Home › Forums › Archives › Instant Messaging › Yahoo! Messenger Support › Tracing IP address help!
- This topic has 128 replies, 69 voices, and was last updated 17 years, 1 month ago by tmaxx187.
-
AuthorPosts
-
February 21, 2004 at 8:40 pm #59655DavidParticipantQuote:quote:Originally posted by curtisg43228
good luck getting a straight answer,all they will do i give you answers to everything but the question you asked.
Shifter addressed the point entirely.
venetiescrub: You should close all programs that use the Internet except one (Your web browser and any other messengers should be closed), if you can’t figure out the NETSTAT screen maybe you should just stay away from it, nobody here will be able to help you figure out what IP goes to what program.
February 22, 2004 at 8:16 am #59711jiku14Membernow lemme just ask u how to trace an ip ….if ur usin a program then SCREW YOU K!
anyway ….the most a nomral guy could do to u is compromise this ubble headed girls computer…..o wait she wants the good news……
jk there it doesnt matter if u have 56k or on some cable and dsl lines …..basically i would get ur ip (usin good old ms-dos) then do a search on on that address until i can find some random information with ppl and similar ips and hopefully find an isp service fittin that ip range …then send an email of the possibility of u breaking some law in an emial to that company in order to get info out of them ….but hey its still mystery to meFebruary 24, 2004 at 2:29 pm #59649feel_the_rythemMemberto stop someone from getting your IP address you can use Proxy servers.
February 24, 2004 at 3:24 pm #59683riff_raff_50076MemberHave look here for aol proxy IPs http://webmaster.info.aol.com/proxyinfo.html
A small program called active ports will tell you what messanger is using what port address and the conneting Ip I think if you wanna try using active ports you can get it here http://www.webattack.com/get/activeports.shtml ist pretty simple to use open a IM to the pesron you want to talk to watch for a new connetion under ypager ( yahoo) and one under AIM ( aol not sure if AIM is the correct name) it wount be hard to spot , Just be sure to open active ports before you send any Im’s .Hope that helps .February 24, 2004 at 4:47 pm #59715violent_greenMemberQuote:quote:this site will show you your ip address, or the address that others will see (if you are going through a remote proxy)
http://www.whatismyip.com/I am connected to a Linksys 4port cable/dsl router with a NAT firewall. When I click on the above link it tells me my IP address for my computer is 82.xx.x.xxx, but when I go to command prompt and type ipconfig, it gives me the IP which the router has allocated to my computer, 192.xxx.x.xxx.
Which one of these IP’s is visible to other people?
February 24, 2004 at 11:42 pm #59710UnSaKreDMemberBasically this topic has been covered.
But I feel like adding my two cents in.Getting some ones IP is fairly easy to do VIA Yahoo or AIM.
For Yahoo there are a few methods.
1.) Using a program (IP Sniffer Pro) plug plug….
2.) Doing it manually.To do it manually as some one else already posted you need to run DOS.
And from the DOS Prompt type Netstat -N.
When the active connections are listed you will be looking for a TCP Port
like 5101 or 5100.And that is the IP address of the person you are in chat/super webcam/file transfer with.
For Aim, the process is also quite simple.
Open up an Instant Message, and click on the picture tab.(Direct Connection)
After they have accepted load up good old DOS and again type NETSAT -a.
I don’t know the actual TCP Port for AIM its been a while.
It might be 5190 but im not sure.Well thats my two cents.
-UnSaKreD
February 27, 2004 at 4:21 am #59713pearlMemberI tried netstat –n but all I got is Yahoo’s IP instead of user’s IP and I got the same IP for everyone I PM with. Where am I doing wrong? How to look for TCP port?
March 1, 2004 at 5:16 pm #59716cmos_pixelsMemberALL ABOUT NETSTAT – A TUTORIAL BY GAURAV KUMAR ([email protected])
Dear reader
In this tutorial I am going teach how to use a very useful command netstat. By using netstat you will be able to find out the ip address of your computer and of the remote computer connected to your computer and most importantly you will be able to know what ports are open on our computer – this will help you know if your computer is infected by a Trojan. Let us see how to launch netstat command. netstat is a MS-DOS based command, you can not use mouse to interact with this utility. To launch this command simply run MS-DOS prompt. To do this just click on ‘Run…’ after clicking on Start button and then type command and press enter key. Alternatively you can select MS-DOS prompt from Start menu if you are using windows 98 or from accessories if you are using windows NT,2000 or XP. After launching command prompt you will get
C:windows>
or
C:>
To launch netstat type netstat -a and press enter key.
C:windows>netstat -a
This will give output similar to this.
Active Connections
Proto Local Address Foreign Address State
TCP gaurav:1753 http://www.ethicalhackers.tk:http ESTABLISHED
TCP gaurav:1081 http://ftp.mycgiserver.com:ftp ESTABLISHED
TCP gaurav:1036 http://ftp.mycgiserver.com:ftp-data TIME_WAIT
TCP gaurav:1145 mail.sec33.com:pop3 ESTABLISHED
Let us try to understand this output in some detail.
Proto Its full name is Protocol. A protocol is simply a set of rules that your computer follows to communicate to other computers.
The TCP shown under the heading Proto shows that our computer is using the TCP (Transfer Control Protocol ) to communicate to the other computer. An other type of protocol is UDP
Local Address This is the address of our computer. Under this heading we can see gauarv:1081. gaurav is the name of our computer. This is the name asked by windows setup during installation.1081 is our local port number and is randomly generated. A port is simply a virtual ‘road’ on which internet data ‘travels’
Foreign Address This is very important for us. Under this heading we can see http://ftp.mycgiserver.com This shows that our computer is connected to computer having name http://ftp.mycgiserver.com
State This tells about the state of our connection. Following table will help you in understanding these.
STATE WHAT DOES IT MEAN
CLOSED There is no connection between your computer and remote host.
CLOSING Your computer and remote computer have both agreed to close connection.
CLOSE WAIT The remote computer has initiated to close the connection
ESTABLISHED There is a connection.
FIN WAIT 1 The software using connection (like msn messenger) has finished using the connection
FIN WAIT 2 The remote computer has agreed to close connection.
LAST ACK The connection is waiting for all the data packets to destroy.
LISTEN Your computer is listening for incoming connection
SYN RCVD Remote computer is sending a request for connection
SYN SENT Your computer has initiated to open a connection
TIMED WAIT same as LAST ACKNow let us see some other options available with the netstat command. If you want to know the options available you can pass /? as an argument to the netstat command i.e.
c:windows>netstat /?We will get the following output.
Displays protocol statistics and current TCP/IP network connections.
NETSTAT [-a] [-e] [-n] [-s] [-p proto] [-r] [interval]
-a Displays all connections and listening ports. (Server-side connections are normally not shown).
-e Displays Ethernet statistics. This may be combined with the -s option.
-n Displays addresses and port numbers in numerical form.
-p proto Shows connections for the protocol specified by proto; proto may be tcp or udp. If used with the
-s option to display per-protocol statistics, proto may be tcp, udp, or ip.
-r Displays the contents of the routing table.
-s Displays per-protocol statistics. By default, statistics are shown for TCP, UDP and IP; the -p
option may be used to specify a subset of the default.
interval Redisplays selected statistics, pausing interval seconds between each display. Press CTRL+C to
stop redisplaying statistics. If omitted, netstat will print the current configuration information
once.
Before we explore all the options let us apply the knowledge we have just gathered. Let suppose we want to find out if our computer is infected with a Trojan. For those who don’t know about Trojans I would like to tell them that Trojans malicious programs that may have come in form of a email attachment or in the form of infected software. These Trojans generally listen on some port for connections and after accepting the connection the remote computer user may execute any command on your computer. The most popular trojan is Back OrificeSo if you want to check out whether your computer is infected with Back Orifice you will run command netstat -a and if it shows that your computer is listening on port 31337 you must download some Trojan removal software. Please note that these Trojans have options that allow the remote attacker allow to change default port for accepting connections. For example a remote attacker may have changed the default port from 31337 to 54871. So you must look for suspicious ports. Click here to get a list of such Trojans and the default ports on which they accept connections.
Now let us explore all the options available with the netstat command. We have already used -a option that shows all the connections and listening ports. Let use explore -n option.
The netstat -n command will display the numbers in place of the names i.e. instead of name of our computer we will get the ip address of our computer. This option is helpful if we want to know the ip address of our computer and of the remote computer connected to our computer.
The netstat -p command is used to get information related to a particular protocol. Suppose we want to know only about the connections using UDP we will use command netstat -p udp and netstat -p tcp for connections using tcp. Please note that we can combine options. For example the command netstat -a -p udp and this will give us information about all the connections using UDP.
The netstat -s and netstat -e command are used to display detailed statistics about the different protocols. These commands are generally to correcting network problems.
The netstat -r is used to display routing tables. We need not go in details but I would like to tell you that routing table is used by computers to figure out by which route they should pass on the data. If a computer can not find out a suitable route it will discard the data packet.
Now before I end this tutorial let us see the use of interval option. If you specify a number in place of interval the netstat command will run again and again after that period of seconds. e.g. netstat -a 1 To exit from the command you will have to press CTRL+C.
I hope you like this tutorial. Please send your comments and suggestions to [email protected]
March 4, 2004 at 8:57 am #59717blon_detteMemberI just started reading some of the posts here and I have a question. How do I hide my IP address from e-mails I send out to people? And are they free? I know that there used to be a site that you could sign in to and then go to your e-mail and compose a message and the IP address would be hidden. But I can’t remember where it was.
Thanks for any help.:DMarch 4, 2004 at 7:41 pm #59701zhugeliangMemberI’m guessing that you’re talking about an HTML proxy. You can go to google.com and do a search for proxy servers, and you’ll find a lot that can do what you want, but you’ld have to pay for it. There are some free proxy servers (HTML proxy) but they only provide a limited amount of usability, so I dont’ know if they’ld help you with hiding your IP address for you e-mail. You can try it, by sending your friend an e-mail after setting it up to use the proxy, and then having him/her check to see if they can still see your IP address or not. Other than that, there isnt’ much we can tell you.
March 30, 2004 at 3:09 am #59718alamdarloParticipanthi guys help me save me!!!!!!
a few days ago someone russia cheated me through internet banking and he captured my internet banking information and transfered $9000 australian dollars to overseas,so my question is how I can find his ip address.i called to police but they don’t know about it.
thank youMarch 31, 2004 at 6:12 am #59700zhugeliangMemberWell, this isn’t exactly the right place for that kind of question, but I’ll give you a few pointers anyways. First of all, you should run an anti-virus scan to see if you have a trojan horse, which would allow them to see what you’ve typed (ie. passwords, usernames, credit card and banking info, etc.) and if that’s clean, then lodge a complaint with to the company you were doing business at, and let them know what happened. You should also let you credit card company know, though they have probably contacted you and questioned you about it already. Hope this helps.
April 2, 2004 at 4:45 am #59719blackpagerMemberthe thing is why hide IPs if they cant do anything with it. anyway get a firewall. best bet… some apps like spywares sends info out of your comp to the web…if your using firewall you can stop it if you want.
April 2, 2004 at 10:27 am #59699zhugeliangMemberThere are some people out there who know exactly what they can and can’t do with an IP address. Not to mention, a firewall won’t guarantee that you’re secure, but it’s a good step toward it. If you have spyware on your computer, get ad-aware and spybot s&d, and that’ll clean it off. Not to mention, spyware wasn’t necissarily the issue in alamdarlo’s case.
April 22, 2004 at 2:52 am #59726MicaBlueLexMemberHi…..quick question. Can someone trace my IP address from a simple Yahoo email and compare it to an email that was sent through my work email account? The yahoo one gives me a different IP than the work one does. The work one is one that I log into, an off site server, and the other is Yahoo….which can be logged on anywhere. Some guy claims that he has my IP address and is sending me harrassing emails. I sent myself an email from both accounts and clicked on “View Full Headers” and the IP addresses from both emails were different. And those two are different than the one on my DSL settings…Can he connect the two emails being from the same IP?
-
AuthorPosts
- The topic ‘Tracing IP address help!’ is closed to new replies.