About IP addresses allocated to companies ISPs in blocks

This page 2/2>>About Private address blocks
Email to an IP address, Domain Name Service, DNS lookups, Reverse lookup, Advanced DNS and more...

About IP (Internet Protocol) Addresses
IP addresses are allocated to companies and ISPs in blocks.To find out who administers a block of addresses..... Page 1/2

These private address blocks are:

10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255

If you see one of these addresses in a received line it means the email has been forwarded around an internal network before being gatewayed to the internet proper.

So far, so froody.

There are some IP addresses in each block reserved for broadcast and other obscure stuff. Check the RFCs--links at bottom of page--if you're really interested.

Email to an IP address
Incidentally, if you want to send email to a machine and you know the machines IP address you can send it to user@[w.x.y.z] So, just for the sake of example, if you were to put this HTML tag:

<A HREF="mailto:postmaster@[127.0.0.1]"></A>

In a web page, and someone were to scan your webpage for email addresses and then try to send spam to them they'd end up sending a copy to postmaster at the machine 127.0.0.1.

As we said earlier 127.0.0.1 is always your own machine, so this would make the spammer spam their own system administrator....

eMail Bolts & Nuts FAQ's

How to manage and clean bounced undelivered emails? Understand why emails get bounced

How to use your desktop PCs as an email server and bypass your ISP email server, a simple process using a free mail server program

How to test your message and see if it gets deleted by broad based anti-spam filters?

A one page email course. Everything you wanted to know about emailing in a "nut shell"

Quick guide to: dig finger traceroute ping whois nslookup IP block FTP SMTP relay TCP/IP Port

How to embed email tracking code into your email? Invisible counters, codes, scripts to track viewer

Send HTML or TEXT email using formatted HTML email, you can send an entire webpage

How to embed images into HTML email for faster emailing? Prevent displaying linked-site in recipient email client status bar

RFC defined ESMTP, SMTP Status Email Error Codes? These codes are used to provide informative explanations of error conditions

How email works? Delivery of each email is done by your ISP mail server, first establishing a conversation through your recipient port 25

Some spiders visit site after site, collecting email addresses and controlling these rogue spiders spam bots or email harvesters with robot.txt

About TCP/IP and mail server port numbers? It is a number between 1 and 65535 which identifies to the receiving computer what function you want to perform

Name resolution
IP addresses work pretty well, but they're not as memorable as machine names. So we need some way to map names to addresses (and ideally back again).

Domain Name Service
DNS is a distributed system. The end user doesn't really care about this, but in case you're interested here's how it works. If you try and access http://www.blighty.com then Netscape wakes up and asks Windows what IP address www.blighty.com maps to.

Windows then sends a request to your local nameserver, usually the nameserver of your ISP. If someone else has looked up the address recently the nameserver might already know the answer.

If not, it realizes that it doesn't know, and works out who might know. Your ISPs nameserver then contacts that nameserver - if it knows it answers. If not, it works out who might know... you get the idea.

Finally the result gets forwarded back to your local nameserver, which caches the result so it can use it again later and passes the answer back to your system - 151.196.75.10.

[In reality it's a bit more formal than that, with 'zones of authority' rather than guesswork to find out who might know the answer]

DNS lookups
You can query a DNS server and get all sorts of good stuff in it, not just the address-name mappings.

Reverse lookup
Finding the hostname given the IP address is very useful. If you're tracing spam you need the domain name to be able to find whois information.

eMail Bolts & Nuts FAQ's

The function of URL Uniform Resource Locator? A command for your email address, some mail clients may not be able to translate it into an email address

A standard client server protocol for receiving email. POP3 is use for retrieving Internet email from ISPs mail server...

Collections of important useful emails related sites? Free email stuff, real cool, give it a try

Advanced DNS (dig) for the DNS records of a host or domain showing all the DNS records

All about IP Addresses, DNS, Internet addressing. Serious stuff, perfect remedy if you can't sleep

Email history, email netiquette, improving email presentation, email with sound, pictures

101 Email spam tracking and meaning of message header? 102 DejaNews the most powerful dedicated spam-tracker's tool 103 The spam tracker tools: Whois, nslookup, traceroute, dig 104 Spam tracking

Never use ISPs that hosts your web site to send out newsletter. If they cancel your account, you will lose all your web pages

Warning: If you publish an online newsletter or email to any opt-in list (including your own list), it is critical that you read this

The history of Spam starts with Monty Python's Flying Circus and Vikings singing Spam

A list of return error codes by Windows Sockets API returned by WSAGetLastErrorcall with descriptions

Meet The Kings of SPAM - You don't need rocket science to figure out how to send spam emails

Notes: Reverse lookup a DNS whois tool that perform forward and reverse DNS queries for the current address (this will usually give you the IP address of a hostname and the hostname of an IP address)

Sometimes you can just use the DNS tool on an IP address, and it'll give you the hostname. Sometimes it won't be able to find a hostname.

Just because a host has forward DNS from name to address there's no guarantee or requirement for it to have reverse DNS from address to name. Many sites do, many sites don't.

If there's no reverse DNS you need to resort to guerrilla approaches and if there's a web site that's a good bet then do a view source to look at the HTML source, particularly for forms and mailto links.

Sometimes telnetting to the machine will give a banner identifying the machine. Or telnetting to other ports on the machine (25, 110, 119) can sometimes give a banner. Then you can use forward DNS to confirm that the address maps back to the right IP.

The port scan tool can scan a range of ports on a machine, to see which are providing services. Then you can telnet to each one in turn to see if any leak information.

What if the site is being coy, and trying to hide their domain name? Most virtual web-hosting companies require customers to have a domain name, but if it's not used anywhere and the website is advertised using it's IP address rather than domain name it's hard to find.

On some virtual web servers accessing http://w.x.y.z/stats or http://w.x.y.z/logs triggers a redirect that can give you the name.

Spam-tracking 103
WHOIS tool nslookup
and traceroute freeware download

whois.internic.net or network solutions are network registries to find out contact info for current domain or IP address

nslookup a DNS tool that Perform forward and reverse DNS queries for the current address (this will usually give you the IP address of a hostname)

traceroute finds the route packets take between you and the selected address

Email in a "nut shell" a one page course about emailing. Everything you wanted to know about emailing.

How email works? Delivery of each email is done by your ISP mailserver establishing a conversation through (port 25) of your recipient mail server

Free2-Try 100% effective. The easiest way to Stop Spam getting into your PC. I recommend it.

Free eBook Sun Tzu Art of War Commanders without thoughtful strategy invite defeat.

Sun Tzu

Free eBook Great online Stealth Marketing strategies to help you increase sales

Advanced DNS
DNS has all sorts of good stuff in it, not just the address-name mappings. You can get at this with the dig tool--see bottom of page on: Tools provided by Sam Spade and these are some of the things it can tell you:

A - The Address of a hostname. There's only one A record for each host.

NS - The authoritative nameserver for a domain.

MX - The mail exchanger for the domain, foror example, there is no such machine as demon.net, yet you can send email to user@demon.net.

The MX record tells the mail system to send mail for user@demon.net to user@relay-1.mail.demon.net instead.

CNAME - An alias for a machine. A number of different names may resolve to the same IP address.

A CNAME entry for a domain points you at the real name of the system.

HINFO - Hardware and software used by the host

RP - The responsible person for a domain

ANY - All records available

There are around 40 more, but these are the most common. To see full list, see: advance dig You can also ask for a complete Zone Transfer from a nameserver.

This contains all the records it has for a given domain. If there's no reverse DNS setup this can be the only way of getting a full list of the machines within a domain.

You can only do a zone transfer from the name server that is authoritative for a domain, so you need to query your local nameserver to find an authorative server for a domain before doing a zone transfer.

Some of the tools info below are derived from: Internet Protocol Addressing Help Topics - www.samspade.org a spam tracking freeware.

Dig tool, requests all the DNS records for a host or domain

Finger tool, asks a server about one of it's users

Traceroute tool, finds the route packets take between you and the selected address

PING tool, sends a series of packets to the current address to see if it's alive and how long it takes packets to make the round trip

Whois is a tool to contact network registries to find out contact information for the current domain or IP address.

nslookup a DNS whois tool that perform forward and reverse DNS queries for the current address (this will usually give you the IP address of a hostname and the hostname of an IP address)

IP Block a multiple server lookup tool for finding the owner of the block of domain or IP address.

SMTP Relay Verify (checking) tool, to find out whether a SMTP server is insecure--therefore allowing anyone to relay email through it.

(Spammers relay email through third party mail server which obfuscasates message headers and harder to find the originator)

References - RFC Internet Protocol
RFC791 http://www.faqs.org/rfcs/rfc791.html
RFC1122 http://www.faqs.org/rfcs/rfc1122.html

A more technical tutorial
http://oac3.hsc.uth.tmc.edu/staff/snewton/tcp-tutorial/
Private addresses: RFC1918 http://www.faqs.org/rfcs/rfc1918.html

A good DNS overview http://eeunix.ee.usm.maine.edu/guides/dns/dns.html

Lots of DNS resources http://www.dns.net/dnsrd/
Linux DNS How to http://sunsite.unc.edu/LDP/HOWTO/DNS-HOWTO.html

O'Reilly books - TCP/IP Network Administration http://www.ora.com/catalog/tcp2/noframes.html
DNS and BIND http://www.ora.com/catalog/dns2/noframes.html

Essential Windows NT System Administration http://www.ora.com/catalog/esawinnt/noframes.html
Linux Network Administrator's Guide http://www.ora.com/catalog/linag/noframes.html

End of Page 2/2

About IP (Internet Protocol) Addresses..... Page 1/2
IP addresses are allocated to companies and ISPs in blocks. To find out who administers a block of addresses you can.

Bounce eMail
Manager Freeware

"A valued contribution that
I and the rest of my team sincerely appreciate it. We have checked your software twice and it is good." Alex webmaster@softpicks.net

100% effective.
I recommend it.

The easies way to stop email spam, virus getting
into your PC
Free2-Try

Dolly Kee Managing Director
Image Power

eMail CRM maximize
the life-time value of my customers, I recommend it.

Freeware for home, office PC

Sun Tzu Art of War "Leaders who takes on the role of the commander without understanding the strategy of warfare, invite defeat." Free eBook