(..for beginners)

Ok, well you usually can't find out exactly where they live (unless they've got a static IP Address and have registered a domain name), but you can get a fairly good idea of at least which part of which country they're in.

All you need to know is their IP Address, or alternatively their Domain name - one is as good as the other.
There are many different ways to find someone's IP, it depends on what you know about them. Here are some of the methods I'm aware of..(please add to this node if you know more)

  • If they emailed you, either simply use the domain of the return address (the bit after the @ symbol), or for more interesting info look at the headers in the email. All email messages have several lines of header information that contain fairly technical stuff about who the mail was from, when it was sent, what it contains, and, more interestingly, the path that it took to get to you. Mail reading programs usually don't display these headers by default (because they're boring), but most will display them if asked nicely. (On Microsoft Outlook, for example, open the message, and select the View | Options menu).
    Each mail server that handles the email on it's path from sender to recipient adds its own 'Received:' line to this header; you will usually see the many machine domain names and IP addresses that handled the message listed here. The topmost 'Received:' line is the first mail machine that handled the message when it was sent from the sender's machine.
  • Hotmail (and, I suspect, other web-mail sites) add a special identifying header - see How to find out where a Hotmail message was sent from
  • Any one of the growing number of file-trading programs (Napster, DCC on IRC, Gnutella, etc) establishes a direct link between you and the sender when you start a transfer. See How to find out where a Napster user lives for info on this.
  • Newsgroups (or Usenet) postings seem to be more anonymous than most - which is one of the reasons that there is a vast amount of pirated software in the binaries newsgroups. It is harder to trace someone who posted to a newsgroup (as long as they didn't put their real email address in the posting - this is extremely foolish and will result in you instantly getting spammed until the end of time - newsgroups are massively trawled by people collecting email addresses for junk email).
Ok, so say you've got an IP address (or domain name) of the person you're interested in tracing. You can then use NeoTrace (or equivalent) to tell you where they are geographically - although if they are using an ISP with Dynamic IP addressing (i.e. most people on a dial-up modem account), the ISP is as far as you can easily get. If you work for a law enforcement agency and have a good reason, you can demand that the ISP examine their logs and tell you the name and address of the individual who was using that IP address at the time. If this tracking process is happening to you, the first thing you will know about it is when you have: your front door kicked in/a court summons issued/a contract taken out on you (delete according to who you've managed to annoy)

Other contributions to this node from knowledgable net types are more than welcome - after all, this information is widely known in hacker circles and can be used against you very easily. You have a right to know.

Log in or registerto write something here or to contact authors.