS name can be unreliable as a number of addresses don't have reverse DNS to map the address back to a name.

not really, all can have a name, it just might be the name of an ISP, not the actual punk-rocker across the street (or jock... or ...) from where you live - who needs education in manners. The reverse lookup issue is more LAN based than WAN

>  there will usually be something registered for the owner.

:-))
0
 

Expert Comment

by:PaulThornton
ID: 16389711
I wasn't very clear about the IP address reverse DNS...  Of course, as SunBow says, all IP addresses can resolve back to a hostname - however don't rely on all of them actually doing so as configuring this is sadly quite a neglected part of IP address administration for some providers (mentioning no names, of course!).
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Securing your business data in current era should be your biggest priority. Numerous people are unaware of the fact that insiders commit more than 60 percent of security breaches. You need to figure out the underlying cause and invoke your potential…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question