Say I have an ip, what can i guess just form looking at it?

i.e 1.2.3.4 and 1.2.3.6

the 1 would mean they are in north america, for eg

the 2 would mean they are using AOL broadband

the 3 would mean they are on the same major hub, or does it mean that they are attached to the same phone line/internet connection ??

and the fourth, 4 and 6, just designates their specific number.

thanks

wait

the first number is ip blocks

im reading into it, like a friend is explaining some of it to me

im just trying to figure out if someone is like... if someone is someone else purely by their ip? they have 2 different ips, but they could be running off two different computers, couldnt they?

actually it's alot more complex then that.
You should use samspade to do a whois to see who the ISP is.

http://www.samspade.org/t/ipwhois?a= (enter the IP after the ='s sign)

k

i checked it out on my ip, didnt find it very useful =/ ah well

two more things that i may as well include in this thread, seeing as theyre lame and annoying and nobody wants to read them, especially in a new thread

1) how do you get someones ip, apart from: website logs, icq/aim/whatever sniffing, msn file send netstat -n, irc, email... ?

2) whats a site for windows vulnerabilities and how they are exploited, but also to find out if you have it / how to patch

thanks

also: i apologise =/ but i had to ask haha

I find Netinfo very good for finding out what you want to know about a single IP or IP range. It's shareware but doesn't expire :-)

Marticj

Octets on the Ip address really have no real meaning other than defining class numbers a "subnet number" and a node number... While it may be true in what your saying for dome things such as aol 172for the first octet and north american cable at 24 for the first octet

http://www.lameindustries.org/tutorials/ip...ing/index.shtml

indepth explanation of IP Addressing

What i think epi is asking, is what certain huge ranges are. For example... i think 38.* is cogent servers... 128.* and 129.* are edu's.... and so on...

Dear friend,

If you can spend 50 dollars, Well, here you gonna see a fantastic tool..

http://www.ip2location.com/

Just go for it

Manu

A lil about IP and other stuffs, Hope that it will help you, Here we go

What is the difference between a Domain Name, an IP Address and a Computer host Name?

Domain name is a text name that a computer network (The Internet is a network) registers. The domain name is used to give computers text names rather than using the numeric IP addresses. It is like getting a vanity phone number that spells out a word to make it easy to remember. Domain name examples Abika.com, cnn.com, usatoday.com. Computer (host) name are names given to individual computers. Each host name corresponds to an IP address. Host names and domain names are optional and everything can work fine with using just IP Addresses. Examples of host names: www.cnn.com, mail.people.com, Cust149.tnt3.sfo3.da.UU.net and so on.

Can pinging an IP address locate a computer?

By pinging another computer on the internet you can tell if it is currently active and how long it takes to get information from the originating computer to the destination and back. Ping sends signals (packets) to another computer on the Internet or a network to see if they send a return or an 'echo.' If all the signals 'timeout' the computer may be disconnected from the Internet or is unreachable. This feature only checks if a computer is connected. It cannot verify the validity of an e-mail address. It also cannot check a specific web page.

What is trace input also commonly knows as tracert?

Tracert traces the route through the Internet from one computer to another. The signal generally goes from a computer to the Internet Service Provider (ISP) and then to their provider until it reaches a 'backbone' provider. This could take one or many steps. It then eventually transfers to the destination 'backbone' provider and reverses the process to the destination computer. This feature only checks a computer that is connected to the Internet, it cannot verify the validity of an e-mail address. It also cannot check a specific web page. Note that a traceroute may follow a completely different path as compared to downloading web pages or sending e-mail. A Trace route gives you information about each computer between the originating computer and the destination, including ping times, IP addresses and the names of all of the computers.

What is a Reverse DNS Lookup?

A Reverse DNS lookup will give you the DNS name of a computer when all you know is the IP address.

What can affect the accuracy of IP traces and what are Phantom IP Addresses?

A Phantom IP Address is one that does not appear in any ISP's BGP (Border Gateway protocol) tables and accordingly can not carry traffic. IP Maps are built from real traffic it does not contain the locations for Phantom IP Addresses. Some research shows that 9 out of 10 of the theoretical total of 256*256*256 = 16,777,216 subnets are either "Phantom" subnets, or don't carry any traffic at all. Apart from Phantom addresses, our map may not contain addresses of infrequently used, very low traffic subnets. Where the map does show very low traffic subnets, it's resolutions may not be as dependable due to the proportionately low number of points that are available on these subnets. The impact of this on real world performance is limited because it is confined to the larger number of subnets which carry practically no traffic. On the other hand, because our map's accuracy is largely based on the available points, and because the number of points we will have for a given subnet is proportional to the traffic that it carries, our map's accuracy will be very high where it matters most - where its resolutions will effect the most traffic.

What about WHOIS data?

The purpose of the WHOIS data is to identify the entity (person or company) to which a block of addresses have been delegated. It is essentially an ISP Map, rather than an IP Address Map. While the granularity of the our map, is that of a single subnet - placing each subnet individually within the geographic area that it services, the WHOIS data has a granularity of "company" (or ISP), placing all subnets "allocated" to a given ISP in the same geographic location. Compounding the problem further, the large and successful ISP's that carry the bulk of the Internet's traffic tend to service wide geographic areas. Given these points and the fact that the WHOIS data will locate all of an ISP's address space to the same city, then it is difficult to see how the WHOIS data, even if it was kept up to date, could be geographically accurate.

Manu