[Quirk]

How do I use an IP address to find out where my traffic is coming from. i.e. how do I identify who is 195.92.168.166
Ta

[ethand]

Well the first thing to do would be a nslookup on the IP address. If a reverse zone is defined for it you will get back a hostname, that is usually fairly informative. For instance:

> nslookup 195.92.168.166
Server: ns.netmar.com
Address: 198.69.224.4

Name: webcacheB04a.cache.pol.co.uk
Address: 195.92.168.166

If that doesn't give you anything useful ( or doesn't return anything at all ) you can always use ARIN's whois database to find out who owns an IP address.

Querying this IP address at whois.arin.net via "whois -h whois.arin.net 195.92.168.166" tells you that the appropriate information can be retrieved from whois.ripe.net.

"whois -h whois.ripe.net 195.92.168.166" informs you that the IP address is allocated to Energis in the UK.

Hope that helps.

[Quirk]

Ta Ethand but re "a nslookup on the IP address" where would I type

> nslookup 195.92.168.166

Yes, I really am very new to all this !!!!!!!!!!!!!

I've just tried ARIN's whois database and that's great, thanks for the pointer. x

[SilentRage]

You can also download a couple of programs:

neotrace
Visual Route

Pick the program that seems to work better for you. They both graphically trace the IP to the origin on a world map.