Forum Home
Press F1
Thread ID: 19007	2002-05-06 23:07:00	How do i track down an IP address's 'owner'	Guest (0)	Press F1

Post ID	Timestamp	Content	User
47488	2002-05-06 23:07:00	Since running my own web server, i have become aware of how many servers are infected with w32.nimda.a@mm virus, and i often get the same IP trying for days to get into my server.. I'm safe, apparently only because i am running apache. However in the interest of keeping the net a clean place would like to track the ip's and let the owners of the servers know that they have a problem. i have tried going to the infected servers sites, but suprise! the sites dont respond any more.How do i find this info? typical IP are 202.199.18.202 202.31.129.242 which i beleive are NZ addresses	Guest (0)
47489	2002-05-06 23:42:00	In any case don't visit the IPs that are doing this. They could be infected and running it on their site that may cause you to be infected as well. The only safe way to warn them is through their ISP and to find this you would visit a WHOIS website and type in the IP and that should return who owns those IPs. There should be a contact there that you can email telling them of this and they will inform the users of that IP. You should also send your log of what is happening.	Guest (0)
47490	2002-05-06 23:50:00	First rule here is NEVER follow the IP address as you may connect with a infected computer and be worse off for the experience. 202.199.18.202 - China 202.31.129.242 - Sth Korea The two addresses above are China and Sth Korea. Use a program such as SmartWhoIs to trace the ip address. I don't think you will get much joy from the isp's in the countries listed here.	Guest (0)
47491	2002-05-07 01:03:00	i've allready broken that rule, and you are right, the only thing on the site was trouble on a white screen, if anything at all. Fortunatly i run AV software which has so far caught the said virus	Guest (0)
47492	2002-05-07 03:01:00	Chris, Try <www.amnesi.com> This gives you a 'reverse ip lookup'	Guest (0)
1