[Dshield] Gathering information on an IP address

Wayne Larmon wlarmon at dshield.org
Wed Sep 24 17:09:28 GMT 2003


> A while ago, I remember a post to this list about a procedure,
> web page, or
> something at DShield that presented lots of useful information about an IP
> address.  I remember at the time saying I should use this and I thought I
> saved the message but I can't find it now.  Can anyone help me with a
> pointer?

http://www.dshield.org/ipinfo.php?ip=XXX.XXX.XXX.XXX

where 'XXX.XXX.XXX.XXX' is the IP you want to look up.

> Can you suggest any other things I can do with this numeric IP
> address that
> would return useful information.  My guess is that the whois
> command that's
> being used hasn't got the correct switches, but there may be better
> solutions.

The code that we use to fill ipinfo.php is a whole bunch of different
routines to query the different whois servers.  Maybe there is an off the
shelf canned routine to do this, but we didn't know about it.

Wayne Larmon
DShield.org





More information about the list mailing list