Solved

Tracing an IP Address

Posted on 2008-06-19
6
1,014 Views
Last Modified: 2008-10-07
Hi  I have a few IP addresses from the Philippines.  I have traced them using ip-address.com.  

202.69.178.197    This shows as Davo City

202.69.188.253    This also shows as Davo City

Can I be sure that this is where the Email was sent from?   Is there any possibility that a wireless network or other issues would cause this location to be wrong based on the IP address?

Thanks

0
Comment
Question by:service07
  • 2
6 Comments
 
LVL 7

Expert Comment

by:johnny_the_knife
ID: 21827810
You can be pretty sure the IP address of the sending mail server in the headers of your email is correct.  Whether the owner of that IP address / Server actually instigated the transmission of the emails is a different matter.

It's possible the mail server is operating in an Open Relay configuration or some software vulnerability, virus etc has been used to send the mail.
0
 

Author Comment

by:service07
ID: 21827936
Johnny....are you saying that I can be pretty sure that the IP addresses I listed above are a correct match to Davo City?  I am confident the sender of the Emails did not try to fake the IP address.   The sender of the Emails was NOT supposed to be in that area of the country.  So I want to be fairly sure that the IP address in the Email matches correctly to the Davo City before I begin to ask questions

Please reply back so I can give you your points

Thanks
0
 
LVL 3

Accepted Solution

by:
RTh0037 earned 500 total points
ID: 21828615

The IP address info is correct based upon the IP address provided.  As you mentioned, this is in fact provided the IP address was not spoofed or the email was not relayed off another mail server.

IP Info on 202.69.178.197.


address location & IP address info:
IP address [?]: 202.69.178.197
IP address country:  Philippines  
IP address state: Davao City
IP address city: Pampanga
IP address latitude: 7.110000
IP address longitude: 125.648903
ISP of this IP [?]: ComClark Network & Technology Corp.
Organization: Comclark Digitel RAS
Local Time of this IP country: 2008-06-20 13:18



inetnum:      202.69.178.0 - 202.69.178.255
netname:      COMCLARK-DIGITEL-RAS
descr:        Comclark Digitel RAS
country:      PH
admin-c:      MM651-AP
admin-c:      PV32-AP
tech-c:       MM651-AP
tech-c:       PV32-AP
status:       ASSIGNED NON-PORTABLE
mnt-by:       MAINT-PH-COMCLARK
changed:      apnic@comclark.com 20060503
changed:      mcmagat@comclark.com 20060503
source:       APNIC

person:       Michael Magat
nic-hdl:      MM651-AP
e-mail:       mcmagat@comclark.com
address:      Comclark Bldg. Pres. M.A. Roxas Hi-way, CSEZ Clarkfield, Pampanga
phone:        +63-45-599-3777
fax-no:       +63-45-599-3777
country:      PH
changed:      mcmagat@comclark.com 20060425
mnt-by:       MAINT-NEW
source:       APNIC

person:       Philip Michael Vargas
nic-hdl:      PV32-AP
e-mail:       apnic@comclark.com
address:      Comclark Bldg. Pres. M.A. Roxas Hi-way, CSEZ Clarkfield, Pampanga
phone:        +63-45-599-3777
fax-no:       +63-45-599-3777
country:      PH
changed:      apnic@comclark.com 20060123
mnt-by:       MAINT-NEW
source:       APNIC
0
 
LVL 3

Expert Comment

by:RTh0037
ID: 21831440
Not sure why points are not divided since he provided very little information
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
export data from ASA 5 48
Networking/NAT rules 4 31
Cisco IOS cempMemBufferPeak  notification SNMP 5 28
Sonicwall blocks a site 49 52
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Is your computer hacked? learn how to detect and delete malware in your PC
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now