A slightly more padded out version of the previous answers:
> www.traceroute.org is your friend so ;)
Almost, but this kind of stuff can be done without recourse to the
web, thanks to the marvels of whois (which is TCP-based, so
is still available to those with router blocks on ICMP)
If you want to find out where someone really is:
a) Do a traceroute - this will give you an idea of where it is, at least
vaguely. If you're feeling keen, get hold of a copy of prtraceroute, as
this usefully tells you which ASes are traversed. Takes a while to run
as a result, but it can be useful.
b) If this is close enough, you're happy. If not, you need to try the IP
against the whois databases of the relevant regional IP registry:
Europe: whois -h whois.ripe.net 22.214.171.124
Asia/Pacific: whois -h whois.apnic.net 126.96.36.199
Americas: whois -h whois.arin.net 188.8.131.52
(Yup, you can just feed them the whole IP, and they'll do the right
thing - can't check the APNIC server as it's down at the moment, but
I guess it does the same.)
The change-to-0-and-look-at-the-NS-records technique doesn't work
unless the network is on an /8 /16 or /24 boundary, something that's
increasingly unlikely on the classless Internet.
This will tell you the gruesome details regarding that particular
netblock. I've occasionally had to do this to track down contacts
for machines with, eg, no postmaster box (grr) which were spewing
mail to my Usenet moderation inboxes.
It goes without saying that reverse lookups can be very easily spoofed, so
don't believe them without checking... and don't forget that the hostname
portion of traceroute output comes from DNS reverse lookups, so that can
be spoofed too.
Finding contacts for _domains_ is a lot more fiddly unless it's part of
a domain with an easily locatable database. it's worth checking
whois.nic.TLD as that's often a standard, but by no means always.
In addition, data protection legislation in many countries means that
they don't give out much information other than not generally useful things
like the domain name and the registered name servers.
I'm sure this stuff could be scripted pretty easily. However it works,
network tracing like this is sometimes more of an art than a science..
Computer Science System Administrator, Trinity College, Dublin, Ireland
mike.knell at cs.tcd.ie -=- http://www.cs.tcd.ie/Mike.Knell/
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!