Thursday, January 8, 2009
Friday, November 14, 2008
Brutal Attack on Ambedkar Law college students
Students who involved in the attack must be dismissed and they should be banned from persuing law.
The Degree they are doing is to maintain the Indian Law and rescue Illetrates from being affected and also to fight against immortal activities. But surely not to take laws in there hand and behave like Gundas( Rowdies ).
Main cause for this incident is ” Management instability ” it should be changed.
The Pain of those parents Victim’s is really terrible, unbearable.
Bottom Line:
Police, College Management, Students who involved.. should be Dismissed without any further investigation if Proved
Dont these people have Kids. what will happen if there son is beaten up like this.. Gossshhhhhhh.. All filthy words are coming out of my mouth..
The Degree they are doing is to maintain the Indian Law and rescue Illetrates from being affected and also to fight against immortal activities. But surely not to take laws in there hand and behave like Gundas( Rowdies ).
Main cause for this incident is ” Management instability ” it should be changed.
The Pain of those parents Victim’s is really terrible, unbearable.
Bottom Line:
Police, College Management, Students who involved.. should be Dismissed without any further investigation if Proved
Dont these people have Kids. what will happen if there son is beaten up like this.. Gossshhhhhhh.. All filthy words are coming out of my mouth..
Wednesday, October 22, 2008
Google Search Tips
You can make your search more efficient by learning some search basics !
Try these tips :
1. Use Of '+' sign :
This ensures that the results returned to you will definatly consist of the word following the '+' sign. For Eg :
Search: reviews of +iPhone and iPod
This will show results containing the word reviews or iPod but the results will definatly consist of iPhone !
2. Use Of '-' sign :
Using '-' sign before any word will ensure that the particular word will not be included in the results !
3. Use Of '~' sign :
Using '~' before any word will return the results also containing the synonyms of the word !
4. Search a particular site :
To search a particular website you can use the following syntax in the google search :
Search: site:www.xyz.com abc
For Eg :
Search: site:http://juicyinformation.blogspot.com/ Google Search Tips
5. Define a word :
To get the definition of a word just use :
Search: define:abc
For Eg : Search: define:Computer
This will return you results which define 'Computer'.
6. Find Pages similar to a page :
To find a page similar i.e. consisting of same type of content, use the following syntax :
Search: related:http://www.xyz.com/
7. Search for exact phrase :
To search a set of words exactly together i.e.
For Eg :
Search: "contact us"
This will return the results containing both contact and us together !
8. Using the wild card '*' :
The * sign can be used in places where the whole word is not known.
For Eg:
Search: friend*
This will return the results containing friend , friends , friendship.
Intimate
9. Using the '?' sign :
This is used when the full spelling of the word is not known.
For Eg:
Search: fri??d
This will result that in the results in which any alphabet can take the place of '?' sign.
10. Use of boolean operators :
The boolean operators like AND,OR,NOT can be used in search box to connect the words !
The search engine understands them as what they mean but the must be in capital letters !
For Eg:
Search: swim OR float
This will return the results containing either swim or float !
Try these tips :
1. Use Of '+' sign :
This ensures that the results returned to you will definatly consist of the word following the '+' sign. For Eg :
Search: reviews of +iPhone and iPod
This will show results containing the word reviews or iPod but the results will definatly consist of iPhone !
2. Use Of '-' sign :
Using '-' sign before any word will ensure that the particular word will not be included in the results !
3. Use Of '~' sign :
Using '~' before any word will return the results also containing the synonyms of the word !
4. Search a particular site :
To search a particular website you can use the following syntax in the google search :
Search: site:www.xyz.com abc
For Eg :
Search: site:http://juicyinformation.blogspot.com/ Google Search Tips
5. Define a word :
To get the definition of a word just use :
Search: define:abc
For Eg : Search: define:Computer
This will return you results which define 'Computer'.
6. Find Pages similar to a page :
To find a page similar i.e. consisting of same type of content, use the following syntax :
Search: related:http://www.xyz.com/
7. Search for exact phrase :
To search a set of words exactly together i.e.
For Eg :
Search: "contact us"
This will return the results containing both contact and us together !
8. Using the wild card '*' :
The * sign can be used in places where the whole word is not known.
For Eg:
Search: friend*
This will return the results containing friend , friends , friendship.
Intimate
9. Using the '?' sign :
This is used when the full spelling of the word is not known.
For Eg:
Search: fri??d
This will result that in the results in which any alphabet can take the place of '?' sign.
10. Use of boolean operators :
The boolean operators like AND,OR,NOT can be used in search box to connect the words !
The search engine understands them as what they mean but the must be in capital letters !
For Eg:
Search: swim OR float
This will return the results containing either swim or float !
Trick to Open when your Keys Locked Inside The Car !!!
Have you ever locked your car with keys inside the car ?
This is a very frustating event in which you can't blame anyone !
Have you ever locked your car with keys inside the car ?
This is a very frustating event in which you can't blame anyone !
Well the solution come here :
If you have remote control car lock system in your keychain (Very Common These Days), you are saved !
-- Just call some one at home at his/her cell phone and ask for the duplicate keys to someone at home.
-- Now, as usual the key chain of duplicate key would also be having the remote control, so ask the person at home to press the unlock key on the remote.
-- While the person press the unlock key hold your mobile phone about a 10-12 inches from the car door.
-- The unlock signal will travel on the cell phone network and your car will be unlocked !
Please note that on some networks the trick may not work !
This is a very frustating event in which you can't blame anyone !
Have you ever locked your car with keys inside the car ?
This is a very frustating event in which you can't blame anyone !
Well the solution come here :
If you have remote control car lock system in your keychain (Very Common These Days), you are saved !
-- Just call some one at home at his/her cell phone and ask for the duplicate keys to someone at home.
-- Now, as usual the key chain of duplicate key would also be having the remote control, so ask the person at home to press the unlock key on the remote.
-- While the person press the unlock key hold your mobile phone about a 10-12 inches from the car door.
-- The unlock signal will travel on the cell phone network and your car will be unlocked !
Please note that on some networks the trick may not work !
Lock Your Folder without any Software ( Simple Trick )
You can lock and unlock your folder with this simple trick !
Procedure :
1. Make a folder on the desktop and name it as "folder"
2. Now, open notepad and write ren folder folder.{21EC2020-3AEA-1069-A2DD-08002B30309D} and now (Notepad Menu) File>save as.
3. In the 'save as' name it as lock.bat and click save ! (Save it on Desktop)
4. Now, again open notepad again and write ren folder.{21EC2020-3AEA-1069-A2DD-08002B30309D} folder and now (Notepad Menu) File>save as.
5. In the 'save as' name it as key.bat and click save ! (Save it on Desktop)
6. Now, double click lock.bat to lock the folder and now if you open your folder, control panel will open up !
7. Now, double click key.bat to open the folder and now if you open your folder, you can access your data inside the folder again !
8. Lock your folder and hide the key.bat somewhere else on your hard disk !
9. Whenever you want to open your folder just paste the key.bat on desktop and open your folder using it !
Procedure :
1. Make a folder on the desktop and name it as "folder"
2. Now, open notepad and write ren folder folder.{21EC2020-3AEA-1069-A2DD-08002B30309D} and now (Notepad Menu) File>save as.
3. In the 'save as' name it as lock.bat and click save ! (Save it on Desktop)
4. Now, again open notepad again and write ren folder.{21EC2020-3AEA-1069-A2DD-08002B30309D} folder and now (Notepad Menu) File>save as.
5. In the 'save as' name it as key.bat and click save ! (Save it on Desktop)
6. Now, double click lock.bat to lock the folder and now if you open your folder, control panel will open up !
7. Now, double click key.bat to open the folder and now if you open your folder, you can access your data inside the folder again !
8. Lock your folder and hide the key.bat somewhere else on your hard disk !
9. Whenever you want to open your folder just paste the key.bat on desktop and open your folder using it !
Sunday, October 19, 2008
Tracing an Email to the find the Cyber Crime
Let's discuss, how to trace an email sender from the email header.
Viewing Email Header
Every e-mail comes with information attached to it that tells the recipient of its history. This information called a header. The below is the Full header of email .All this information comes with the email. The header contains the information essential to tracing an e-mail. The main components to look for in the header are the lines beginning with "From:" and "Received:" However, it might be instructive to look at what various different lines in the header mean.
Some e-mail programs, like Yahoo or Hotmail, have their full headers hidden by default In order to view the full header, you must specifically turn on that option. Some ways of doing this in different e-mail programs follow here:
Viewing full Header in Yahoo and Hotmail
Yahoo
Click Options -> Click Mail Preferences -> Click Show Headers -> Click "All" -> Click "Save"
Hotmail
Click Options -> Click Mail Display Headings (under "Additional Options") -> Click Message Headers -> Click "Full" ->Click "OK"
Viewing full Header in Email Clients like (Outlook and Eudora etc)
Outlook Express
If you use OE, you may not have much luck; it sometimes gives little more information than what you can see in the main window. But here's the application path anyway:
Click File/Properties/Details to find the header information.
Outlook
First, highlight the email in your Incoming window, right-click on it, and select Options. The window that comes up will have the headers at the bottom.
Eudora
Be sure the message is open, then Click the 'Blah, Blah, Blah' button from the Tool Bar, and the headers will appear.
Pegasus
Select Reader/Show All Headers/
Netscape Mail
Select Options/Headers/Show All Headers
Netscape Messenger 4.0 and 4.5
Select View/Headers/All
Full header in detail:
Message ID:
It is used to identify the system from which the the message has originated (I.e. from the system the sender has logged in). However, this is too easy to forge, and is consequently not reliable.
X-Headers:
X- headers are user defined headers. They are inserted by email client programs or applications that use email. Here from the X- headers inserted into the email by the email client it is clear that the sender has used Microsoft Outlook Express 6.00.2800.1106 to send this email.
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
MIME-Version:
MIME stands for Multipurpose Internet Mail Extension. It tells the recipient what types of attachments are included in email. It is a format that allows people to send attachments that do not contain Standard English Words, but rather graphics, sounds, and e-mails written with other characters. The Mime-Version field merely confirms that the version of MIME used corresponds to the standard version (which is currently 1.0).
From:
Form is useless in tracing an e-mail. It consists of the email of the sender but this can be obviously be a fake. One can use any fake-mailer to fake the sender's name.
Content-Type:
This line tells the receiving e-mail client exactly what MIME type or types are included in the e-mail message. If the Content–Type is text/plain; charset="us-ascii" just tells us that the message contains a regular text message that uses English characters. ASCII is the American Standard Code for Information Interchange and is the system used to convert numbers to English characters.
Return-Path:
It is the address to which your return e-mail will be sent. Different e-mail programs use other variations of Return-Path:. These might include Return-Errors-To: or Reply-To etc.
Received:
This field is the key to find out the source of any e-mail. Like a regular letter, e-mails gets postmarked with information that tells where it has been. However, unlike a regular letter, an e-mail might get "postmarked" any number of times as it makes its way from its source through a number of mail transfer agents (MTAs). The MTAs are responsible for properly routing messages to their destination.
Let me strip-off the above email header to make the understanding easy. The header is splitted and the two received headers are given below.
Received Header 1:
204.127.198.35 - Tue, 25 Nov 2003 19:56:18 -0800
from rwcrmhc11.comcast.net ([204.127.198.35])
by mc7-f12.hotmail.com
with Microsoft SMTPSVC(5.0.2195.6713)
Received Header 2:
68.37.24.150 - Wed, 26 Nov 2003 03:44:57 +0000
from pavilion (pcp03530790pcs.mnhwkn01.nj.comcast.net[68.37.24.150])
by comcast.net (rwcrmhc11)
with SMTP
id <20031126034457013001nk6pe>
The MTAs are "stamped" on the e-mail's header so that the most recent MTA is listed on the top of the header and the first MTA through which the e-mail has passed in listed on the bottom of the header. In the above sample e-mail header, e-mail first passed through 68.37.24.150 (pcp03530790pcs.mnhwkn01.nj.comcast.net), and at last made its way through 204.127.198.35 (rwcrmhc11.comcast.net).
In the Received Header 2, the one marked as "pavilion" is either the domain name of the server from which the email has originated or the name of the computer from which the email has been sent. By doing a DNS query for "pavilion", it is confirmed that it is not a know host name hence, must be the name of the computer from which the mail has originated. "68.37.24.150" is the IP address from which the mail might have originated or it is the IP address of the ISP (Internet Service Provider) to which the user was logged on while sending the mail.
Trace who owns the IP address
Every computers hooked on to internet is assigned with an IP address. Individual users possess a dynamic IP address when they logged on to any ISP to access internet. These IP addresses are assigned by the ISP itself. Organization usually possess static/public IP address which is stored in a database of registries.
There are three major registries covering different parts of the world. They are
www.arin.net => American Registry of Internet Numbers (ARIN) : It assigns IP addresses for the Americas and for sub Saharan Africa.
www.apnic.net => Asia Pacific Network Information Centre (APNIC) : It covers Asia
www.ripe.net => Réseaux IP Européens (RIPE NCC) : It covers Europe
Thus, to find out which organization owns a particular IP address, you can make a "WHOIS" query in the database at any of these registries. You do this by typing the IP address into the "WHOIS" box that appears on each of these websites.
"Received Header" will have the IP address of the ISP in case the users has dialed up to the ISP while sending the email. But if the user has send the email from within the corporate then the corporate public/static IP address is logged.
By giving a "WHOIS" query for 68.37.24.150 at www.arin.net, the following result has been displayed:
Comcast Cable Communications, Inc. JUMPSTART-1 (NET-68-32-0-0-1)
68.32.0.0 - 68.63.255.255
Comcast Cable Communications, Inc. NJ-NORTH-14 (NET-68-37-16-0-1)
68.37.16.0 - 68.37.31.255
# ARIN WHOIS database, last updated 2004-02-04 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.
From above queries it is found that the IP address (68.37.24.150) is owned "Comcast". By making further queries on "Comcast" it is found that it is the name of the ISP located in NJ, US - 08002. The result of further query is given below:
OrgName: Comcast Cable Communications, Inc.
OrgID: CMCS
Address: 3 Executive Campus
Address: 5th Floor
City: Cherry Hill
StateProv: NJ
PostalCode:08002
Country: US
NetRange: 68.32.0.0 - 68.63.255.255
CIDR: 68.32.0.0/11
NetName: JUMPSTART-1
NetHandle: NET-68-32-0-0-1
Parent: NET-68-0-0-0-0
NetType: Direct Allocation
NameServer: DNS01.JDC01.PA.COMCAST.NET
NameServer: DNS02.JDC01.PA.COMCAST.NET
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 2001-11-29
Updated: 2003-11-05
TechHandle: IC161-ARIN
TechName: Comcast Cable Communications Inc
TechPhone: +1-856-317-7200
TechEmail: cips_ip-registration@cable.comcast.com
OrgAbuseHandle: NAPO-ARIN
OrgAbuseName: Network Abuse and Policy Observance
OrgAbusePhone: +1-856-317-7272
OrgAbuseEmail: abuse@comcast.net
OrgTechHandle: IC161-ARIN
OrgTechName: Comcast Cable Communications Inc
OrgTechPhone: +1-856-317-7200
OrgTechEmail: cips_ip-registration@cable.comcast.com
# ARIN WHOIS database, last updated 2004-02-04 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.
Now since the IP address found belongs to an ISP, it is clear that the sender has dialed up to this ISP while sending the email. For further enquiry we can then request the ISP to provide us with details of the user who has dialed up to them at that given point of time (Wed, 26 Nov 2003 03:44:57 +0000). If the ISP cooperates, they will check their user and message logs to see who was logged into that particular IP address at that time and date. This will reveals the sender's telephone number from which he/she has dialed to the ISP. Now once we have the telephone number we can easily retrieve the name and address of the sender.
Now the above case is solved but there are also other cases where the IP address found on the email header may be owned by an organisation or a cyber cafe.
Cases1: THE IP ADDRESS OWNED BY AN ORGANISATION
But in case the IP address found belongs to an organisation then you have to request them to provide information about the user who has send the mail from within the organisation network. They must have user and message logs on their firewall / proxy and can trace each of their computers connected at the given point of time. By supplying the organisation with the e-mail header of the offending e-mail, they can check these logs and hopefully produce information of the user of that machine.
Cases2: THE IP ADDRESS OWNED BY A CYBER-CAFE
In case it is found that the sender has sent the email from a cyber-cafe then it becomes a difficult task to trace him/her. The user may not be a frequent visitor to that cyber-cafe. But let's assume that you receive such mails frequently from that particular cyber-cafe then you can install "key-loggers" in the computers at the cafe. These programs records user's keystrokes, thus creating a record of everything that was typed at a particular terminal. By reviewing the key-logger logs you may be able to trace the sender in this case.
Note: These methods would aid greatly in identifying an e-mail sender, they also would impinge on the rights of others using the computers to conduct their personal business. Such a conflict defines the ongoing struggle between the fight against terrorism over the Internet and the right to privacy, which will continue to evolve in the years ahead.
Viewing Email Header
Every e-mail comes with information attached to it that tells the recipient of its history. This information called a header. The below is the Full header of email .All this information comes with the email. The header contains the information essential to tracing an e-mail. The main components to look for in the header are the lines beginning with "From:" and "Received:" However, it might be instructive to look at what various different lines in the header mean.
Some e-mail programs, like Yahoo or Hotmail, have their full headers hidden by default In order to view the full header, you must specifically turn on that option. Some ways of doing this in different e-mail programs follow here:
Viewing full Header in Yahoo and Hotmail
Yahoo
Click Options -> Click Mail Preferences -> Click Show Headers -> Click "All" -> Click "Save"
Hotmail
Click Options -> Click Mail Display Headings (under "Additional Options") -> Click Message Headers -> Click "Full" ->Click "OK"
Viewing full Header in Email Clients like (Outlook and Eudora etc)
Outlook Express
If you use OE, you may not have much luck; it sometimes gives little more information than what you can see in the main window. But here's the application path anyway:
Click File/Properties/Details to find the header information.
Outlook
First, highlight the email in your Incoming window, right-click on it, and select Options. The window that comes up will have the headers at the bottom.
Eudora
Be sure the message is open, then Click the 'Blah, Blah, Blah' button from the Tool Bar, and the headers will appear.
Pegasus
Select Reader/Show All Headers/
Netscape Mail
Select Options/Headers/Show All Headers
Netscape Messenger 4.0 and 4.5
Select View/Headers/All
Full header in detail:
Message ID:
It is used to identify the system from which the the message has originated (I.e. from the system the sender has logged in). However, this is too easy to forge, and is consequently not reliable.
X-Headers:
X- headers are user defined headers. They are inserted by email client programs or applications that use email. Here from the X- headers inserted into the email by the email client it is clear that the sender has used Microsoft Outlook Express 6.00.2800.1106 to send this email.
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
MIME-Version:
MIME stands for Multipurpose Internet Mail Extension. It tells the recipient what types of attachments are included in email. It is a format that allows people to send attachments that do not contain Standard English Words, but rather graphics, sounds, and e-mails written with other characters. The Mime-Version field merely confirms that the version of MIME used corresponds to the standard version (which is currently 1.0).
From:
Form is useless in tracing an e-mail. It consists of the email of the sender but this can be obviously be a fake. One can use any fake-mailer to fake the sender's name.
Content-Type:
This line tells the receiving e-mail client exactly what MIME type or types are included in the e-mail message. If the Content–Type is text/plain; charset="us-ascii" just tells us that the message contains a regular text message that uses English characters. ASCII is the American Standard Code for Information Interchange and is the system used to convert numbers to English characters.
Return-Path:
It is the address to which your return e-mail will be sent. Different e-mail programs use other variations of Return-Path:. These might include Return-Errors-To: or Reply-To etc.
Received:
This field is the key to find out the source of any e-mail. Like a regular letter, e-mails gets postmarked with information that tells where it has been. However, unlike a regular letter, an e-mail might get "postmarked" any number of times as it makes its way from its source through a number of mail transfer agents (MTAs). The MTAs are responsible for properly routing messages to their destination.
Let me strip-off the above email header to make the understanding easy. The header is splitted and the two received headers are given below.
Received Header 1:
204.127.198.35 - Tue, 25 Nov 2003 19:56:18 -0800
from rwcrmhc11.comcast.net ([204.127.198.35])
by mc7-f12.hotmail.com
with Microsoft SMTPSVC(5.0.2195.6713)
Received Header 2:
68.37.24.150 - Wed, 26 Nov 2003 03:44:57 +0000
from pavilion (pcp03530790pcs.mnhwkn01.nj.comcast.net[68.37.24.150])
by comcast.net (rwcrmhc11)
with SMTP
id <20031126034457013001nk6pe>
The MTAs are "stamped" on the e-mail's header so that the most recent MTA is listed on the top of the header and the first MTA through which the e-mail has passed in listed on the bottom of the header. In the above sample e-mail header, e-mail first passed through 68.37.24.150 (pcp03530790pcs.mnhwkn01.nj.comcast.net), and at last made its way through 204.127.198.35 (rwcrmhc11.comcast.net).
In the Received Header 2, the one marked as "pavilion" is either the domain name of the server from which the email has originated or the name of the computer from which the email has been sent. By doing a DNS query for "pavilion", it is confirmed that it is not a know host name hence, must be the name of the computer from which the mail has originated. "68.37.24.150" is the IP address from which the mail might have originated or it is the IP address of the ISP (Internet Service Provider) to which the user was logged on while sending the mail.
Trace who owns the IP address
Every computers hooked on to internet is assigned with an IP address. Individual users possess a dynamic IP address when they logged on to any ISP to access internet. These IP addresses are assigned by the ISP itself. Organization usually possess static/public IP address which is stored in a database of registries.
There are three major registries covering different parts of the world. They are
www.arin.net => American Registry of Internet Numbers (ARIN) : It assigns IP addresses for the Americas and for sub Saharan Africa.
www.apnic.net => Asia Pacific Network Information Centre (APNIC) : It covers Asia
www.ripe.net => Réseaux IP Européens (RIPE NCC) : It covers Europe
Thus, to find out which organization owns a particular IP address, you can make a "WHOIS" query in the database at any of these registries. You do this by typing the IP address into the "WHOIS" box that appears on each of these websites.
"Received Header" will have the IP address of the ISP in case the users has dialed up to the ISP while sending the email. But if the user has send the email from within the corporate then the corporate public/static IP address is logged.
By giving a "WHOIS" query for 68.37.24.150 at www.arin.net, the following result has been displayed:
Comcast Cable Communications, Inc. JUMPSTART-1 (NET-68-32-0-0-1)
68.32.0.0 - 68.63.255.255
Comcast Cable Communications, Inc. NJ-NORTH-14 (NET-68-37-16-0-1)
68.37.16.0 - 68.37.31.255
# ARIN WHOIS database, last updated 2004-02-04 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.
From above queries it is found that the IP address (68.37.24.150) is owned "Comcast". By making further queries on "Comcast" it is found that it is the name of the ISP located in NJ, US - 08002. The result of further query is given below:
OrgName: Comcast Cable Communications, Inc.
OrgID: CMCS
Address: 3 Executive Campus
Address: 5th Floor
City: Cherry Hill
StateProv: NJ
PostalCode:08002
Country: US
NetRange: 68.32.0.0 - 68.63.255.255
CIDR: 68.32.0.0/11
NetName: JUMPSTART-1
NetHandle: NET-68-32-0-0-1
Parent: NET-68-0-0-0-0
NetType: Direct Allocation
NameServer: DNS01.JDC01.PA.COMCAST.NET
NameServer: DNS02.JDC01.PA.COMCAST.NET
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 2001-11-29
Updated: 2003-11-05
TechHandle: IC161-ARIN
TechName: Comcast Cable Communications Inc
TechPhone: +1-856-317-7200
TechEmail: cips_ip-registration@cable.comcast.com
OrgAbuseHandle: NAPO-ARIN
OrgAbuseName: Network Abuse and Policy Observance
OrgAbusePhone: +1-856-317-7272
OrgAbuseEmail: abuse@comcast.net
OrgTechHandle: IC161-ARIN
OrgTechName: Comcast Cable Communications Inc
OrgTechPhone: +1-856-317-7200
OrgTechEmail: cips_ip-registration@cable.comcast.com
# ARIN WHOIS database, last updated 2004-02-04 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.
Now since the IP address found belongs to an ISP, it is clear that the sender has dialed up to this ISP while sending the email. For further enquiry we can then request the ISP to provide us with details of the user who has dialed up to them at that given point of time (Wed, 26 Nov 2003 03:44:57 +0000). If the ISP cooperates, they will check their user and message logs to see who was logged into that particular IP address at that time and date. This will reveals the sender's telephone number from which he/she has dialed to the ISP. Now once we have the telephone number we can easily retrieve the name and address of the sender.
Now the above case is solved but there are also other cases where the IP address found on the email header may be owned by an organisation or a cyber cafe.
Cases1: THE IP ADDRESS OWNED BY AN ORGANISATION
But in case the IP address found belongs to an organisation then you have to request them to provide information about the user who has send the mail from within the organisation network. They must have user and message logs on their firewall / proxy and can trace each of their computers connected at the given point of time. By supplying the organisation with the e-mail header of the offending e-mail, they can check these logs and hopefully produce information of the user of that machine.
Cases2: THE IP ADDRESS OWNED BY A CYBER-CAFE
In case it is found that the sender has sent the email from a cyber-cafe then it becomes a difficult task to trace him/her. The user may not be a frequent visitor to that cyber-cafe. But let's assume that you receive such mails frequently from that particular cyber-cafe then you can install "key-loggers" in the computers at the cafe. These programs records user's keystrokes, thus creating a record of everything that was typed at a particular terminal. By reviewing the key-logger logs you may be able to trace the sender in this case.
Note: These methods would aid greatly in identifying an e-mail sender, they also would impinge on the rights of others using the computers to conduct their personal business. Such a conflict defines the ongoing struggle between the fight against terrorism over the Internet and the right to privacy, which will continue to evolve in the years ahead.
Subscribe to:
Posts (Atom)