Go Back   Computer Forums > General Computing > Networking | DNS
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 05-21-2007, 01:47 PM   #1
In Runtime
 
Join Date: Aug 2006
Posts: 102
Default Trace IP Address

This might be totally out there and a little off topic but maybe someone can help me. A couple days ago, a friend of mine had her laptop stolen. She has AIM on it and she told me that someone with her screen name just signed on at another location. She only used AIM on her laptop and on her work computer so it is kind of obvious that it is the person on her laptop.

Is there any way that you guys know of that you could find the IP address of the person using her laptop and then tracing that in hopes that she could inform local authorities and maybe get it back? I know this is really out there, but any ideas would be great.

Brian
__________________

__________________
BrianS is offline   Reply With Quote
Old 05-21-2007, 03:15 PM   #2
Golden Master
 
freestyler105's Avatar
 
Join Date: Sep 2006
Posts: 7,883
Default Re: Trace IP Address

Well, to get their IP address through AIM, you'd have to be in a direct connect session. Normally, all the IMs go through AOL's servers and then to the other person, but with direct connect you're directly connected to them, so you can get their IP.

The easiest way, however, would be to get them to click on a link that brings them to some page that logs their IP. Something like this would work:
http://www.imchaos.com/link/

Even if you can't get their IP, just report it to the police. They may be able to get AOL to give them the IP, and plus the police will be able to trace the IP better than you can.
__________________

__________________
C2D E6600 | 4GB DDR2-800 | 9800GTX+ | Asus P5B-E | 150GB Raptor | 320GB 7200.10 | 750W Xigmatek PSU
freestyler105 is offline   Reply With Quote
Old 05-22-2007, 01:56 PM   #3
BSOD
 
0x0161's Avatar
 
Join Date: Apr 2007
Posts: 441
Default Re: Trace IP Address

Quote:
This might be totally out there and a little off topic but maybe

someone can help me. A couple days ago, a friend of mine had her laptop

stolen. She has AIM on it and she told me that someone with her screen name

just signed on at another location. She only used AIM on her laptop and on

her work computer so it is kind of obvious that it is the person on her

laptop.
If her notebook was stolen, and someone signed on under her screen name to

AIM BTW, (they are very stupid for doing that) unless they used a proxy

with AIM either way, it wasnt the smartest thing to do.



Also, AIM logs all IM sign on & sign off sessions. So he/she who stole it,

is now on a log file on one of the AOL servers. (Evidence)



Quote:
Is there any way that you guys know of that you could find the IP address of the person using her laptop

Sure. open AIM start a conversation, then open the command prompt and type

netstat -ano


Look for your IP address in the list then look next to it, and their will be the culprits. Also, everything the culprit says can be watched by a packet sniffer(if you have direct connection thatis) unless, he uses some combination of a *proxy/encrypted client* (like GAIM/trillian).


Another method, setup a webpage/website. A free one from www.dot.tk (thats what I use)works excellent that captures all 'visitors' IP addresses and their system information. www.danasoft.com offers the CODE you can place in on yourwebsite for doing this.


Another method, Send the culprit an email. Social engineering comes to mind here. Have him respond his IP addy will be in the email headers.

Quote:
and then tracing that in hopes that she could inform local authorities and maybe get it back?
Once you have their IP address, run it through a WHOIS server http://www.arin.net/whois/ or www.ip2location.com <--- for a visual layout.
Basically your just querying the IP address to see *WHO* it belongs too.


Once you have this information you can contact the CULPRITS ISP and inform them of whats going on from their local authority, more than likely cops will want serial number off of the notebook, proof of purchase copy of receipt (for ownership, validation, that is) etc....


Cheers, 0X0161
__________________
0x0161 is offline   Reply With Quote
Old 05-22-2007, 02:08 PM   #4
In Runtime
 
Join Date: Aug 2006
Posts: 102
Default Re: Trace IP Address

That is so much good info right there but i do have a question, this is what I got by just testing it out so I know what to do when I see her and can do it for her.
__________________
BrianS is offline   Reply With Quote
Old 05-22-2007, 02:10 PM   #5
In Runtime
 
Join Date: Aug 2006
Posts: 102
Default Re: Trace IP Address

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.0.26
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
Ethernet adapter Local Area Connection 3:
Media State . . . . . . . . . . . : Media disconnected
__________________
BrianS is offline   Reply With Quote
Old 05-22-2007, 02:11 PM   #6
In Runtime
 
Join Date: Aug 2006
Posts: 102
Default Re: Trace IP Address

C:\Documents and Settings\Brian>netstat -ano

Active Connections

Proto Local Address Foreign Address State PID
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1164
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:990 0.0.0.0:0 LISTENING 2280
TCP 0.0.0.0:22831 0.0.0.0:0 LISTENING 2488
TCP 127.0.0.1:1026 0.0.0.0:0 LISTENING 628
TCP 127.0.0.1:1033 127.0.0.1:1034 ESTABLISHED 2488
TCP 127.0.0.1:1034 127.0.0.1:1033 ESTABLISHED 2488
TCP 127.0.0.1:1036 127.0.0.1:1037 ESTABLISHED 2488
TCP 127.0.0.1:1037 127.0.0.1:1036 ESTABLISHED 2488
TCP 127.0.0.1:1038 127.0.0.1:1039 ESTABLISHED 2488
TCP 127.0.0.1:1039 127.0.0.1:1038 ESTABLISHED 2488
TCP 127.0.0.1:2161 127.0.0.1:2162 ESTABLISHED 4436
TCP 127.0.0.1:2162 127.0.0.1:2161 ESTABLISHED 4436
TCP 127.0.0.1:2163 127.0.0.1:2164 ESTABLISHED 4436
TCP 127.0.0.1:2164 127.0.0.1:2163 ESTABLISHED 4436
TCP 127.0.0.1:5679 0.0.0.0:0 LISTENING 2224
TCP 127.0.0.1:6880 0.0.0.0:0 LISTENING 2488
TCP 127.0.0.1:7438 0.0.0.0:0 LISTENING 2224
TCP 127.0.0.1:10025 0.0.0.0:0 LISTENING 1216
TCP 127.0.0.1:10110 0.0.0.0:0 LISTENING 1216
TCP 127.0.0.1:45100 0.0.0.0:0 LISTENING 2488
TCP 192.168.0.26:139 0.0.0.0:0 LISTENING 4
TCP 192.168.0.26:139 192.168.0.29:2863 ESTABLISHED 4
TCP 192.168.0.26:2601 89.149.169.81:80 CLOSE_WAIT 5620
TCP 192.168.0.26:3015 64.12.24.60:5190 ESTABLISHED 844
TCP 192.168.0.26:3042 205.188.248.144:5190 ESTABLISHED 844
TCP 192.168.0.26:3332 64.12.31.84:5190 ESTABLISHED 844
TCP 192.168.0.26:3343 216.155.193.153:5050 ESTABLISHED 844
TCP 192.168.0.26:3603 72.213.37.59:41975 ESTABLISHED 2488
TCP 192.168.0.26:3641 24.141.21.113:9593 ESTABLISHED 2488
TCP 192.168.0.26:3684 219.94.81.242:51231 ESTABLISHED 2488
TCP 192.168.0.26:3712 83.226.123.191:57408 ESTABLISHED 2488
TCP 192.168.0.26:3735 85.30.227.226:49481 ESTABLISHED 2488
TCP 192.168.0.26:3742 71.71.62.104:19959 ESTABLISHED 2488
TCP 192.168.0.26:3789 218.103.137.163:6000 ESTABLISHED 2488
TCP 192.168.0.26:3803 212.72.109.53:49256 ESTABLISHED 2488
TCP 192.168.0.26:3816 121.45.161.194:54040 ESTABLISHED 2488
TCP 192.168.0.26:3903 85.66.43.86:19363 ESTABLISHED 2488
TCP 192.168.0.26:3918 75.23.135.171:61240 ESTABLISHED 2488
TCP 192.168.0.26:3920 208.120.207.200:58875 ESTABLISHED 2488
TCP 192.168.0.26:3942 60.241.232.46:49956 ESTABLISHED 2488
TCP 192.168.0.26:3946 213.112.112.54:41850 ESTABLISHED 2488
TCP 192.168.0.26:3952 203.206.114.45:59527 ESTABLISHED 2488
TCP 192.168.0.26:3961 24.9.191.207:11233 ESTABLISHED 2488
TCP 192.168.0.26:4006 85.73.67.46:6889 ESTABLISHED 2488
TCP 192.168.0.26:4011 190.48.154.92:32612 ESTABLISHED 2488
TCP 192.168.0.26:4029 74.13.84.205:25365 ESTABLISHED 2488
TCP 192.168.0.26:4035 83.40.221.131:28000 ESTABLISHED 2488
TCP 192.168.0.26:4036 89.129.180.28:60948 FIN_WAIT_1 2488
TCP 192.168.0.26:4052 74.102.151.91:36402 ESTABLISHED 2488
TCP 192.168.0.26:4059 212.68.197.150:52688 ESTABLISHED 2488
TCP 192.168.0.26:4063 220.238.165.101:12658 ESTABLISHED 2488
TCP 192.168.0.26:4064 202.161.23.114:60115 ESTABLISHED 2488
TCP 192.168.0.26:4074 71.114.183.48:19948 ESTABLISHED 2488
TCP 192.168.0.26:4083 68.122.7.191:44222 ESTABLISHED 2488
TCP 192.168.0.26:4100 217.208.27.38:30824 ESTABLISHED 2488
TCP 192.168.0.26:4108 64.86.95.64:80 TIME_WAIT 0
TCP 192.168.0.26:4111 64.233.161.167:80 TIME_WAIT 0
TCP 192.168.0.26:4112 64.86.95.42:80 TIME_WAIT 0
TCP 192.168.0.26:4113 64.86.95.42:80 TIME_WAIT 0
TCP 192.168.0.26:4115 85.178.240.198:42900 ESTABLISHED 2488
TCP 192.168.0.26:4135 64.86.95.64:80 TIME_WAIT 0
TCP 192.168.0.26:4136 64.212.198.162:80 TIME_WAIT 0
__________________
BrianS is offline   Reply With Quote
Old 05-22-2007, 02:11 PM   #7
In Runtime
 
Join Date: Aug 2006
Posts: 102
Default Re: Trace IP Address

Tcp 192.168.0.26:4138 80.47.231.191:14457 Last_ack 2488
Tcp 192.168.0.26:4147 81.222.204.157:7486 Established 2488
Tcp 192.168.0.26:4150 80.202.221.141:14807 Established 2488
Tcp 192.168.0.26:4159 83.226.204.215:47711 Established 2488
Tcp 192.168.0.26:4161 83.251.21.32:60608 Established 2488
Tcp 192.168.0.26:4162 82.131.12.44:10788 Established 2488
Tcp 192.168.0.26:4163 58.8.74.11:6882 Established 2488
Tcp 192.168.0.26:4167 91.122.20.114:57237 Established 2488
Tcp 192.168.0.26:4169 194.146.135.196:30364 Established 2488
Tcp 192.168.0.26:4172 89.210.75.168:30000 Established 2488
Tcp 192.168.0.26:4173 83.237.231.224:64927 Established 2488
Tcp 192.168.0.26:4179 89.112.11.227:61541 Established 2488
Tcp 192.168.0.26:4185 190.45.85.26:13279 Established 2488
Tcp 192.168.0.26:4186 85.140.104.141:36597 Established 2488
Tcp 192.168.0.26:4189 216.99.42.147:35490 Established 2488
Tcp 192.168.0.26:4201 201.235.243.215:45081 Last_ack 2488
Tcp 192.168.0.26:4202 75.22.67.7:26054 Established 2488
Tcp 192.168.0.26:4203 68.54.112.159:38341 Established 2488
Tcp 192.168.0.26:4204 219.95.46.116:10145 Established 2488
Tcp 192.168.0.26:4205 24.164.23.100:6881 Established 2488
Tcp 192.168.0.26:4206 81.180.252.9:40195 Established 2488
Tcp 192.168.0.26:4212 88.113.27.13:9090 Established 2488
Tcp 192.168.0.26:4215 162.105.113.168:60893 Established 2488
Tcp 192.168.0.26:4220 80.198.0.179:40337 Established 2488
Tcp 192.168.0.26:4230 70.45.23.133:40340 Established 2488
Tcp 192.168.0.26:4231 74.99.178.179:10753 Established 2488
Tcp 192.168.0.26:4243 82.225.231.79:4662 Established 2488
Tcp 192.168.0.26:4246 82.17.104.41:51402 Established 2488
Tcp 192.168.0.26:4247 85.176.24.94:11478 Established 2488
Tcp 192.168.0.26:4259 72.14.253.95:80 Established 4436
Tcp 192.168.0.26:4262 76.177.109.107:49150 Established 2488
Tcp 192.168.0.26:4265 192.168.0.26:22831 Time_wait 0
Tcp 192.168.0.26:4267 85.235.20.108:9000 Established 2488
Tcp 192.168.0.26:4268 202.151.66.31:26300 Established 2488
Tcp 192.168.0.26:4269 60.48.109.95:49222 Established 2488
Tcp 192.168.0.26:4270 212.52.153.63:61084 Established 2488
Tcp 192.168.0.26:4272 81.20.178.139:63579 Established 2488
Tcp 192.168.0.26:4273 68.227.226.191:35631 Established 2488
Tcp 192.168.0.26:4274 72.131.21.78:51348 Established 2488
Tcp 192.168.0.26:4276 81.154.104.237:46412 Established 2488
Tcp 192.168.0.26:4282 213.93.115.57:55938 Established 2488
Tcp 192.168.0.26:4287 24.2.94.148:24294 Syn_sent 2488
Tcp 192.168.0.26:4291 85.73.185.210:64886 Established 2488
Tcp 192.168.0.26:4292 203.214.107.230:14001 Established 2488
Tcp 192.168.0.26:4293 81.225.223.189:49876 Syn_sent 2488
Tcp 192.168.0.26:4888 172.204.68.251:41916 Established 2488
Udp 0.0.0.0:445 *:* 4
Udp 0.0.0.0:500 *:* 940
Udp 0.0.0.0:1025 *:* 1420
Udp 0.0.0.0:1036 *:* 1672
Udp 0.0.0.0:1059 *:* 1420
Udp 0.0.0.0:1089 *:* 1420
Udp 0.0.0.0:1090 *:* 1420
Udp 0.0.0.0:1345 *:* 1420
Udp 0.0.0.0:1346 *:* 1420
Udp 0.0.0.0:1347 *:* 1420
Udp 0.0.0.0:1348 *:* 1420
Udp 0.0.0.0:4500 *:* 940
Udp 0.0.0.0:16680 *:* 2488
Udp 0.0.0.0:22831 *:* 2488
Udp 127.0.0.1:123 *:* 1284
Udp 127.0.0.1:1033 *:* 1284
Udp 127.0.0.1:1900 *:* 1456
Udp 127.0.0.1:3018 *:* 844
Udp 127.0.0.1:3019 *:* 844
Udp 127.0.0.1:3052 *:* 844
Udp 127.0.0.1:3053 *:* 844
Udp 127.0.0.1:3335 *:* 844
Udp 127.0.0.1:3336 *:* 844
Udp 127.0.0.1:3346 *:* 844
Udp 127.0.0.1:3347 *:* 844
Udp 127.0.0.1:4616 *:* 4436
Udp 192.168.0.26:123 *:* 1284
Udp 192.168.0.26:137 *:* 4
Udp 192.168.0.26:138 *:* 4
Udp 192.168.0.26:1044 *:* 2488
Udp 192.168.0.26:1900 *:* 1456
Udp 192.168.0.26:5353 *:* 5620
__________________
BrianS is offline   Reply With Quote
Old 05-22-2007, 02:12 PM   #8
In Runtime
 
Join Date: Aug 2006
Posts: 102
Default Re: Trace IP Address

Sorry, I had to break that up. I did have an AIM conversation active to simulate the situation if we get the chance to try this against the person that stole the laptop.
__________________
BrianS is offline   Reply With Quote
Old 05-22-2007, 02:21 PM   #9
BSOD
 
0x0161's Avatar
 
Join Date: Apr 2007
Posts: 441
Default Re: Trace IP Address

Quote:
but i do have a question, this is what I got by just testing it out so I know what to do when I see her and can do it for her.
Yes this is correct netstat -ano. do that when you have a direct connection to the person so you can get their info. IM curious what is PID 2488 on your machine? A lot of established connections, are you running limewire or another P2P when you issued that command?

Cheers, 0x0161
__________________
0x0161 is offline   Reply With Quote
Old 05-22-2007, 02:25 PM   #10
In Runtime
 
Join Date: Aug 2006
Posts: 102
Default Re: Trace IP Address

and in order to get a direct connection i would have to send them a picture or something beside just talking to them because normal connections just get routed through AOL's servers and would just return their IP and not the theif's.
__________________
BrianS is offline   Reply With Quote
Old 05-22-2007, 03:08 PM   #11
Golden Master
 
freestyler105's Avatar
 
Join Date: Sep 2006
Posts: 7,883
Default Re: Trace IP Address

You're doing this the hard way. It would be much easier to use this instead:
http://www.imchaos.com/link/

It'll be a lot easier than trying to get them to accept a direct connect request..
__________________
C2D E6600 | 4GB DDR2-800 | 9800GTX+ | Asus P5B-E | 150GB Raptor | 320GB 7200.10 | 750W Xigmatek PSU
freestyler105 is offline   Reply With Quote
Old 05-22-2007, 09:38 PM   #12
Fully Optimized
 
Juice's Avatar
 
Join Date: Apr 2007
Posts: 2,946
Send a message via AIM to Juice Send a message via MSN to Juice
Default Re: Trace IP Address

ah, i hate when things are stolen, hope all goes well and she gets her laptop back safe.
__________________
Juice
P4 2.4GHz, 1.5Gb, 40Gb.
PowerBook G4 867MHz, 1Gb, 60Gb.
Juice is offline   Reply With Quote
Old 05-22-2007, 09:50 PM   #13
Site Team
 
celegorm's Avatar
 
Join Date: Sep 2006
Posts: 10,720
Send a message via AIM to celegorm
Default Re: Trace IP Address

Do you have any idea how hard it would be to get someone who stole some-one's laptop to talk under the the default screen-name on said laptop? If the criminal was smart he'd try not to make any conversation between anyone else.

What freestyler is saying has to be the best option here since they are more likely to consider opening that link, than directly connecting to someone.
__________________
"as a fanboy i refuse to admit it and will pull countless things out of my butt to disprove it"

Team Thelegorm! Total Kills: 21 (i iz in uor profile, editsing your sigz)
celegorm is offline   Reply With Quote
Old 05-23-2007, 07:45 AM   #14
In Runtime
 
Join Date: Aug 2006
Posts: 102
Default Re: Trace IP Address

I will probably try what freestyler105 suggested.

As for the intelligence of this person, I wouldn't think that they are too smart. The apartment they it was stolen from was found to have Latin Kings gang signs spray painted all over the walls. Just knowing that a gang member did this, makes me think the intelligence factor is pretty low there. Hows this for a kick in the balls...They also made a screw driver while they were there. I guess the OJ and vodka was left sitting out on the countertop. Personally I would think there should be some finger prints perhaps on the bottles but you know the competency of some police forces. lol.

Thanks everyone for your help.
__________________
BrianS is offline   Reply With Quote
Old 05-23-2007, 06:42 PM   #15
BSOD
 
0x0161's Avatar
 
Join Date: Apr 2007
Posts: 441
Default Re: Trace IP Address

Quote:
As for the intelligence of this person, I wouldn't think that they are too smart. The apartment they it was stolen from was found to have Latin Kings gang signs spray painted all over the walls. Just knowing that a gang member did this, makes me think the intelligence factor is pretty low there.

So if you gang bang; *the intelligence factor is pretty low there* don't practice "security by obscurity," that is, don't assume all gang members are stupid. Some gang members are smarter than your assumptions. REP ----> 63 AVE EAST, Bradenton, FL -----> , and thats what I rep yup. Im glad it got stolen now hahahahaha


I bet these FEW OF MANY MANY people also suffering from a lack of intelligence because their ALSO gang members themselves John Gotti, Albert Anastasia, Vincent "The Chin" Gigante, Charlie "Lucky" Luciano and my personal favorite --- The Man Al Capone, thats just a tip of the iceberg.


Cheers, 0x0161
__________________
0x0161 is offline   Reply With Quote
Old 05-24-2007, 07:44 AM   #16
In Runtime
 
Join Date: Aug 2006
Posts: 102
Default Re: Trace IP Address

Quote:
Originally Posted by 0x0161 View Post
So if you gang bang; *the intelligence factor is pretty low there* don't practice "security by obscurity," that is, don't assume all gang members are stupid. Some gang members are smarter than your assumptions. REP ----> 63 AVE EAST, Bradenton, FL -----> , and thats what I rep yup. Im glad it got stolen now hahahahaha


I bet these FEW OF MANY MANY people also suffering from a lack of intelligence because their ALSO gang members themselves John Gotti, Albert Anastasia, Vincent "The Chin" Gigante, Charlie "Lucky" Luciano and my personal favorite --- The Man Al Capone, thats just a tip of the iceberg.


Cheers, 0x0161
Ummm....what is "63 AVE EAST, Bradenton, FL" about? I am interested to know because that address has no relevance to me that I know of. But then again, I am from the Chicago land area and not Florida so...

Also think of this. Every name you mentioned, not gang bangers. Mob bosses. There is a huge difference. Although gangs can be organized and members can be intelligent, you have to look at the population. The a good majority are high school dropouts. The smarter ones are the ones that usually are in charge or have some power which means they would most likely not put themselves at risk of being caught for just breaking and entering and petty theft. They would have someone else do that. Someone who was more expendable. Usually someone younger because if they got caught (and were underage) their punishment would be much less severe.

Also look at studies, the more intelligent you are, the more likely you are to have a good paying job as well as a respectable lifestyle. There are those few people that are on the opposite side of the spectrum, but the majority are not going to risk their lives and livelihood doing illegal things like B&E, theft etc.

Anyways, this is not meant to be a gang bashing thread. I thank everyone for their input and ideas.
__________________

__________________
BrianS is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 04:29 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0
×