~ Some simple stalking tools ~
Introduction
Methodology
~
traceroute
lookup
Windoze's own tools
Tools you can download and use
variae
~
The following tools (traceroute, lookup) are web-based stalking tools that you will use whenever you need to ascertain
who {owns / uses / is responsible for} a given a site. Keep in mind that it is relatively easy, nowadays, to
drown your traces 1) using for registering purposes -say- a completely unrelated friend (or unsuspecting zombie) in order to
bury your real traces under the sand and 2) giving anyway completely bogus information when you register a site.
As usual let's begin "combing" the web, i.e. finding those that have already worked a lot on this lore. Well, who may they be? Of course, first of all,
the spammers! They do not want to be found, nor do they enjoy leaving many traces. So it could be useful to learn all kind of
tricks used by these scumbags
Traceroute are PC-based or web-based
utilities that trace a packet from a computer to an Internet host,
showing how many hops the packet requires to reach the host and how long each hop takes.
If you're visiting a Web site and pages are appearing slowly, you can use traceroute
to figure out where the longest delays are occurring.
The original traceroute is a UNIX utility, but nearly
all platforms have something similar. Windows includes a
traceroute utility called tracert.
In Windows, you can run tracert by selecting
Start->Run, and then entering tracert followed by the domain name of the host. For example:
tracert www.fravia.com
Traceroute utilities
work by sending packets with low time-to-live (TTL) fields.
The TTL value specifies how many hops the packet is allowed before it is returned.
When a packet can't reach its destination because the TTL value is too low, the last host returns
the packet and identifies itself.
By sending a series of
packets and incrementing the TTL value with each successive packet,
traceroute finds out who all the intermediary hosts are.
Related techniques: Firewalking
Firewalking uses a traceroute-like IP packet analysis to determine whether or not a particular packet can pass from the
attacker’s host to a destination host through a packet-filtering device. This technique can be used to map ‘open’ or
‘pass through’ ports on a gateway. More over, it can determine whether packets with various control information can
pass through a given gateway. Also, using this technique, an attacker can map routers behind a packet-filtering device.
http://network-tools.com/default.asp?prog=trace&Netnic=whois.arin.net&host=www.searchlores.org: change "www.searchlores.org" with whatever you want.
http://www.rack66.com/trace.php: rack66 traceroute
There are many on line Whois tools: the best one seems to be:
http://www.whois.sc
that you'll call from your bookmarks while viewing the site you want to "whois". For instance:
http://www.whois.sc/pookmail.com (scroll down for contact names and info)
Another good on-line tool is betterwhois
There are many on line Lookup tools: one of the best seems to be:
http://www.dnsstuff.com/
Here you'll find a bucketload of other on line tools as well.
Another very good tool is http://www.dnsreport.com/
For instance: http://www.dnsreport.com/tools/dnsreport.ch?domain=akadns.net
This is an on-line tool for reverse IP and NS lookup: http://www.domainsdb.net/
Remember that the DNS windoze xp cache stores BOTH
negative (unsuccessful) and positive (successful) entries. The positive entries are those that
the DNS lookup found, where you could connect to the website.
Negative entries are the opposite: those where the DNS lookup failed and you could not connect to the website.
A problem can arise here because if windoze's DNS cache hold a previous negative entry while the website you want to view
is now OK to view, XP will still give you a DNS error.
So first of all flush the cache: enter ipconfig /flushdns in a command prompt.
Then modify the registry to avoid the problem:
1)
Block Negative Entries
To force Windows XP NOT to cache negative entries we need to add a new
DWORD to the following Registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet
\Services\Dnscache\Parameters
DWORD: MaxNegativeCacheTtl
Value: 0
This will now ensure that no negative entries will be stored.
| A note about windoze's own tools |
I am assuming here that you are using windows XP. I am not saying that you should use windows xp, in fact
you should use gnulinux, I am just assuming that you are using windows xp.
If you want to work seriously with it you'll need windows xp-pro sp2 (easy to find on the web if you don't feel like
throwing even more money out of the gates). And if you have it you should by all means install the complete set
of support tools. Here is how you do it:
To install Windows Support Tools:
1. Insert the Windows XP CD-ROM in the drive.
2. Double-click My Computer, right-click the CD-ROM drive, and then click Explore.
3. Go to Support\Tools, and then double-click Setup.exe.
4. When the Windows Support Wizard starts, click Next.
5. Click I agree on the End User License Agreement.
6. Type your name and organization and click Next.
7. Click either the Typical or Complete installation type, and then click Next.
8. Verify the installation location, and then click Install.
The Windows Support Tools are installed to the folder specified in step eight and a Windows Support
Tools folder is added to the Program Files folder on the Start menu.
The following is a list of all Support Tools in Service Pack 2:
(For a description of these and other useful tools, please check the l33t windoz3r ad
hoc section)
acldiag.exe
activate.exe
addiag.exe
adprop.dll
adsiedit.msc
apimon.exe
apmstat.exe
bindiff.exe
bitsadmin.exe
browstat.exe
cabarc.exe
clonepr.dll
depends.exe
dfsutil.exe
dhcploc.exe
diruse.exe
dmdiag.exe
dnscmd.exe
dsacls.exe
dsastat.exe
dskprobe.exe
dumpchk.exe
dupfinder.exe
efsinfo.exe
exctrlst.exe
extract.exe
filever.exe
ftonline.exe
getsid.exe
gflags.exe
httpcfg.exe
iadstools.dll
ipseccmd.exe
ksetup.exe
ktpass.exe
ldp.exe
memsnap.exe
movetree.exe
msicuu.exe
msizap.exe
netcap.exe
netdiag.exe
netdom.exe
netset.exe
nltest.exe
ntdetect.chk
ntfrsapi.dll
ntfrsutl.exe
pfmon.exe
pmon.exe
poolmon.exe
pptpclnt.exe
pptpsrv.exe
pstat.exe
pviewer.exe
rasdiag.exe
remote.exe
replmon.exe
rsdiag.exe
rsdir.exe
sdcheck.exe
search.vbs
setspn.exe
setx.exe
showaccs.exe
showperf.exe
sidhist.vbs
sidwalk.exe
sidwalk.msc
snmputilg.exe
spcheck.exe
timezone.exe
tracefmt.exe
tracelog.exe
tracepdb.exe
vfi.exe
whoami.exe
windiff.exe
wsremote.exe
xcacls.exe
| Tools you can download and use |
netlab.zip ~ 228735
bytes netlab.zip
[Swiss pinging knife]
Netlab, version 1.35, by
Alexander Danileiko (1997): useful tool, must have for pinging, tracerouting
and port-listening...
Netlab, upon starting, contacts the time server at 198.83.19.241 through port 37
~ Stalking Lore ~
| |
|
 |
|
Stalking
Lore |
Back to stalking
(c) III Millennium: [fravia+]
, all rights reserved and reversed