Does anyone know how to determine the ISP based on the IP address. My daughter is getting virus laden e-mails from someone spoofing my e-mail address. The reason I know the e-mail is not from me is when I view the headers of the e-mail, it's not my IP address.

Comcast IP address in the Philadelphia area start with 68.80 and the e-mail was sent from an IP address starting with 151.

Does anyone know where this originates from??????

Starting with 151 could be anywhere, two of my searches showed EU and Manchester, US.

You can look up using the full IP address from here.

www.DNSstuff.com (http://www.dnsstuff.com/)

Someone who had your address is infected, the darned viruses spoof all addresses in the address book and combine with all available domain names trying to get someone to open them and keep spreading the crud.

shanmuga: You as my kids would say are the BOMB That is exactly what I want as I will then contact their ISP and ask them to shut the person down. I've done this before and it works.

PrntRhd: That was my thought exactly. What I wanted to do is identify the sender by the originating IP address in the header.

Thanks to both of you, I'll let you know how it resolves.

Originally posted by classicsoftware


Does anyone know where this originates from??????

On Sygate Firewall I right click the Navbar icon, and click on security log, in the log, the column on the right is "remote host", if I right click on any item in that column I get an icon that says "back trace." If your firewall isn't Sygate, perhaps it has a simialr function.

It's my daughrers machine and she has web-mail so it never actually hits the computer. If I get another, the lonk from above will guide me whiere I need to go.

Another very useful tool for IP address lookups is Sam Spade. Download from www.samspade.org.

David I tried the link but window said . This page cannot be displayed??
I sympathize with classic, there is nothing more annoying than being subjugated to some freak`s misdirected humor. I have been a victim.:mad:
Stefanus

so it never actually hits the computer Not strictly true, it is just in the Browser's cache rather than being downloaded into a mail client.

Try http://www.dnsstuff.com/ for various look-ups. Woops - thats the same link that was already posted. He he - must be a good one.

When you try to click on it, Yahoo pops up a mesage that it's a virus and delets the attchement.

I was able to view it on Firefox 0.9.0.2
:confused:

Looks as if the Sam Spade page is partly down. The actual program can be found on Zdnet, and this page may be available. (works for me) http://www.samspade.org./ssw/download.html.

David, your links aren't working because you are putting in additional periods.

eg its http://www.samspade.org/ssw/download.html and not http://www.samspade.org./ssw/download.html.

and http://www.samspade.org/ and not http://www.samspade.org./

;)