Saturday, June 23, 2007

Basic IP Hunting

IP numbers are the foundation of the internet and most local network schemes - each computer or likeness thereof hooked to the network/internet is assigned a number under this scheme, and those numbers are used as addresses to ensure that the allegorical mail arrives at the proper address ("Hey bubba, 192.168.1.1, wants to look at the Playboy.com site again, can ya send it over to him?" or "Hey bubba, 127.0.0.1 has some e-mail here...pass that along, wouldja?")

It's a little more sophisticated than that, but that covers the basic concept. Now and again, for one reason and another, it may become interesting to track back where something came from ("HEY! BILLY JOE BOB! I'm'a covered in slime here! The port just opened up and puked all over me - can you tell where it came from? They're REALLY sick puppies").

That's when a little bit of net wizardry comes into play. In the U.S. (presently the largest 'net presence) IP#'s are handed out by a fun group called the American Registry for Internet Numbers or something like, better known as ARIN - so we take our slime-hurtling friends IP# over to http://Arin.net and run a who-is upon it, generating a something a little like:
















This will generate either (a) a listing of your villain du jour (the folks the IP# was leased to), (b) an ISP to whom the range of IP#'s was leased to (at which point a chat with that ISP is the next step), (c) a bounce to another registry to start all over again, as that particular IP # is registered w/ another registry (RIPE.Net if they are in Europe, for instance; or finally (d) a discovery that someone was getting more than above average creative...

Handy knowledge to have.

No comments:

Post a Comment

Yes, this new comment form sucks. No, it's not my fault - blame Google.