I would like to know how I can track who has been trying to get into my computer through backdoors. I have had my firewall give me a message that say IP 66.45.643.12 has been trying to access your computer. I would like to know what I can do, where I can go to find out more about who is behind this IP, if I can get email addresses, names, etc. That would be great.

All ideas are greatly appreciated!!!

Thanks

Well, the first thing to do would be to DNS it, then WHOIS it.

Unable to resolve 66.45.643.12.

Sorry, can't WHOIS without DNS.

Hold up there cowboy....Check with your firewall logs to see what EXACTLY this IP address is trying to access. could be just a sweep.

You may also want to confirm the IP address you put up " 66.45.643.12 " the 3rd octet says .643 thats wrong.

Originally posted by papacorn
Hold up there cowboy....Check with your firewall logs to see what EXACTLY this IP address is trying to access. could be just a sweep.

You may also want to confirm the IP address you put up " 66.45.643.12 " the 3rd octet says .643 thats wrong.

Haha, I didn't even notice the c subnet was over 255.

Depending on how far you wanna go, the first two parts to an IP are reserved for a certain ISP. They would log who gets what but that's overkill i'd imagine for what you want.

RIPE WhoIs will give you information about the IP address. It won't that one though - becuase its invalid.

http://www.ripe.net/db/whois/whois.html