Find the geographical location of a host by ip address
June 9, 2009In general, this is impossible – IP-addresses are appointed at random and not inherent in the relationship between the IP-address and his whereabouts, and there is no reliable method to the stunt.
Nevertheless, some detective work might help. Try the following methods:
1. Follow links for reference:
A complete list of country codes
http://www.iana.org/domain-names.htm
http://www.ics.uci.edu/pub/websoft/wwwstat/country-codes.txt
A complete list of United States – State Abbreviation
http://www.usps.gov/ncsc/lookups/abbr_state.txt
Full list of airport codes
http://www.aviationjobsonline.com/airports/citycode.html
Microsoft Terra Server – Satellite images of geographic areas
http://www.terraserver.microsoft.com/
2. Use reverse DNS to find the host name. This element can provide some hints to help.
For example, since the IP-address 132.74.18.2, the command “nslookup 132.74.18.2″ translates construct.haifa.ac.il address two areas –
1. This domain may be available. Ira, suggests that the host of Israel.
2. In the following two areas haifa.ac, so that the computer belongs to the “Haifa” Graduate Institute (university, in this case). University of Haifa is the city of Haifa.
It is not always reverse DNS translation – it depended on the host [host with IP-address] Configuring DNS-Server right.
Another trick is to create a WHOIS on the IP-address on demand. Attempting WHOIS query whois.arin.net – if not you reply to a request or whois.apnic.net whois.ripe.net
Keep in mind that the host domain can be hosted in another country. This is due to virtual hosting, domain, if a company from one country or region, taking cheap housing.
Note also that. ORG,. Com and. Education does not mean that the host in the United States, as many of the areas that relate to companies that are either not in the U.S. or international, and may have some hosts the world.
3. Some hosts support DNS extension that allows you to automatic entry to its geographical location in the DNS record, based on the duration of the DNS, as described in RFC 1876
For more information please visit, – http://www.ckdhr.com/dns-loc/
Another attempt to make some location via DNS in the 1712th RFC RFC is defined as a DNS entry in the geographic location.
4. Visit the web server. Web site that often provides suggestions for posting on the site.
For example, in order to construct.haifa.ac.il, find information on both http://www.haifa.ac.il/ and http://www.ac.il/
5. Using WHOIS. The database contains information on the WHOIS administrative contact for all areas filled during the registration of the domain, and updated from time to time. This information may provide some hints.
In the Whois database is not very reliable – if the address belongs to a large company, and responsible businesses that provide reliable and timely information, but as a domain name registrar does not correspond to accurate and current data, the data may be incorrect.
IP-Lat / Long page will attempt to show the same information in graphical representation.
http://cello.cs.uiuc.edu/cgi-bin/slamm/ip2ll/
This site allows Allwhois.com WHOIS requests from many countries.
http://www.allwhois.com/
List WHOIS-servers to Matt Power, ftp://sipb.mit.edu/pub/whois/whois-servers.list
Tengue Account QUE EN-los SE Suel data represents a los propietarios’ Rama Chief O puntos de Contacto, PERO Las direcciones IP asignados PUEDEN Ser anfitriones A LOS QUE puedan encontrarse EN UNA ubicación diferente (s).
6. Traceroute exploit. The names of the routers on the packet flow [I] from a computer IP-address may be Geography way implies that in the package, and the fate of physical location.
E.g. > traceroute www.mit.edu traceroute to DANDELION-PATCH.MIT.EDU(18.181.0.31), ... 1 teg.technion.ac.il (132.68.7.254) 2 ms 1 ms 1 ms 2 tau-smds.man.ac.il (128.139.210.16) 5 ms 5 ms 5 ms 3 128.139.198.129 (128.139.198.129) 9 ms 11 ms 13 ms 4 TAU-shiber.route.ibm.net.il (192.115.73.5) 535 ms 549 ms 513 ms 5 fe7507.tlv.ibm.net.il (192.116.177.1) 562 ms 596 ms 600 ms 6 165.87.220.18 (165.87.220.18) 1195 ms1204 ms 7 nyc28-16-sar1.ny.us.ibm.net (165.87.28.19) 1208 ms1216 ms1233 ms 8 198.133.27.5 (198.133.27.5) 1210 ms1239 ms1211 ms 9 sprint-nap.bbnplanet.net (192.157.69.51) 1069 ms1087 ms1122 ms 10 nyc1-br2.bbnplanet.net (4.0.1.25) 1064 ms1109 ms1061 ms 11 cambridge1-br1.bbnplanet.net (4.0.1.122) 1185 ms1146 ms1203 ms 12 cambridge2-br2.bbnplanet.net (4.0.2.26) 1185 ms1159 ms1073 ms 13 ihtfp.mit.edu (192.233.33.3) 1052 ms 642 ms 658 ms 14 W20-RTR-FDDI.MIT.EDU (18.168.0.8) 640 ms 665 ms 674 ms 15 DANDELION-PATCH.MIT.EDU (18.181.0.31) 702 ms 915 ms 868 ms
3rd Khmel is the path to the academic network [local search WHOIS], the fifth-hop their way to New York [on the east coast], and the 10 th hop path in Cambridge [Massachusetts, on the coast, north of New York York].
This is a program called Visual Route (http://www.visualware.com/visualroute/index.html) Traceroute to the host and displays the route on the world map. In the heart of the city on the map based on the WHOIS request that is not so – Israely domain can be seen in Israel, although it is in another country.
7. Some of these services in the host, you can enter additional information.
For example, Telnet construct.haifa.ac.il 13 <== time service
Trying 132.74.18.2 …
Connected to construct.haifa.ac.il.
Escape character’^]’.
Mon Jan 21 08:32:53 1998 <== indicates the time difference
Host time zone.
8. Notations for Internet service providers, as well as copies of the bones
AT&T dialups : <port>.<router-location>.<state>.dial-access.att.net
Port is 2-254 for the dial-up ports, and 1 for the router itself. location: example: “los-angeles-2″ (city and router #). state: 2-letter abbreviation.
uu.net dialups :
A. <port>.<device>.<city>.<state>.<iu>.uu.net
B. <port>.<device>.<airport>.<iu>.uu.net
iu = intended use (meaningless), state is per USPS ZIP code, deviceis Ascend ‘TNT’ # or Ascend ‘MAX’ #.
9. Related Sites:
In Mappa.Mundi Magazine – http://mappa.mundi.net/
Cyber Geography – http://www.cybergeography.org/
IPGEO – http://www.ipgeo.com/
10.Other Sites:
EMR
practice management software
eRx