Tracing an IP address

hey guys, in the last few posts (named enumerating remote systems) I explained to you guys how to get a targets IP address. Now I will show you how to trace it.

Now there are a couple of manual trial and error method which i wont be demonstrating in this post. simply because its not very useful and no one really does it nowdays.

Reverse DNS lookup

now a DNS is basically a tool for converting hostnames (like google.com) which humans can understand, to IP addresses, which the machines use. now when you type www.google.com in your browser, the browser performs a DNS lookup to find the IP address so that it can communicate with the host. so the browser contacts the DNS server through your ISP and looks for the IP conversion.

on the other hand, a reverse DNS lookup, does the opposite of a DNS lookup and finds the IP address of that specific hostname. and that is what we will use.

but there are some cons to using rever DNS lookup some of them being: it does not always work, does not display as much information as some other methods and its not foolproof because it may sometimes display false information.

Note: (reverse) DNS lookup is also used by crackers/hackers to find information on their target company, for example IP addresses, contact information (for social engineering) and lots more information. It is also used by white-hats (ethical hackers) as the crackers may leave vital IP addresses behind which may lead to their apprehension.

one great web based service for DNS queries is www.zoneedit.com. It allows users to perform DNS and reverse DNS lookup.

I will update this post later to add more ways to trace an ip address.

cheers