Internet and Copyright - a sample IP address search (Session 4)
If you thought we've thoroughly covered techie Internet search techniques, let me set you straight: we have hardly scratched the surface.
In this session, we're going to take a look at searching the source of IP (Internet Protocol) addresses.
Warning: this is more complicated than the earlier sessions. Proceed with caution.
First off, let's review IP addresses and add a bit more detail to our understanding. IP addresses are written in what are known as dotted quads: a series of four sets of digits separated by periods (dots) such as 142.166.243.10 - which to a computer is far more understandable that a domain name like smartypants.com or pwac.ca
And while we generally write postal addresses in this order - house number, street, munipality, country - IP addresses go in the other direction.
If we had a white pages of IP addresses, the very first one would be: 1.0.0.0
And the last would be 255.255.255.255
Every IP address on the planet (at least under what's know as the IP4 addressing scheme) would fall between those two dotted quads.
A neighborhood (often referred to as a Class C set of addresses) would run from 198.164.12.0 to 198.164.12.255
(Note that 0-255 = 256 individual digits). So how many possible IP addresses are there under this scheme? Simple: 256 x 256 x 256 x 256
The result is a very big number (do your own math), but we're already running out of IP addresses (which is why we're headed towards an addressing scheme called IPv6).
One of the ways network administrators have managed to prolong the existing pool of IP addresses is a technique called multi-homing. This allows multiple devices to share the same IP address. So smartypants.com and pwac.ca could actually share the same IP address. Multi-homing software, standing just inside the door like Jeeves the Digital Butler, directs each visitor to the appropriate location.
So...the search...
Why would I want to do an IP search? To find out who's hosting a particular web site, such as one that's selling copyrighted material they don't own.
The typical whois search tools generally won't help very much with this. So we're going to turn to another tool: a reverse whois lookup.
We'll take a quick look at two of them:
http://www.samspade.org (which is fairly simple but recently broke in a big way and has been considerably reduced in scope) and http://www.openrbl.org, which works but can be somewhat daunting.
This is from samspade.org:
www.smartypants.com = [ 207.170.65.119 ]
Now try http://www.openrbl.org/
In the first section, you'll see a text box. To the left of it, the label says IP-Address. This will have been filled in with your IP address. (It's a geeky way of saying Howdy!)
Replace your IP address with: www.smartypants.com and hit the Enter key.
Lookie: 207.170.65.119
So click on that and you get smtpserve.com
Look in the second second section: DNSBL lookup - and you'll see a grey button with this text - Openrbl JS Client
Click on it.
When the new window opens, you'll see 207.170.65.199 in the DNS/BL Query box.
BL stands for Block lists. This tool amalgamates information from the various block lists out there trying to stem the tide of spam, viruses and other garbage.
Click on the Lookup button.
Give it a minute, and you should see some buttons change from green to different colors. Click on Country, and you'll see where this IP address is located: United States
Click on ASPATH. Now look at the very bottom of the window - you'll see AS-Number [AS3900] - this is the registration identification for the network where that IP address is located. Click on the number.
Up pops a new browser window with this info: OrgName: Yokubaitis Holding Corporation OrgID: YOKU Address: 2700 Via Fortuna Address: Suite 500 City: Austin StateProv: TX PostalCode: 78746 Country: US
Yep. This week, our site is located on a server network located in Houston, Texas.
So if smartypants.com was trying to sell your intellectual properly, you now know who their web host is and can poke them with the pointy stick.
There are more tools and tricks in the arsenal, but this seems like a good time to end this series. Happy hunting.
Cheers, George
Copyright 2006 Smartypants.com Inc. All Rights Reserved.
