IP tracing

[MrLinus]

Look at the email headers. Generally, this is the properties of the email (with Eudora there is a button that is labelled BLAH BLAH BLAH that shows full headers -- in Outlook you need the properties of the email itself). In there you will see the source IP address of the person that sent you the email (most times).

[KissCool]

We have an IP locator here.
You can quickly play with it to understand how inaccurate this sort of technics can be (it locates me in Amsterdam!!!!).

KC

[MrLinus]

I think the IP locator is fubar'd. Apparently I'm in Australia.

[WindPhantom]

I went there. I guess my gear works cause it says my Ip cannot be located. Thanks for the help .... everyone.

[cbo]

well fist thing to do is check
www.ripe.net (europe)
www.arin.net (us)
www.apnic.net (asia)
for the ip address, when you get a hit i will display the owner of the ip address 99% of the time this will be an isp, the last 1% it will be a major coorp running their own network.

in the registry u can see who's in charge of the IP net - name of the isp/coorp, email, address, phone number. etc. If you think you have a good case call em.. if ur case is weak forget about contacting them. Belive me it takes a lot to make them hand over the info on one of their customers.

another thing you can do is to do a traceroute, often isp's use locations as domain names for their ip addresses ex. so-1-1-0.2488M.albnxu1.ip.ispxxx.dk (xx.xx.xx.xxx) this means the router with the given ip is located in aalborg Denmark. now your one step closer. it is not for certain that this works but most of the time it does.

next step if you really really want to know who has the ip address is to contact the isp, and try and lure information out of em... This can be done but not without the chance of being exposed... I will not describe in details how to do it, that is up to your imagination.

[the_JinX]

whois gives you the ISP's info (normaly)

I provide a small (beta) whois service.. but most unix/linux users can just as easiy whois themselves..

whois ip.addy

or

whois domain.com

Most ISP's provide an ABUSE email addy..

[MrLinus]

Or.. Sam Spade is a good one.

[HTRegz]

Just on a follow up to what the_JinX and MsM said.... for those of you that like to stick to the command line in windows (I know that's what I prefer).... you can get a command line whois program for Win32... It is available for download here:
http://www.cmdtools.com/files/inet32ut.zip

EDIT:

Here's another as well
http://www.cmdtools.com/files/dwhois.zip

[11001001]

Originally posted here by mupp3t

3. Since they are the govenment, the isp will most likely give out the information they have on the client e.g. address + phone number.

Actually, the vast majority of ISPs will NOT provide your information freely to the government. They usually do respect your right to privacy and their TOS, Privacy Policy, etc.
However, Once the governmental agency shows up with a Search Warrant or send them a Subpoena (Depending on what info is needed) the ISP is forced to comply with the request.
Bear in mind that this is how it works in the U.S.

[Quamis]

Look at the email headers.

how do i check the email header if i have an account on yahoo...msn...mail.com etc ?