Finding who is behind the IP

**mrstuff68** · Mar 29th, 2004, 06:09 PM

I would like to know how I can track who has been trying to get into my computer through backdoors. I have had my firewall give me a message that say IP 66.45.643.12 has been trying to access your computer. I would like to know what I can do, where I can go to find out more about who is behind this IP, if I can get email addresses, names, etc. That would be great.

All ideas are greatly appreciated!!!

Thanks

**DiGiTaIErRoR** · Mar 29th, 2004, 06:42 PM

Well, the first thing to do would be to DNS it, then WHOIS it.

Unable to resolve 66.45.643.12.

Sorry, can't WHOIS without DNS.

**papacorn** · Mar 29th, 2004, 07:03 PM

Hold up there cowboy....Check with your firewall logs to see what EXACTLY this IP address is trying to access. could be just a sweep.

You may also want to confirm the IP address you put up " 66.45.643.12 " the 3rd octet says .643 thats wrong.

**DiGiTaIErRoR** · Mar 29th, 2004, 07:07 PM

Originally posted by papacorn
Hold up there cowboy....Check with your firewall logs to see what EXACTLY this IP address is trying to access. could be just a sweep.

You may also want to confirm the IP address you put up " 66.45.643.12 " the 3rd octet says .643 thats wrong.

Haha, I didn't even notice the c subnet was over 255.

**Ideas Man** · Mar 30th, 2004, 02:31 AM

Depending on how far you wanna go, the first two parts to an IP are reserved for a certain ISP. They would log who gets what but that's overkill i'd imagine for what you want.

**visualAd** · Mar 30th, 2004, 04:46 AM

RIPE WhoIs will give you information about the IP address. It won't that one though - becuase its invalid.

http://www.ripe.net/db/whois/whois.html

Thread: Finding who is behind the IP

Thread Tools

Display

Finding who is behind the IP

Posting Permissions