UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
August
Su M Tu W Th F Sa
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
Sponsored Links
Latest Postings
Latest Reviews
Topic Options
Rate This Topic
#3167 - 10/08/03 01:46 AM geogpahical location of ip address
bosky101 Offline
Junior Member

Registered: 10/01/03
Posts: 59
Loc: india
Question ...
any software u guys know that lets u digramatcally show the route the email has travelled ...something like waht visualroute does ?
by the way i found IP-to-country Database < http://ip-to-country.directi.com/ >
gives you information on the geographical location of an IP address based on Internet infrastructure information so that when u go there it tells u WHERE ur brwosing from ! ..lotta open source sw as well ..
_________________________
"it is the question ...that drives the answer..."
Keep Clicking,
Bosky

Top
Sponsored Links
      
#3168 - 10/08/03 01:56 AM Re: geogpahical location of ip address
pergesu Offline
UGN Elite Poster

Registered: 03/14/02
Posts: 1136
Loc: Pimpin the Colorizzle
You can't be positive of the route that the email has travelled, but here's an idea for you. Not sure if it will work, SR knows a ton about the protocol and will give you more valid info.

Say you send an email to johnny@UGN Security.com, and you want to know the route it takes there. First off, you could just do a regular tracroute or visualroute to see where it goes, specifying the mail server as the destination. But I don't know if that's the actual route it would travel. So try sending an email to kjhasdliufhljka@UGN Security.com, which has a high probability of not exisiting. So it'll get bounced back to you, then you can look at the headers and see what route it took to get to you. Maybe it'll even have the original headers in it with all that data. Not sure if that works, just an idea.

Top
#3169 - 10/08/03 06:11 AM Re: geogpahical location of ip address
SilentRage Offline
DollarDNS Owner

Registered: 03/04/02
Posts: 1273
Loc: OH, USA
I don't know a program that does it, but you can do it manually. Emails track route information for the purpose of solving any problems that may have occured along the way. Each mail server that handles and relays your email leaves a marker in the email about who it recieved the email from.

So load up visualroute cause it'll do the route tracing for ya. Now open your email and make sure you can view the raw email headers. Now I want you to copy the recieved headers. Here's an example email recieved headers below:

=================================
Received: from undergroundnews.com (ns7a.hostnuke.net [66.227.6.241]) by mx3.hotpop.com (Postfix) with ESMTP id 85B5A80672F for [email protected]>; Tue, 7 Oct 2003 17:42:32 +0000 (UTC)

Received: from ns7.hostnuke.net (root@localhost) by undergroundnews.com (8.11.6/8.11.6) with ESMTP id h97HgZx25896 for [email protected]>; Tue, 7 Oct 2003 17:42:35 GMT

Received: from hotmail.com (bay1-f134.bay1.hotmail.com [65.54.245.134]) by ns7.hostnuke.net (8.11.6/8.11.6) with ESMTP id h97HgZd25885 for [email protected]>; Tue, 7 Oct 2003 17:42:35 GMT

Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 7 Oct 2003 10:42:35 -0700

Received: from 213.66.49.232 by by1fd.bay1.hotmail.msn.com with HTTP; Tue, 07 Oct 2003 17:42:35 GMT
=================================

This email had 5 recieved headers in exactly that order top to bottom. Each server prepended it's stamp to the email. So that means the last recieved is actually the first server to recieve the email. With a little study of the above headers you extrapolate the following route:

Sender IP: 213.66.49.232
1st Server: by1fd.bay1.hotmail.msn.com
2nd Server: bay1-f134.bay1.hotmail.com [65.54.245.134]
3rd Server: ns7.hostnuke.net
4th Server: ns7a.hostnuke.net [66.227.6.241]
5th Server: mx3.hotpop.com

That was the route taken where the original sender is a hotmail account. It was sent to a UGN Security email account which redirected to the final destination, which turned out to be my hotpop account.

If you plug those addresses into VisualRoute in order you'll get an approximation of the route the email took.
_________________________
Domain Registration, Hosting, Management
http://www.dollardns.net

Top
#3170 - 10/08/03 06:31 AM Re: geogpahical location of ip address
pergesu Offline
UGN Elite Poster

Registered: 03/14/02
Posts: 1136
Loc: Pimpin the Colorizzle
Shibby, I'm brilliant

Top

Moderator:  Infinite 
Featured Member
Registered: 08/21/13
Posts: 1
Forum Stats
2146 Members
46 Forums
33865 Topics
69032 Posts

Max Online: 1567 @ 04/25/10 10:20 AM
Top Posters
UGN Security 27028
Gremelin 7192
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Devo60, ali, lavos, Zanvin Green, Daktologist
2145 Registered Users
Who's Online
0 registered (), 305 Guests and 355 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!