• Welcome to the E-Goat :: The Totally Unofficial RAF Rumour Network.

    You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

    If you have any problems with the registration process or your account login, please contact us.

IP Address

  • Thread starter Thread starter Statty Queen
  • Start date Start date
S

Statty Queen

Guest
I hope I've posted in the right forum, but I was wondering if anyone can help?

Last week, I tried logging on to e-goat and was locked out for 15 minutes, due to someone unsuccessfully attempting to log in as me.

The good ol webmaster sent me an email with this person's IP address. My question is: Is there any way I can find out who someone is by their IP address?

I have a vague idea who it is, because the same thing happened with my Myspace account.

I'll be very, very grateful for any help
 
M

monobrow

Guest
Statty Queen said:
I hope I've posted in the right forum, but I was wondering if anyone can help?
Click to expand...

This is the section for E-Goat related tech questions, however I've moved it to the resident geeks lounge as the question is that you want to resolve an IP address......

The being locked out though usually happens on an IGS machine, if it's your home one, be worried!!

I'm sure one will be along soon.....
 
Last edited:
M

mad_mo

Guest
SQ,

I dont have the answer to your above question, but if individuals are accessing accounts you have, that falls under the Computer Misuse Act 1990.

If you have a fair idea, It may be worth informing them you will seek further legal advice with regard to this Act which makes certain offences criminial ones!.
 
S

Statty Queen

Guest
I WAS locked out in work, but my Myspace account was locked out at home. That's why I don't think it was just an IGS problem
 
R

rugby then work

Cider Drinker
1,240
0
0
wgaf said:
http://www.ipligence.com/?gclid=CKLqwcOz_owCFRcGEgodKA21DA
Statty, try this, it'll give you a free search. It'll let you know where the IP addy is in the country. The problem you may have is that not all IP addys are static, some ISPs will change the addy each time you log on.
Click to expand...

The IP address will change at least every 8 days unless the person doing this (if anyone actually is) has paid to keep the same address.
 
S

SirSaltyHelmet

Thoroughly Nice Chap
4,329
0
0
I think it is coincidence between myspace being logged out and the lock out with the goat. Are you using IGS for the goat?
 
M

Major Geek

Sergeant
743
0
0
The two may not be connected. I know MySpace is always being hacked, dont use it myself but my wife and kids accounts have been hijacked in the past and used to post links to porn and such.
 
S

Statty Queen

Guest
SSH, I do use IGS for the goat, maybe it was a coincidence, but I think it's someone who doesn't trust me and was trying to read my PMs and also my inbox on Myspace.

Thanks RTW, but Hu got to me first, so I PM'd him the address, and he's sorting it out his end.
 
S

shettie

Flight Sergeant
1,801
1
36
SQ - tracing the IP address is not going to prove where a person is... My IP address will indicate that my PC is in nottingham - and I'm not (thats where my ISP's DHCP server must be - thats the server that issues the IP address to your PC) The other problem that you will find is that - if its come from an IGS machine - you'll probably find, like my work network (14000 pcs...) - IGS connects to the interworld using one IP address - and that is what will be shown when you try the find it, hiding the actual "internal" network address. Investigations would indicate that the IP belonged to an ISP (or in the case of the RAF, - MOD probably...) Not very helpful i'm afraid...

As MM stated - its against computer misuse legislation - personally I would confront them - especially if this happened on a work PC... and perhaps involve your friendly local SI/IT plod on camp
 
T

The Fact Hunter

SAC
139
0
0
Statty Queen said:
Is there any way I can find out who someone is by their IP address?
Click to expand...

Hi SQ,

If you want to have a go at the problem yourself, I can recommend some freeware software downloads from:-

Wireshark - http://www.wireshark.org/download.html

This is a 'protocol analyser' and will tell you who is on/using/or more importantly - trying to use - your network

Sam Spade - http://www.pcworld.com/downloads/file/fid,4709-order,1-page,1-c,alldownloads/description.html

This will perform all manner of IP address lookups/reverse lookups etc etc
 
F

flounder_al

Guest
mad_moriarty said:
but if individuals are accessing accounts you have, that falls under the Computer Misuse Act 1990.

If you have a fair idea, It may be worth informing them you will seek further legal advice with regard to this Act which makes certain offences criminial ones!.
Click to expand...

A very useful document and one i am using at the moment as someone has illegally entered my restricted website. Solicitor was impressed i knew about it :PDT_Xtremez_30:
 
P

prop135

Guest
The Fact Hunter said:
Hi SQ,

If you want to have a go at the problem yourself, I can recommend some freeware software downloads from:-

Wireshark - http://www.wireshark.org/download.html

This is a 'protocol analyser' and will tell you who is on/using/or more importantly - trying to use - your network

Sam Spade - http://www.pcworld.com/downloads/file/fid,4709-order,1-page,1-c,alldownloads/description.html

This will perform all manner of IP address lookups/reverse lookups etc etc
Click to expand...

Wireshark will only show the packets passing through the network card on SQs PC, thats fine if someone is trying to gain access to a home PC/network. In this case the attacker is not after a PC just a user account on a web site. This is an excellent tool though.

Sam Spade is good too but in this case it will probably prove useless. As stated earlier in the thread it is not likely that the attackers IP is the same now as it was at the time of the attack. Even if it was Sam Spade will probably only trace back to an ISP.
 
T

The Fact Hunter

SAC
139
0
0
Wireshark will only show the packets passing through the network card on SQs PC, thats fine if someone is trying to gain access to a home PC/network. In this case the attacker is not after a PC just a user account on a web site. This is an excellent tool though.
Click to expand...

Wireshark actually sets the NIC card into 'promiscuous mode' and will see any/all traffic that is on the local net - ie after the routers default gateway and before any PC's firewall. It will capture any session and show port details going in and out. You can freeze/capture this data and use it as evidence

Sam Spade is good too but in this case it will probably prove useless. As stated earlier in the thread it is not likely that the attackers IP is the same now as it was at the time of the attack. Even if it was Sam Spade will probably only trace back to an ISP.
Click to expand...

Once you have captured your data with Wireshark, you can paste it into Sam Spade to do many look-ups such as Whois/DiG/Trace etc and this will lead to an ISP, but then (unless a proxy address has been used) you can press the built-in 'report abuse' button and file a report. ISP's only have an allocated suite of registered addresses that they can 'spread about' and are anyhow cached to the originators DNS. ARIN will investigate them if reported.
 
P

prop135

Guest
The Fact Hunter said:
Wireshark actually sets the NIC card into 'promiscuous mode' and will see any/all traffic that is on the local net - ie after the routers default gateway and before any PC's firewall. It will capture any session and show port details going in and out. You can freeze/capture this data and use it as evidence
Click to expand...

Yes, but if you read the opening post on this thread then you will see that it refers to someone posting to a web page not hacking someones home network. This makes wireshark redundant at this point. Even in promiscuous mode, if it is a swithced network wireshark will not see directed traffic, only broadcast and management traffic if it is on the same subnet.

Once you have captured your data with Wireshark, you can paste it into Sam Spade to do many look-ups such as Whois/DiG/Trace etc and this will lead to an ISP, but then (unless a proxy address has been used) you can press the built-in 'report abuse' button and file a report. ISP's only have an allocated suite of registered addresses that they can 'spread about' and are anyhow cached to the originators DNS. ARIN will investigate them if reported.
Click to expand...

Again not any use given the current thread
 
You must log in or register to reply here.
7,574members
43,682threads
596,892posts
42online users
Back
Top