Solved

Tracing an IP Address

Posted on 2008-06-19
6
1,025 Views
Last Modified: 2008-10-07
Hi  I have a few IP addresses from the Philippines.  I have traced them using ip-address.com.  

202.69.178.197    This shows as Davo City

202.69.188.253    This also shows as Davo City

Can I be sure that this is where the Email was sent from?   Is there any possibility that a wireless network or other issues would cause this location to be wrong based on the IP address?

Thanks

0
Comment
Question by:service07
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 7

Expert Comment

by:johnny_the_knife
ID: 21827810
You can be pretty sure the IP address of the sending mail server in the headers of your email is correct.  Whether the owner of that IP address / Server actually instigated the transmission of the emails is a different matter.

It's possible the mail server is operating in an Open Relay configuration or some software vulnerability, virus etc has been used to send the mail.
0
 

Author Comment

by:service07
ID: 21827936
Johnny....are you saying that I can be pretty sure that the IP addresses I listed above are a correct match to Davo City?  I am confident the sender of the Emails did not try to fake the IP address.   The sender of the Emails was NOT supposed to be in that area of the country.  So I want to be fairly sure that the IP address in the Email matches correctly to the Davo City before I begin to ask questions

Please reply back so I can give you your points

Thanks
0
 
LVL 3

Accepted Solution

by:
RTh0037 earned 500 total points
ID: 21828615

The IP address info is correct based upon the IP address provided.  As you mentioned, this is in fact provided the IP address was not spoofed or the email was not relayed off another mail server.

IP Info on 202.69.178.197.


address location & IP address info:
IP address [?]: 202.69.178.197
IP address country:  Philippines  
IP address state: Davao City
IP address city: Pampanga
IP address latitude: 7.110000
IP address longitude: 125.648903
ISP of this IP [?]: ComClark Network & Technology Corp.
Organization: Comclark Digitel RAS
Local Time of this IP country: 2008-06-20 13:18



inetnum:      202.69.178.0 - 202.69.178.255
netname:      COMCLARK-DIGITEL-RAS
descr:        Comclark Digitel RAS
country:      PH
admin-c:      MM651-AP
admin-c:      PV32-AP
tech-c:       MM651-AP
tech-c:       PV32-AP
status:       ASSIGNED NON-PORTABLE
mnt-by:       MAINT-PH-COMCLARK
changed:      apnic@comclark.com 20060503
changed:      mcmagat@comclark.com 20060503
source:       APNIC

person:       Michael Magat
nic-hdl:      MM651-AP
e-mail:       mcmagat@comclark.com
address:      Comclark Bldg. Pres. M.A. Roxas Hi-way, CSEZ Clarkfield, Pampanga
phone:        +63-45-599-3777
fax-no:       +63-45-599-3777
country:      PH
changed:      mcmagat@comclark.com 20060425
mnt-by:       MAINT-NEW
source:       APNIC

person:       Philip Michael Vargas
nic-hdl:      PV32-AP
e-mail:       apnic@comclark.com
address:      Comclark Bldg. Pres. M.A. Roxas Hi-way, CSEZ Clarkfield, Pampanga
phone:        +63-45-599-3777
fax-no:       +63-45-599-3777
country:      PH
changed:      apnic@comclark.com 20060123
mnt-by:       MAINT-NEW
source:       APNIC
0
 
LVL 3

Expert Comment

by:RTh0037
ID: 21831440
Not sure why points are not divided since he provided very little information
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question