How to find people ONLINE... A "how to" manual....
First things first, I am going to assume that you have a copy of NETSCAN32.. If you dont then then CLICK HERE and get it from tucows!!!
Next that you have a winsock type PPP connection... That you'll have to get on your own.
GETTING STARTED
We'll assume that you want to find someone to -for instance get their real name. With that and the local library you can get their phone # and address, with that information you can get a birth certificate, social security #, driver's License #, credit report, etc... AMAZING ISN'T IT!!!
For the purposes of this document we'll use some information from a hack job done recently. Including the uniformative information.
This is the asshole I was looking for:
gambit = gambit@sfsu.edu
First step was to peg the IP addresses of the server with the Name Server function....
Translated Name: sfsu.edu IP Address: 130.212.10.162 IP Address: 115.102.115.117 IP Address: 46.101.100.117 IP Address: 0.41.0.5 IP Address: 198.41.0.6
A PING to see which IP responded.. that would also be the one you telnet to if you don't specify the IP address!! It may not let you in but the others might... Try them all
Pinging sfsu.edu [130.212.10.162] with 48 data bytes
Reply from 130.212.10.162: 48 bytes in 331 msec. TTL: 241 Reply from 130.212.10.162: 48 bytes in 326 msec. TTL: 241 Reply from 130.212.10.162: 48 bytes in 320 msec. TTL: 241 Reply from 130.212.10.162: 48 bytes in 321 msec. TTL: 241 No data received.
PING Statistics for sfsu.edu 5 packets transmitted, 4 packets received, 20% packet loss round-trip (ms) min/avg/max = 320/324/331
Sending 48 data bytes to sfsu.edu [130.212.10.162]
Now we run a TRACEROUTE... This will help us visualize and see the geographic location (In this case SanFrancisco)
1:Received echo from ? [204.214.228.129] in 200 msec. 2:Received echo from in-gw-e0/LIT.intellinet.com [204.182.227.1] in 209 msec. 3:Received echo from sl-fw-11-S2/5-T1.sprintlink.net [144.228.131.49] in 229 msec. 4:Received echo from sl-fw-5-F1/0.sprintlink.net [144.228.30.5] in 490 msec. 5:Received echo from sl-kc-2-H2/0-T3.sprintlink.net [144.228.10.77] in 268 msec. 6:Received echo from sl-chi-15-H2/0-T3.sprintlink.net [144.228.10.69] in 295 msec. 7:Received echo from sl-chi-6-F0/0.sprintlink.net [144.228.50.6] in 277 msec. 8:Received echo from sl-chi-nap-H1/0-T3.sprintlink.net [144.228.56.10] in 275 msec. 9:Received echo from aads-F.mci.net [198.32.130.227] in 284 msec. 10:Received echo from core3-hssi1-0.WillowSprings.mci.net [204.70.1.197] in 271 msec. 11:Received echo from core1.Bloomington.mci.net [204.70.4.161] in 298 msec. 12:Received echo from border1-fddi-0.Bloomington.mci.net [204.70.2.130] in 312 msec. 13:Received echo from csunet-losnettos.Bloomington.mci.net [204.70.48.6] in 306 msec. 14:Received echo from SanFrancisco-ATM-GW.CSU.NET [204.102.243.144] in 323 msec. 15:Received 48 bytes from sfsu.edu [130.212.10.162] in 318 msec.
TraceRoute Statistics for sfsu.edu 15 packets transmitted, 15 packets received, 0% packet loss round-trip (ms) min/avg/max = 200/290/490
You guessed it - Time for a WHOIS - BUT use the ds.internic.net sever not the rs..... it will search everywhere.
He wasn't there though - There are some names and addresses and phone #'s of sysadmin listed (HOME #'s)
The ds.internic.net whois server is being queried: -------------------- Gaon, Brian D. (BDG6) bgaon@SFSUVAX1.SFSU.EDU San Francisco State University 1600 Holloway Avenue San Francisco, CA 94132 (415) 338-2876
Record last updated on 02-Jul-91.
The rs.internic.net whois server is being queried:
Baum, Amy (AB374) greenbd@SFSU.EDU 510.757.3333 Gonzalez, Aurelio (AG344) aurelio@SFSU.EDU 415-276-0532 MacDonald, C.j (CM1455) cjm@SFSU.EDU 415-752-9305 Naumann, Jon (JL311) jnaumann@sfsu.edu (415) 338-1584 Riddle, Stephen (SR1056) sriddle@SFSU.EDU 415-752-8512 Schmidt, Heidi (HS30) heidis@SFSU.EDU 415-338-6175 Strickler, Don (DS2362) dons@SFSU.EDU 415-338-3046 Tse, Jack (JT124) jack@SFSU.EDU 415-338-2627
The nic.ddn.mil whois server is being queried:
No match for mailbox "@SFSU.EDU".
This time I whois'd GAMBIT instead of the server (he might not have an account there - it might be a spoof....
Fried, Matt (MF236) gambit@MONADNOCK.KEENE.EDU (603)358-8028 Gambit Automated Design Inc. (NET-NET-GAMBIT) NET-GAMBIT 204.30.212.0 Gambit Automated Design Inc. (GAMBIT-DOM) GAMBIT.COM Gambit BBS (GAMBITBBS-DOM) GAMBITBBS.COM Gambit Communications, Inc. (GAMBITCOMM-DOM) GAMBITCOMM.COM Gambit Media (GUAGENTI-DOM) GUAGENTI.COM Gambit New Orleans Weekly (GAMBIT-NO-DOM) GAMBIT-NO.COM Gambit Systems (GAMBITSYS-DOM) GAMBITSYS.COM Nelson, Philip (PN218) gambit@VARMM.COM 318-322-8222 Ritter, Russell (RR1116) gambit@CDSNET.NET 541.883.2028 ext.35
The nic.ddn.mil whois server is being queried:
whois: connect: Connection refused
There were a couple... to be sure Telnet into the mail server (port 19 or 25) like so :
vrfy gambit@sfsu.edu
250 ALONZO SAMPSON
Got the BASTARD.. A call to Directory Assistance and you can get the university operator's #. They'll give you the phone # and mailing address....
University Operator - 415-338-1111
This was a simple search that included more steps than usual for the sake of completeness. It also implied that you could view complete headers with your news and mail programs and decipher them.
Enjoy...
TATTOOMAN