how to get address from ip (not for bad reasons)

[GeeZillion]

so i own a few minecraft and gmod servers and they ave been crashing recently and i found it they where getting Ddosed. and after weeks of tracking i found the persons real ip i know its not a vpn we found 3 of their vpns before there real ip so is there a way to get his address or just a ruff estimate of where he lives so i can see what action i can take abut this issue. 

[BrandonTheCat]

Just a heads up there is a thing called a shift key

 

As for the IP thing, I don't know how to do that mostly because I don't deal with that stuff. "As long as it works"

[TheKDub]

You can't get their address from it, you can only trace it back to the closest ISP hub.

To trace it back to their address, the authorities would have to have a warrant or some shit.

 

Tl;dr - You can't, just contact the authorities about it.

[Str_Mape]

My IP address location changes from time to time, but apparently I'm currently in the North Island which is definitely wrong.

Best you can do is contact authorities / ISP.

[Toxicable]

I agree with the above, you can't go to the authorities and say: " i know that the person at (address) is DDOS'ing me" they wouldnt do much about it, but if you say gave them the IP and reasonable reason for them to investigate then they'd find the address and whatever else from there

[Toxicable]

My IP address location changes from time to time, but apparently I'm currently in the North Island which is definitely wrong.

Best you can do is contact authorities / ISP.

Im currently connected to my uni's network but after looking it up it actually got mine to about 20 KMs of where I am

[Altecice]

You can get quite close using a WHOIS search.

[SP4C3]

You just can't locate the device holding an ip.

You can get:

1. The organisation the ip is registered to(propably the isp)

2. The path packages go while being routed to the ip

 

By using that you are just able to get the region (like country) the ip may be located.

 

 

Btw. DDOS is not possible from 1 ip. The first D stands for distributed.

[GeeZillion]

You just can't locate the device holding an ip.

You can get:

1. The organisation the ip is registered to(propably the isp)

2. The path packages go while being routed to the ip

 

By using that you are just able to get the region (like country) the ip may be located.

 

 

Btw. DDOS is not possible from 1 ip. The first D stands for distributed.

 

You just can't locate the device holding an ip.

You can get:

1. The organisation the ip is registered to(propably the isp)

2. The path packages go while being routed to the ip

 

By using that you are just able to get the region (like country) the ip may be located.

 

 

Btw. DDOS is not possible from 1 ip. The first D stands for distributed.

yes i know i have a team of people that we spend weeks trying to find the ip and we found it because he played on are server and all the IP activate on are server where dead except for 4 and 3 where VPS of his and we have is real one

[Instealer]

You can't find the exact location but you can find rough estimates sometimes. Just search up "IP Location" or something like that on google. Here are some results:

http://www.ipfingerprints.com/

http://www.whatsmyip.org/ip-geo-location/

http://www.iplocation.net/

[Enderman]

google the IP address

then use iplocationtools.com result to find the location (it was the second search result for me)

then use the latitude and longitude to find the general area

[AlwaysFSX]

Going to the authorities will do nothing unless you have a data log for the server seeing it getting DoS'd. Same with just giving them a location based on an IP (because that works, lmao) because there's no evidence.

[DevilishBooster]

so i own a few minecraft and gmod servers and they ave been crashing recently and i found it they where getting Ddosed. and after weeks of tracking i found the persons real ip i know its not a vpn we found 3 of their vpns before there real ip so is there a way to get his address or just a ruff estimate of where he lives so i can see what action i can take abut this issue. 

Take the IP address to your local law enforcement agency. They can actually do something with it that will be more effective than blocking it. Just make sure you have documented the DDOS attacks and everything you did to trace the IP address.

[GeeZillion]

Take the IP address to your local law enforcement agency. They can actually do something with it that will be more effective than blocking it. Just make sure you have documented the DDOS attacks and everything you did to trace the IP address.

we have proof we documented most of the stuff we where doing and when it was getting Dosed

[DevilishBooster]

we have proof we documented most of the stuff we where doing and when it was getting Dosed

Just to give you a heads up, if they take this seriously, they may ask to have access to the servers as they sit now so that they can create an official, 100% legal, chain of evidence to back up everything you have documented. 

[GeeZillion]

Just to give you a heads up, if they take this seriously, they may ask to have access to the servers as they sit now so that they can create an official, 100% legal, chain of evidence to back up everything you have documented. 

my guess is they would push it off but as this is the main part of my income so its interfering with my work i could maybe get then to look at it

[KTFO|SGTmoody]

we have proof we documented most of the stuff we where doing and when it was getting Dosed

 

Good,

In the world of attacks this is how you deal with it.  We dont go to the local police force etc, theres no point they wouldnt do anything. Nor are we realy bothered about the location as you can have IP's originate from one county but be registared to another so knowing the county of origin is not what we are after.

This is how we deal with attacking servers in the service provider world.

 

If you have the IP thats sending the attacks then look it up on either: https://www.ripe.net/ (put the ip in the top left hand corner and search )  or you can use something like https://www.bgp.het.net and look up the IP there,  This will give you the provider (or google sometimes)

 

from here, on ripe you can find the abuse email address.  You looking for something like  abuse@ email  you can then send an email to the provider of that IP range and they will then send your abuse email on to the company or person that owns the server and they will deal with it.

 

Remember to include all of your findings and logs in the email as this will help the server admin to locate and stop what ever is going on.

 

if your sure its a DDOS attack then remember to include the posiblity that the server could be infected and has become part of a bot net  as this may also help the admin.

 

if you cant find the abuse email address off google or ripe.net   bgp.he.net will give you the company and AS number, from here you should be able to find their abuse email, may take some researching.  If you still cant find the abuse address to contact, post the IP here and im happy to find it for you.

 

Also, if your intrested in DDOS then this is a cool website to watch for a while : http://map.ipviking.com/  

probably the attacks you had are quite small.

 

it will give you an idea of the most attacked protocols and countries of attack and also target.  so you can block the most attacked ports on your firewall to help prevent the ongoing attacks.

[Brenz]

my guess is they would push it off but as this is the main part of my income so its interfering with my work i could maybe get then to look at it

 

I don't want to sound rude but how old are you? and where is your Minecraft server hosted?

 

If you pay a provider for your server they may have logs that you can use if you ask them for help.

[flowalex]

This is also a useful tool, I recommend downloading the zip file. http://nirsoft.net/utils/ipnetinfo.html

[Neil]

geoip/whois/anything else is nowhere near accurate. 

[xmx1024]

IP addresses do not have house addresses assigned to them. Most ISPs assign them dynamically to customers (so basically they change) and there isn't really a way to track a user down to a specific IP unless you somehow have access to an ISP's systems.