Hacking Truths---What They Don't Teach in Manuals. Tracing an IP, getting...IP Address, nslookup, Reverse DNS, WHOIS, tracert, traceroute Ankit Fadia
______________________________________________________________________________
Getting geographical Information using an IP Address By Ankit Fadia ankit@bol.net.in
______________________________________________________________________________
Getting the Internet Protocol or the IP Address of a remote system is said to the most important step in hacking of a
system. Sometimes, however we get an IP in order to get more information on someone or some host. But, how can
an IP Address be used to get more information on the location etc of a system? Well, this manual is aimed at
answering just this question.
Actually, the IP address (Actually the entire TCP/IP Protocol) is structured or designed such that one cannot tell as to
in which country a system having the given IP is situated, by simply looking at it. An IP Address has no fields, which
tell you the country in which the computer using it resides in. So, all myths like ‘The Second or the third field of an
IP stands for the country in which the system using it resides’ are definitely false and untrue.
However, yes sometimes one can guess or deduce as to in which country and even in which city the system using an
IP resides in, by simply looking at the first three fields of the IP. Let us take an example to understand what I mean to
say by this. Now, before I move on the example, let us understand how exactly IP Addresses are awarded to you.
Firstly, your ISP registers at the central authority and gets a particular range of IP addresses between which the
various customers (people who dial into their servers) can be awarded IP addresses. Most ISP’s are given a Class C
network Address. A class C Network address contains a 24-bit Network Prefix (the first three fields) and an 8-bit
Host number (the last field). It is referred to as "24's" and is commonly used by most ISP's.
******************
HACKING TRUTH: For the benefit of beginners, I have included below a snippet from one of my earlier manuals,
which explains IP Addresses better: (Even if you are not a newbie, I do suggest you read the below snippet, as it
might just be helpful.)
Like in the real world, everyone has got an individual Home Address or telephone number so that, that particular
individual can be contacted on that number or address, similarly all computers connected to the
Internet are given a unique Internet Protocol or IP address which can be used to contact that particular computer. In
geek language an IP address would be a decimal notation that divides the 32- bit Internet addresses (IP) into four 8-
bit fields.
Does the IP address give me some information or do the numbers stand for anything?
Let take the example of the following IP address: 202.144.49.110 Now the first part, the numbers before the first
decimal i.e. 209 is the Network number or the Network Prefix.. This means that it identifies the number of the
network in which the host is. The second part i.e. 144 is the Host Number that is it identifies the number of the host
within the Network. This means that in the same Network, the network number is same. In order to provide
flexibility in the size of the Network, here are different classes of IP addresses:
Address Class Dotted Decimal Notation Ranges
Class A ( /8 Prefixes) 1.xxx.xxx.xxx through 126.xxx.xxx.xxx
Class B ( /16 Prefixes) 128.0.xxx.xxx through 191.255.xxx.xxx
Class C ( /24 Prefixes) 192.0.0.xxx through 223.255.255.xxx
______________________________________________________________________________
Getting geographical Information using an IP Address By Ankit Fadia ankit@bol.net.in
______________________________________________________________________________
Getting the Internet Protocol or the IP Address of a remote system is said to the most important step in hacking of a
system. Sometimes, however we get an IP in order to get more information on someone or some host. But, how can
an IP Address be used to get more information on the location etc of a system? Well, this manual is aimed at
answering just this question.
Actually, the IP address (Actually the entire TCP/IP Protocol) is structured or designed such that one cannot tell as to
in which country a system having the given IP is situated, by simply looking at it. An IP Address has no fields, which
tell you the country in which the computer using it resides in. So, all myths like ‘The Second or the third field of an
IP stands for the country in which the system using it resides’ are definitely false and untrue.
However, yes sometimes one can guess or deduce as to in which country and even in which city the system using an
IP resides in, by simply looking at the first three fields of the IP. Let us take an example to understand what I mean to
say by this. Now, before I move on the example, let us understand how exactly IP Addresses are awarded to you.
Firstly, your ISP registers at the central authority and gets a particular range of IP addresses between which the
various customers (people who dial into their servers) can be awarded IP addresses. Most ISP’s are given a Class C
network Address. A class C Network address contains a 24-bit Network Prefix (the first three fields) and an 8-bit
Host number (the last field). It is referred to as "24's" and is commonly used by most ISP's.
******************
HACKING TRUTH: For the benefit of beginners, I have included below a snippet from one of my earlier manuals,
which explains IP Addresses better: (Even if you are not a newbie, I do suggest you read the below snippet, as it
might just be helpful.)
Like in the real world, everyone has got an individual Home Address or telephone number so that, that particular
individual can be contacted on that number or address, similarly all computers connected to the
Internet are given a unique Internet Protocol or IP address which can be used to contact that particular computer. In
geek language an IP address would be a decimal notation that divides the 32- bit Internet addresses (IP) into four 8-
bit fields.
Does the IP address give me some information or do the numbers stand for anything?
Let take the example of the following IP address: 202.144.49.110 Now the first part, the numbers before the first
decimal i.e. 209 is the Network number or the Network Prefix.. This means that it identifies the number of the
network in which the host is. The second part i.e. 144 is the Host Number that is it identifies the number of the host
within the Network. This means that in the same Network, the network number is same. In order to provide
flexibility in the size of the Network, here are different classes of IP addresses:
Address Class Dotted Decimal Notation Ranges
Class A ( /8 Prefixes) 1.xxx.xxx.xxx through 126.xxx.xxx.xxx
Class B ( /16 Prefixes) 128.0.xxx.xxx through 191.255.xxx.xxx
Class C ( /24 Prefixes) 192.0.0.xxx through 223.255.255.xxx
