Need to track down IP numbers

Discussion in 'Archived Threads 2001-2004' started by John Thomas, Oct 10, 2002.

  1. John Thomas

    John Thomas Cinematographer

    Joined:
    Mar 23, 2000
    Messages:
    2,633
    Likes Received:
    0
    Is there a program available that tracks down IP#s that's freely downloadable/available with the OS? I'm currently using Tracert and it gives me decent info, but I'd like to see who these numbers belong to.

    Thanks!
     
  2. Kevin P

    Kevin P Screenwriter

    Joined:
    Jan 18, 1999
    Messages:
    1,439
    Likes Received:
    0
    Try nslookup (available in most/all flavors of Windows as well as Unix) or whois if you have a unix/linux box. There are various options to get information on domains in particular. Note that not all IP addresses will resolve to a domain.

    What are you looking for this information for? Is someone trying to hack your system?

    KJP
     
  3. Dave Sabo

    Dave Sabo Stunt Coordinator

    Joined:
    Sep 23, 2002
    Messages:
    144
    Likes Received:
    0
    You can download the eval version of NeoTrace Pro here at ZDNet.. Not sure how much info it gives you without being registered though.
     
  4. Darren Lewis

    Darren Lewis Supporting Actor

    Joined:
    Jul 17, 2000
    Messages:
    534
    Likes Received:
    1
    There are several sites around that will convert IP addresses to hosts and that also have whois facilites. This site is quite good.
     
  5. MikeyWeitz

    MikeyWeitz Supporting Actor

    Joined:
    Feb 10, 2002
    Messages:
    939
    Likes Received:
    0
    You will only be able to track it down to the ISP if it is not a website or anything. If you are looking for, say, who owns 64.xxx.xxx.xxx on dialup,cable modem or DSL, you will not be able to find out the individual user.
    My public IP @ work (or my block of them actually), only shows as my ISP owning them. If you resolved my website addy, it shows you the domain owner and the DNS servers, but if you did my cable @ home, it only shows you my ISP providor.
     
  6. Kimmo Jaskari

    Kimmo Jaskari Screenwriter

    Joined:
    Feb 27, 2000
    Messages:
    1,528
    Likes Received:
    0
    That doesn't have to stop a determined search or serious complaint, of course; you can always contact the ISP who owns the address. They have internal logging that will let them pinpoint the user. Of course, making them divulge that is another matter altogether, but if one has a legitimate complaint (like someone attacking your computer who is their customer and proof of that) you can demand they take action on it.
     
  7. John Thomas

    John Thomas Cinematographer

    Joined:
    Mar 23, 2000
    Messages:
    2,633
    Likes Received:
    0
    Thanks for all the info guys. I'm tracking down some of these intrusions as to do something about it.
     
  8. Kevin P

    Kevin P Screenwriter

    Joined:
    Jan 18, 1999
    Messages:
    1,439
    Likes Received:
    0
    What kind of intrusions? I assume you have a firewall that's logging something, right?
     
  9. Michael Frommer

    Joined:
    Nov 24, 2001
    Messages:
    15
    Likes Received:
    0
    I am interested in the very same thing, that is, I want to try to identify sources of incomming (especially) communications that my firewall is alerting me to.

    I'm using NIS 2002 with highest firewall levels and notifying me about everything. I'm doing this in the hope that I can configure the firewall with greater detail. That is, block/allow cookies, active X controls, etc. from specific sites. Also, to make sure that inbound traffic is from a trusted source.

    For example: I am using M$ Money 2002 with it's 'background banking' feature. The problem is I don't know if it's my financial institutions that are trying to background download info or a potential hack. I am blocking these communications until I can figure it out.

    I'm also getting alerts saying the firewall has "block steal UDP port from 151.204.137.124 (ssdp(1900)) trying to access C:|WindowsSystem32svchost.exe"

    Any aditional thoughts or suggestions from the forum would be appreciated.
     

Share This Page