Monthly Archives: December 2015

Advanced Footprints Series: ASN

 
LAST UPDATE: August 2017

So far we’ve talked about a few different ways a website (or the server it’s running on) can be footprinted, but we’ve yet to talk about the most obvious – the server’s physical location.

The internet is basically a huge, world-wide network, made up of numerous smaller networks. The technology behind it is way too complicated to go into here, but we’ll run through just a bit of it – specifically the parts which can be used to pinpoint a server’s location. When we talk about location, we’re usually talking about the company which is hosting either a physical or virtual server, or even just hosting individual websites on shared servers.

Typically, when discussing the locations of servers (or webpages), we usually think about IP numbers. These are like street addresses for companies or homes and take the form of long strings of numbers (in the case of IPv4, IPv6 is a bit different). To make these numbers useful to humans, networks use a technology called DNS (Domain Name System) to connect these numbers to readable addresses we use on the internet every day. For instance – the DNS system can turn a URL (a web address such as google.com) into an IP address which allows our browser to find the correct website. If you knew google.com’s IP number, you could skip the DNS and type the IP itself into a browser.

IP addresses are governed by ICANN and are allocated to ISPs (Internet Service Providers). These reassign IP numbers to their customers (in essence, IP numbers are rented out, not sold). There are a few problems with trying to use IP numbers to get usable data about who is using the IP and what they’re using it for. One is that they switch hands every now and then – we’ve run out of IPv4 addresses, which means that anyone who wants one has to buy it or rent it from someone else. The second problem is that the information on who exactly is behind an IP is sketchy at best.

Continue reading