By Leo Notenboom
It’s critically important that you realize that you will not, on your own,
be able to get the name, location, phone number, email address or any other
specific information with just an IP address. Not only can an IP address change
or be shared among many computers (and hence people), but the information that
you’re seeking is considered private and is protected by the ISP who owns that
IP address.
To get that information, you’ll need a legal reason to require it and that
typically means a court order of some sort.
Let’s look at what you can determine from an IP address on your own and a
few tools that will help you determine at least the ISP that owns it.
I’m going to use several different tools in this example because each
provides valuable information, even though they might overlap quite a bit as
well.
Whois
“Whois” is a service that basically answers the question “who is X” where X
is an IP address, a domain name, and several other things.
ARIN, the American Registry for Internet Numbers, is a fine place to start.
The ARIN Whois can be accessed from http://whois.arin.net in the upper right
corner:
Enter the IP address you’re interested in and press Return. I’ll use
64.105.215.206 (an IP address that I know to be assigned, but at this writing, is unused)
as my example:
This is pretty typical of what you’ll get: information that identifies the
ISP who owns the “block” of IP addresses that contains the IP address that you asked
about. In this case, the block includes all IP addresses from 64.105.0.0 through
64.105.255.255.
With a court order, law enforcement would then approach the ISP for more
detailed information about who that IP address is assigned to.
Also note that it’s possible that the information presented may point you to
a different whois server – ARIN covers IP addresses assigned in North America;
there are other services for the rest of the planet.
Reverse DNS
In some cases, reverse DNS can be instructive.
DNS is the mapping of a domain name, like “ask-leo.com”, to an IP address.
Reverse DNS does, as its name implies, the reverse – given an IP address finds
the domain name that has been assigned as the primary identifier.
I’ll use a tool from a third-party vendor this time, http://whois.domaintools.com:
You can see that this gives much of the same information that we’ve seen above,
namely the ISP who owns that IP address. But there’s an additional tidbit of
information.
Article Continued Here
This post is excerpted with Leo’s permission from his blog.
FaceBook URL: Leo’s Facebook
Twitter URL: http://twitter.com/askleo
