AIM SN Ip tracking...

Ishbar · September 22, 2005, 05:30 PM

I've encountered a problem recently with a friend of mine.

This boy happens to be stalking her. "Supposidly" He knows much personal information of hers, but worst of all i've seen several accounts of his "attacks" In California and Ohio. I'm confused though because I live in CT...Now to get to the point...

I was currious as to find out if its possible to aquire someones Ip from their Aim sn. I know theres netstat -n through D/C and Command Prompt, but this character wont connect with me, nor the girl he's harrassing. I know that some sites give location to Ip's so thats all I need..is his IP and im set from there on out. So if anyone has any information at all on this subject please respond.

His sn is: DoeBoY2510

Mine is: x IshbarQ x

MyndFyre · September 22, 2005, 05:35 PM

If they talk, have her direct-connect with him. Packetlog.

Ishbar · September 22, 2005, 06:31 PM

I said...he WONT connect with her..I know theres someway though to find it. Obviously AIM contains the sn's ip.

rabbit · September 22, 2005, 07:03 PM

Packet log some convos and look for IP's in the logs.

Tazo · September 22, 2005, 07:26 PM

That wont work, messages are relayed through the server.

nslay · September 22, 2005, 08:47 PM

Packet logging is overkill
Just get Sysinternal's TCPView and watch the connections in real time. TCPView even displays the programs they are associated with...so packet log is particularly a bad idea if you have a lot of traffic...it certainly doesn't associate connections with their programs like TCPView does.

Joe[x86] · September 22, 2005, 08:51 PM

Quote from: Tazo on September 22, 2005, 07:26 PM
That wont work, messages are relayed through the server.

One.. two.. three times thats been stated!

I don't know of any way other than DC to get their IP. =/

EDIT -
nslay, if you use a quality packet logger (ethereal) you can use a filter such as ((tcp.port == 6112)), which clearly will only show Battle.net packets, instead of AIM, but you get my drift.

nslay · September 22, 2005, 09:01 PM

Quote from: Joe on September 22, 2005, 08:51 PM
Quote from: Tazo on September 22, 2005, 07:26 PM
That wont work, messages are relayed through the server.
One.. two.. three times thats been stated!

I don't know of any way other than DC to get their IP. =/

EDIT -
nslay, if you use a quality packet logger (ethereal) you can use a filter such as ((tcp.port == 6112)), which clearly will only show Battle.net packets, instead of AIM, but you get my drift.

We're assuming direct connect, in which case they aren't forwarded through the AOL servers.
Who cares about packets? We're looking for the IP, not the information being sent.
So, as soon as a direct connect is established one side directly connected to other...the IP can be seen through netstat or TCPView.

Edit: a packet logger doesn't usually associate the connections to their program counterparts, nor does it usually give you the option to forcefully drop connections...no windows utility that I know of gives you that kind of verbosity and power. Packet loggers are used to watch information being transmitted and recieved...TCPView is a small and powerful tool that allows you to watch incoming and outgoing connections in real time while examining which program is responsible for which connection...it also allows you to forcefuly drop connections which I thought was pretty cool. TCPView isn't a packet logger.

Explicit · September 22, 2005, 09:09 PM

So in other words, that guy is stalking her?

nslay · September 22, 2005, 09:23 PM

Quote from: Ishbar on September 22, 2005, 06:31 PM
I said...he WONT connect with her..I know theres someway though to find it. Obviously AIM contains the sn's ip.

Maybe file transfer?

Topaz · September 22, 2005, 10:17 PM

You're not likely to get his IP. Why does it matter so much, anyway? And how do you know where the attacks originate from?

Joe[x86] · September 22, 2005, 10:55 PM

Aw crap, I read a daRktYpE post.. agh, my brain!

QuoteYou're not likely to get his IP.

Pound it my eThug. Now, lets get back on topic and fix it.

QuoteWhy does it matter so much, anyway?

READ.

QuoteAnd how do you know where the attacks originate from?

READ.

MyndFyre · September 23, 2005, 01:08 PM

Joe, since when did you become the forum police, always posting on-topic stuff and never missing anything that was said?

Eric · September 23, 2005, 01:43 PM

Generally the only information you can get from an IP address is information about the user's ISP which includes the server's contact information, location and a range of IPs that they currently own.

iago · September 23, 2005, 03:14 PM

Quote from: nslay on September 22, 2005, 09:01 PM
We're assuming direct connect, in which case they aren't forwarded through the AOL servers.

He specifically said that isn't an option.

File-transfer isn't a bad idea, though. I think file-transfers are direct connections.

AIM SN Ip tracking...

Topaz