Results 1 to 1 of 1

Thread: IPWhois (v3)

  1. #1

    Thread Starter
    Fanatic Member
    Join Date
    Dec 2012

    IPWhois (v3)

    This latest version (V3) of IPWhois is an upgrade to the original version. The network interface was upgraded to use SimpleSock, and the latest MAC_Buttton was also included. Whois servers respond with text that only uses vbLf. The standard TextBox uses vbCrLf, but the InkEdit Control uses vbLf. So the standard TextBox was replaced with an InkEdit control, thereby simplifying the code.

    IPWhois has the ability to follow a referral link when ARIN is used as the default server. The other servers do not provide a referral link. Occasionally, ARIN will not have a referral, and the appropriate server must be accessed directly. This is most common with whois.afrinic.net.

    IPWhois is useful in discovering who owns a particular IP address, and the IP address is about the only thing that can't be spoofed when receiving an email. As long as you are able to examine the Header information in a received email, you can recover the originating IP address. Unfortunately this is not always possible when using Web Server based email systems. If an originator used web based Gmail to send an email, the header will show the Gmail server as the originator. An email supposedly from your bank that originated in Iran definitely qualifies as a phishing email, no matter how good your ESP (Email Service Provider) spam blocking software is. I personally inspect every blocked email to ensure that it is not a false positive, and the very first task is to find out where it originated. 99% of all spam and malware email is HTML based, but text based email can also be bogus. Just because your ESP uses encryption does not mean that it legitimate. Hackers and spammers are expert at getting around these defenses. Some day we will have to upgrade our email system to provide source authentication, but unfortunately that is not possible with our present system.

    Once the owner of the IP address is found, you can notify them of Network abuse, as the Abuse email address is often located on the same Whois page. You can also report the abusive IP to places like AbuseIPDB.

    J.A. Coutts

    Note: This works better if the User Control is replaced with the OCX.
    Attached Images Attached Images  
    Attached Files Attached Files
    Last edited by couttsj; Yesterday at 04:12 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts


Click Here to Expand Forum to Full Width