Traceroute and Whois mystery

DumDum · July 3, 2002, 5:26pm

Hey folks, I've been charged with the job of finding out who's been screwing around with the download counts on our site. So now I have this huge list of IP's that I supposed to match to such and such developer.

I was told by one guy that I should just do a traceroute and that'd tell me where the IP came from. I had another sys. admin guy tell me that all I need to do is a whois on the IP address and I'd be able to get the developers name, etc.

Neither of these options has worked the way I was told. I'll do a traceroute on one IP and get some server in South Dakota or Minnesota but the developer is based in Russia. Or, I'll do a whois on an IP that should be developer XYZ and get godaddy.net as the registrar, referral URL, etc.

How can I put in an IP address and find out exactally who's computer that is and where it is?

The_Fridgerator · July 3, 2002, 10:44pm

Traceroute should tell you which routers the IP packets go through to get to/from the developer. It should have the developers IP as the last one, the 2nd last address should be his ISP.

WHOIS will just show the domain name of the ip address.

killerserv · July 3, 2002, 11:24pm

try nslookup <machinename>

nslookup 123zone.bla.net
Server: 123zone.bla.net <= Name of queried name server
Address: 129.62.16.4 <= IP address of queried name server

from the IP address you can find the information. But this works within a domain server. Is it within one domain? Perhaps you should try some software on website that offers ways to track down.

I suggest this site. Give a try.

http://visualroute.visualware.com/

(the Java loads are Slow, so patience needed)