tracking the owner of an ip how ? 2

[haneo]

In the /var/log/message (slack 8) i have noticed login session from anonymous to our wu-ftpd the ip of the "intruder" is not in our network rang, since that machine is not supposed to be accecible from internet, (i know i must install a firewall), but in this moment i want to know who is behind this IP .
i.e which administrator own this IP ?

Thanks for all.

 

[jollyroger]

I think the answer to your question "How do I find the name of the domain to which this IP address is assigned is and then the administrator?"
First use the "nslookup" command, type it on the command line, check that it is associated with a Server (and not the hosts file). If it is not type the command "server NNN.NNN.NNN.NNN" and it will switch to another DNS Server.
Now type in your I.P. address.
nslookup should then do a reverse lookup on the Internet and return the domain name.
Then type in: set type=SOA
Then type in the domain, and it should give you the e-mail address for the administrator of this domain/ IP address range.
Using "help" on the nslookup command line can also help.
With regards
Ben

 

[ifincham]

Hi,

You can do various queries of this kind via web interface at samspade.org --

http://www.samspade.org/t

. Just try the first one (address digger)

Hope this helps