True IP, how can you tell?

Discussion in 'Software' started by CONNIE Y, May 24, 2005.

Thread Status:
Not open for further replies.
  1. CONNIE Y

    CONNIE Y Private E-2

    Sorry for the double post. I posted this in "networking" but I think it's a software issue after thinking about it.

    How can you tell a person's true IP address and if they used a router? Can I see the actually point of origin somehow?

    Thanks,
    Connie Y
     
  2. olestros

    olestros Private E-2

    It depends.


    In order to find someone's ip, certain things need to happen first. They have to be communicating to you via an app, you're on the same LAN as them, you know their NIC MAC.

    Routers and Proxies make this more difficult as they tend to use different methods to alias and mask ip's.

    If they are communicating to you via an app ( e.g. MSN ), then you can use a packet sniffer / analyzer to monitor the port and break down the packets to find the source destination.

    You do the same for a LAN except it's not as accurate. You can set the sniffer on passive to capture broadcast traffic which will tell you all ips ( as well as packet info ).

    With someone's MAC you could basically track anyone anywhere if they aren't behind a protected connection ( router, firewall, proxy ). MAC ID's are the fingerprint of the cyber world.
     
  3. CONNIE Y

    CONNIE Y Private E-2

    It's message board with all posts including the poster's IP address. I suspect a member is trolling and I don't have a match yet.

    It's not msn or any of the big ISP's.
     
  4. CONNIE Y

    CONNIE Y Private E-2

    OH, I just thought of something..they have listed an e-mail address. If I send them an e-mail and they reply back..possible could "properties" list a CORRECT IP???
     
  5. theefool

    theefool Geekified

    Well, you could trace the IP to the email server, via the email address. But, that is about it.
     
  6. CONNIE Y

    CONNIE Y Private E-2

    IF this is a phisher, how can I do this without getting sucked into the Phishing via my e-mail address?? Make up one via hotmail or such???
     
  7. olestros

    olestros Private E-2

    Regarding e-mail - No. E-mail goes through a host of multi-platform e-mail servers. You could look into the header info to find the home e-mail server but that's just the server / isp / freemail mail server.

    I'm almost sure that e-mail header info doesn't has host source information but who knows with MS products. Check the headers just in case.

    Regarding the message previous to that, if it already shows their ip, it's *really* simple. Unless it's a very big isp, the first two octets will always remain the same for users of that ip. More often then not, users in a geographically region will be split into specific subnets. I can't remember if verizon gives you the subnet info anymore but if you do a whois, and it gives it to you, just subnet it.
     
  8. olestros

    olestros Private E-2

    What is your objective?

    Are you trying to trace or mask an IP?

    The majority of IP's are dynamic in nature. Because of this, most admins will ban entire subnet domains.
     
  9. CONNIE Y

    CONNIE Y Private E-2

    Just trace. I suspect that a current member has used a new IP to be disgruntled and to make an inappropriate comments. Revealed, the member may refrain (at least for a while) on his/her political views.

    The post is not ban(able?) yet.
     
  10. olestros

    olestros Private E-2

    You said earlier you had their ips. Just check their the first two octets. If they are the same, and they are from North America, then it's mostly likely the same person that just reset his ip.

    I.E Poster A's IP = 64.2.241.8

    Poster B's IP = 64.2.117.9

    Most smaller ISP's have a class B address so two octets is enough *usually*. In general, the more matching octets, the more likely it's the same person, just with a different dynamic addy.

    If you *don't* have their posted ip, there is *no* way to find their ip. You would need to access server logs, or write code for the browser to respond / record to the ip function.


    If they are not from North America, then it might be impossible. Many european ISP's use proxies instead of subnets. In that case it will be the exact same ip that will be shared by multiple people.
     
  11. Adrynalyne

    Adrynalyne Guest

    Not bannable, but not appropriate, either.

    If its a member here you have issue with, talk to the owners of the site, ok?
    :)

    I'm going to shut this down for now, if the admins feel its an 'ok' thread, I'll reopen it.
     
Thread Status:
Not open for further replies.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds