GeoEdge – IP Address Locator
Posted January 6th, 2010 by Nikhil WagholikarIntroduction
Log analysis, is one of the very basic but crucial exercise of any Forensics Analyst. It includes many aspects for analysis; some of the important ones being:
- Determine actions/requests performed by User/Host/IP Address
- The application’s or Server’s reactions towards user’s requests
- Finding more information about a particular User/Host/IP Address who may be performing some extra-ordinary transactions with the application/server
- Application/Server performance
- Application/Server traffic monitoring to calculate business growth etc
However from forensics point of view, investigating “which user did what on the application/server that lead to its compromise” is of the most importance. Similar scenario applies to Email investigation. It’s quite simple now to find out the IP Address of the person who is sending out fishy or threatening emails to the victim(s).
Here we are discussing a post investigation aspect of above and similar scenarios i.e. what after once the source IP Address (of the attacker) is identified? In this article we are going to discuss about a simple tool/script, which helps forensic analyst to get the exact location of the source IP Address on this very beautiful earth.
Read the rest of this entry »