-
May 23rd, 2008, 10:41 AM
#1
Geographical info to IP
I know that the physical location of a computer can be easily determined if we know its IP address.
What I want to get the is IPs from geographical information alone.
for instance, I want to know how can I determine what IP addresses are assigned to the computers in my city.
How can I do it?
-
May 23rd, 2008, 12:33 PM
#2
I know that the physical location of a computer can be easily determined if we know its IP address.
Then your "knowledge" is badly flawed my friend
Consider how it works?
1. You create an account with an ISP and they assign you an IP Address from their block of many addresses. It is THEIR address, so that is what it will trace back to. Some of them even have strange architectures so that you will go to some "node" or switching centre that just happens to be in use for that connection.
2. Check out "anonymous proxies and TOR" You can go through an anonymiser that will not even show your true ISP's address.
3. The databases that purport to provide these geolocators are frequently out of date so give false information.
4. Consider wireless communications? you can probably connect to a hotspot from several kilometers away and the IP would be that of the hotspot.
5. What if I use my secure VPN and connect to an internet server in Langley, Virginia? Does that mean that my computer is actually in the CIA Headquarters?
What I want to get the is IPs from geographical information alone.
for instance, I want to know how can I determine what IP addresses are assigned to the computers in my city.
How can I do it?
Sorry I don't quite understand you there, and I do appreciate that English is not your first language so don't worry
1. You can find out what IP address blocks are assigned to countries which would give you
IPs from geographical information alone
2.
I want to know how can I determine what IP addresses are assigned to the computers in my city.
I am not sure about what you mean here. I will try a few suggestions and perhaps you will get back with a bit more detail?
If it is a very small ISP that only deals in one city then you know that all of the IPs in their address block are in your city. If it is a national service you will not.
Also, please remember that there are "dynamic" and "static" addresses. For example if I log off and log on again I will be assigned a completely different IP address and possibly relayed through a different centre.
Again, if it is a static address as businesses, schools, colleges, government and the like have. You are contacting a server with a single IP that might be supporting 15,000 computers scattered across the globe? (VPN?)
Join the Police, Counter-Intelligence or Anti-Terrorism services, as they are the only ones with sufficient authority to obtain the missing information.
-
May 23rd, 2008, 01:11 PM
#3
Then your "knowledge" is badly flawed my friend
Consider how it works?
1. You create an account with an ISP and they assign you an IP Address from their block of many addresses. It is THEIR address, so that is what it will trace back to. Some of them even have strange architectures so that you will go to some "node" or switching centre that just happens to be in use for that connection.
2. Check out "anonymous proxies and TOR" You can go through an anonymiser that will not even show your true ISP's address.
3. The databases that purport to provide these geolocators are frequently out of date so give false information.
4. Consider wireless communications? you can probably connect to a hotspot from several kilometers away and the IP would be that of the hotspot.
5. What if I use my secure VPN and connect to an internet server in Langley, Virginia? Does that mean that my computer is actually in the CIA Headquarters?
Yes, "may be" then I can't determine your physical location.
But I am trying to develop a tool that will find IP from physical location, something like reverse of traceroute. But now I realize that first I have to track the real IP.
So delete the word "easily" from the line,
I know that the physical location of a computer can be easily determined if we know its IP address.
Thanks.
-
May 23rd, 2008, 01:31 PM
#4
Then it still can't be done with any degree of certainty...
A whois on my ip shows my ISPs address. The main office address actually..
Which is in an entirely different city to where I live.
Last edited by SirDice; May 23rd, 2008 at 01:33 PM.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
May 23rd, 2008, 01:49 PM
#5
Hi,
So, you actually want to go from the location to the IP address?
Well, as I said, you have no supplier data? what if I have two ISPs for a city?
They will both be providing alongside eachother with quite different IP blocks?
I can pick up my telephone, link to my supplier in Hanoi, then I appear to be in Hanoi?
Mission impossible....................
-
May 24th, 2008, 12:02 AM
#6
It's very difficult. The best you'll be able to do is guess as to the physical
location. And then only sometimes.
I admin a small (very small) investors forum which shows not only a poster's
ip addy but also some info on the hosts. So looking right now, I got one
poster at "c-24-8-214-xx.hsd1.co.comcast.net/24.8.214.xx" and another
at "c-66-31-153-xxx.hsd1.ma.comcast.net/66.31.153.xxx", obviously both
Comcast subscribers. The first poster is from Colorado, then second from
Massachusetts (I know both of them), and the subdomains confirm that.
But the first poster also posted earlier from "74.7.55.xxx" and had no add'l
host info. A whois puts him in Atlanta, but I know he's in Denver (maybe
in his office?). ISPs often use subdomains that will clue you in to location.
For instance, RoadRunner uses cinti.rr.com for Cincinnati. But that subdomain
info is not readily available and usually gleaned from, say, email headers
or forum admin pages.
You're not going to get consistent details to do what amounts to guesswork.
Ironically, I had a webdesigner gripe about the webstats he gets from a site
we did, so I told him I could download the logs for a more detailed analysis.
I asked him specifically what he was looking for and he said he wanted to
get a name and address to match the ip so we could send him a flyer. My
response was it's not going to happen without a warrant.
Last edited by brokencrow; May 24th, 2008 at 12:07 AM.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
May 24th, 2008, 11:48 AM
#7
Mission impossible....................
O.K. Charlie.
-
May 29th, 2008, 10:10 AM
#8
Banned
Mission nearly impossible
Here is how the whois databases work:
The RIPE, AfriNIC, APNIC, ARIN, LACNIC databases keep information about the address of the company to whose Autonomous System (AS) got the IP address block. These IP blocks are relatively large (several C classes (n*256 IP addresses - including network and broadcast address), or B class (64000 IP addresses - including network and broadcast address) or at times even larger.
Then, it is left to the responsibility of the administrator of the block to further break down the blocks into user-assigned subnets and report these subnets to the registry. Actually, this is mandatory, since by this process the registry knows that the AS is actually making use of the assigned IP block.
However, there is ABSOLUTELY NO VERIFICATION of the information placed within the sublock assignment. So it is very frequent that the address part will remain the same for a lot of subnets, or they will be assigned to the address of the head office of a large customer.
At the same time, there can be several AS operating in the same geographic region (for instance, several ISP's). So, the above described problem will multiply.
Your hypothetical tool will have to get the name of the location, query the whois databases until it discovers all subnets that are reported as operating in that location, and then present result that this location can PROBABLY have an IP address from the following blocks.
Similar Threads
-
By Soda_Popinsky in forum The Security Tutorials Forum
Replies: 7
Last Post: August 6th, 2004, 06:30 AM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By th3spid3r in forum AntiOnline's General Chit Chat
Replies: 8
Last Post: October 26th, 2003, 12:17 PM
-
By caffeine20 in forum The Security Tutorials Forum
Replies: 2
Last Post: November 12th, 2002, 03:11 PM
-
By Gurl in forum Site Feedback/Questions/Suggestions
Replies: 6
Last Post: August 31st, 2002, 10:12 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|