find the geographical location given IP address

How do I find the geographical location of a host, given its IP address ?

In general, it is impossible – IP addresses are allocated arbitrarily, as there's no inherent connection between an IP address and it's physical location, and there's no reliable method to do the trick.

Yet, doing some detective work could help. Try following methods :

Note the following links for reference :

A complete list of country codes

link

link

A complete list of U.S. state abbreviation

link

A complete list of airport codes

link

Microsoft's TerraServer – satellites pictures of geographical areas

link

Use reverse DNS to find out the host's name. This item could supply some clues that could help.

Reverse DNS translation doesnt always work – it depends on the host's [the host with the given IP address] DNS server's correct configuration.

Another trick is to execute a whois request on the IP address. Try to direct the whois query to whois.arin.net – if it doesn't have the reply it will tell you to query either whois.apnic.net or whois.ripe.net

Notice that a host in one domain might be hosted in another country. This is due to both virtual hosting, where a domain of a company from one country or region, might be hosted where hosting is cheap.

Also notice that the .org, .com, and even .edu domains does not imply the host is in the U.S., as many of those domains belong to companies that are either not U.S. based, or are international, and might have some hosts all over the world.

Some hosts support a DNS extension which allows for hosts to enter their geographical location into their DNS record, based on an extension to DNS described in RFC 1876.

Another attempt to express a host's geographical location via DNS is done in RFC 1712. Both RFCs define a DNS Resource Record to contain the geographical location.

Visit the host's web server. A web site will sometimes contain hints regarding the site's location.

Use whois. The whois database contains administrative contact info for all domains, filled in during domain registration time, and updated from time to time. This admin info could give some hints.

The whois database is not highly reliable – if an address belongs to a large & responsible company, the company will supply reliable info and update it, but as domain name registrators do not insist on keeping the database accurate and current, the data might be incorrect.

The IP to Lat/Long page will attempt to display the same information in a graphical representation.

link

The Allwhois.com page allows whois requests for many countries. link

A list of whois servers, collected by Matt Power, is available at ftp://sipb.mit.edu/pub/whois/whois-servers.list

Note that the data is usually given for the owners' main branch or contact points, but the IP addresses might be allocated to hosts that may be located at a different location(s).

Use traceroute. The names of the routers through which packets flow from your [or any] host to the host with the given IP address might hint at the geographical path which the packets follow, and at the final destination's physical location.

There is a utility named VisualRoute (link) which traceroutes a host, and displays the route on a map of the world. The host's location on the map is based on the whois query, which may be wrong – an Israely domain might be displayed as being in Israel though it is hosted in another country.

Some of the services available on the host might give further info.

Naming conventions of ISPs and back-bones

AT&T dialups : ...dial-access.att.net

Port is 2–254 for the dial-up ports, and 1 for the router itself. location: example: "los-angeles-2" (city and router #). state: 2-letter abbreviation.

Related sites :

The Mappa.Mundi Magazine – link

Cyber Geography – link

Hongfeng Sun : 22 Jul 2004 12:16 |  Tags: Tech |  Comments (2) |  Report a problem