OT-internet address list

Where can I find a list of what the numerical internet addresses mean?
I'm talking about the string of numbers that identify an web address
and shows the country and such of the folks that send me their spam
and phishing attempts daily
Reply to
Gerry
Loading thread data ...
You need to do a Whois lookup. Dnsstuff will let you do a few for free, then you have to pay.
Reply to
Michael A. Terrell
formatting link

Reply to
cncfixxer1
messagenews: snipped-for-privacy@earthlink.net...
Well that's neat! Provides a whole lot more info that I want about me. All I was looking for was to be able to identify country or origin to see where the phishing junk is coming from
Reply to
Gerry
nslookup from a command prompt with that IP will tell you what it resolves to. Another approach would be to install the Netcraft Toolbar which, if you do get caught off-guard and navigate to a known phishing site, warns you right in the browser in an inmistakable way that you're not where you think you are. Traceroute (or tracert if you're on windows) to the IP and you can see that way as well.
In reality, if you get a phish-looking email with an IP rather than a name, yeah, it's not legit. I've been using the Netcraft Toolbar; if it's one they don't know, I report it that way. Been a long time since I found one before they did, though.
Reply to
Dave Hinz
Also try
formatting link
Reply to
Jedd Haas
LA
formatting link
I always run my cursor over the link and read the real address before going there. Seldom do the posted address and the real address match up. I'm just curious if there is some system of numbers that make it easy to spot when the site is in Niger or someother known location that hosts these people- say a number that means Niger or something. Something simple
Reply to
Gerry
On Sun, 09 Sep 2007 06:12:44 -0700, with neither quill nor qualm, Gerry quickly quoth:
messagenews: snipped-for-privacy@earthlink.net...
My favorite is Whois Source, now known as
formatting link
IP sourcing, DNS stuff, pings, traceroutes, domain sales, etc.
Free but requires signup. (I haven't seen any spam from them at all, so I think it's just to weed out the email gleaners.)
=========================================================== Save the Endangered Bouillons from being cubed! ===========================================================
Reply to
Larry Jaques
[ ... ]
No such luck. You have to do an individual nslookup on each IP. Sometimes, you can get a good idea from the first octet (the numbers before the first '.'), but not always. Europe is handled by RIPE, and you'll find blocks of as small as 255 address (differing only in the last octet) assigned to vastly different countries.
I use a program called "jwhois" in my unix system, though I had to compile that from source. A just plain "whois" comes with unix, but you often have to try two or three calls as it redirects you to different whois servers before you get a hit. "jwhois" automates that.
Or -- you could do a lookup with geektools via the web, IIRC. (I use their whois server for when jwhois gets confused, which happens sometimes.) But I call it with whois, and if you don't have that, you'll need to go to the web-based approach.
geektools puts a limit on the number of lookups per day from a given site, though I've never hit it (yet).
Check out
formatting link
They seem to have added a stumbling block for those trying to abuse it by automated systems, but it should work for you.
Enjoy, DoN.
Reply to
DoN. Nichols
I remember the old days when we had to specify which whois server to check, and in order to automate that, I downloaded the source to ipw and built/used that. Worked great until ripe made changes that broke it... but that's not required with FreeBSD or Debian today, nor has it been for years. Just do, for instance,
$ whois 72.244.230.1
OrgName: Covad Communications Co. OrgID: CVAD Address: 2510 Zanker Rd. City: San Jose StateProv: CA PostalCode: 95131 Country: US
ReferralServer: rwhois://rwhois.covad.net:4321
NetRange: 72.244.0.0 - 72.245.255.255 CIDR: 72.244.0.0/15
Reply to
Steve Ackman

PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.