Results 1 to 8 of 8

Thread: Geographical info to IP

  1. #1
    Banned shakuni's Avatar
    Join Date
    Aug 2007
    Posts
    24

    Geographical info to IP

    I know that the physical location of a computer can be easily determined if we know its IP address.
    What I want to get the is IPs from geographical information alone.
    for instance, I want to know how can I determine what IP addresses are assigned to the computers in my city.

    How can I do it?

  2. #2
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    I know that the physical location of a computer can be easily determined if we know its IP address.
    Then your "knowledge" is badly flawed my friend

    Consider how it works?

    1. You create an account with an ISP and they assign you an IP Address from their block of many addresses. It is THEIR address, so that is what it will trace back to. Some of them even have strange architectures so that you will go to some "node" or switching centre that just happens to be in use for that connection.

    2. Check out "anonymous proxies and TOR" You can go through an anonymiser that will not even show your true ISP's address.

    3. The databases that purport to provide these geolocators are frequently out of date so give false information.

    4. Consider wireless communications? you can probably connect to a hotspot from several kilometers away and the IP would be that of the hotspot.

    5. What if I use my secure VPN and connect to an internet server in Langley, Virginia? Does that mean that my computer is actually in the CIA Headquarters?

    What I want to get the is IPs from geographical information alone.
    for instance, I want to know how can I determine what IP addresses are assigned to the computers in my city.

    How can I do it?
    Sorry I don't quite understand you there, and I do appreciate that English is not your first language so don't worry

    1. You can find out what IP address blocks are assigned to countries which would give you
    IPs from geographical information alone
    2.
    I want to know how can I determine what IP addresses are assigned to the computers in my city.
    I am not sure about what you mean here. I will try a few suggestions and perhaps you will get back with a bit more detail?

    If it is a very small ISP that only deals in one city then you know that all of the IPs in their address block are in your city. If it is a national service you will not.

    Also, please remember that there are "dynamic" and "static" addresses. For example if I log off and log on again I will be assigned a completely different IP address and possibly relayed through a different centre.

    Again, if it is a static address as businesses, schools, colleges, government and the like have. You are contacting a server with a single IP that might be supporting 15,000 computers scattered across the globe? (VPN?)

    How can I do it?
    Join the Police, Counter-Intelligence or Anti-Terrorism services, as they are the only ones with sufficient authority to obtain the missing information.

  3. #3
    Banned shakuni's Avatar
    Join Date
    Aug 2007
    Posts
    24
    Then your "knowledge" is badly flawed my friend

    Consider how it works?

    1. You create an account with an ISP and they assign you an IP Address from their block of many addresses. It is THEIR address, so that is what it will trace back to. Some of them even have strange architectures so that you will go to some "node" or switching centre that just happens to be in use for that connection.

    2. Check out "anonymous proxies and TOR" You can go through an anonymiser that will not even show your true ISP's address.

    3. The databases that purport to provide these geolocators are frequently out of date so give false information.

    4. Consider wireless communications? you can probably connect to a hotspot from several kilometers away and the IP would be that of the hotspot.

    5. What if I use my secure VPN and connect to an internet server in Langley, Virginia? Does that mean that my computer is actually in the CIA Headquarters?
    Yes, "may be" then I can't determine your physical location.
    But I am trying to develop a tool that will find IP from physical location, something like reverse of traceroute. But now I realize that first I have to track the real IP.

    So delete the word "easily" from the line,
    I know that the physical location of a computer can be easily determined if we know its IP address.
    Thanks.

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Then it still can't be done with any degree of certainty...

    A whois on my ip shows my ISPs address. The main office address actually..
    Which is in an entirely different city to where I live.
    Last edited by SirDice; May 23rd, 2008 at 01:33 PM.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hi,

    So, you actually want to go from the location to the IP address?

    Well, as I said, you have no supplier data? what if I have two ISPs for a city?

    They will both be providing alongside eachother with quite different IP blocks?

    I can pick up my telephone, link to my supplier in Hanoi, then I appear to be in Hanoi?

    Mission impossible....................

  6. #6
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    It's very difficult. The best you'll be able to do is guess as to the physical
    location. And then only sometimes.

    I admin a small (very small) investors forum which shows not only a poster's
    ip addy but also some info on the hosts. So looking right now, I got one
    poster at "c-24-8-214-xx.hsd1.co.comcast.net/24.8.214.xx" and another
    at "c-66-31-153-xxx.hsd1.ma.comcast.net/66.31.153.xxx", obviously both
    Comcast subscribers. The first poster is from Colorado, then second from
    Massachusetts (I know both of them), and the subdomains confirm that.
    But the first poster also posted earlier from "74.7.55.xxx" and had no add'l
    host info. A whois puts him in Atlanta, but I know he's in Denver (maybe
    in his office?). ISPs often use subdomains that will clue you in to location.
    For instance, RoadRunner uses cinti.rr.com for Cincinnati. But that subdomain
    info is not readily available and usually gleaned from, say, email headers
    or forum admin pages.

    You're not going to get consistent details to do what amounts to guesswork.
    Ironically, I had a webdesigner gripe about the webstats he gets from a site
    we did, so I told him I could download the logs for a more detailed analysis.
    I asked him specifically what he was looking for and he said he wanted to
    get a name and address to match the ip so we could send him a flyer. My
    response was it's not going to happen without a warrant.
    Last edited by brokencrow; May 24th, 2008 at 12:07 AM.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  7. #7
    Banned shakuni's Avatar
    Join Date
    Aug 2007
    Posts
    24
    Mission impossible....................
    O.K. Charlie.

  8. #8
    Mission nearly impossible
    Here is how the whois databases work:
    The RIPE, AfriNIC, APNIC, ARIN, LACNIC databases keep information about the address of the company to whose Autonomous System (AS) got the IP address block. These IP blocks are relatively large (several C classes (n*256 IP addresses - including network and broadcast address), or B class (64000 IP addresses - including network and broadcast address) or at times even larger.
    Then, it is left to the responsibility of the administrator of the block to further break down the blocks into user-assigned subnets and report these subnets to the registry. Actually, this is mandatory, since by this process the registry knows that the AS is actually making use of the assigned IP block.
    However, there is ABSOLUTELY NO VERIFICATION of the information placed within the sublock assignment. So it is very frequent that the address part will remain the same for a lot of subnets, or they will be assigned to the address of the head office of a large customer.
    At the same time, there can be several AS operating in the same geographic region (for instance, several ISP's). So, the above described problem will multiply.

    Your hypothetical tool will have to get the name of the location, query the whois databases until it discovers all subnets that are reported as operating in that location, and then present result that this location can PROBABLY have an IP address from the following blocks.

Similar Threads

  1. Hijack This usage
    By Soda_Popinsky in forum The Security Tutorials Forum
    Replies: 7
    Last Post: August 6th, 2004, 06:30 AM
  2. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  3. ******Bypass Web Censorship******
    By th3spid3r in forum AntiOnline's General Chit Chat
    Replies: 8
    Last Post: October 26th, 2003, 12:17 PM
  4. footprinting
    By caffeine20 in forum The Security Tutorials Forum
    Replies: 2
    Last Post: November 12th, 2002, 03:11 PM
  5. Last Post Info
    By Gurl in forum Site Feedback/Questions/Suggestions
    Replies: 6
    Last Post: August 31st, 2002, 10:12 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •