The following explains some of the terms used in Internet forensics, and suggests where relevant clues about a domain name may be registration codes hiding:
“IP Address”
Each and every computer on the Internet has a unique address – just like a telephone number or street address – which is a rather long and complicated string of numbers. It is called its “IP address” (IP stands for “Internet Protocol”). IP Addresses are hard to remember, so the Domain Name System makes using the Internet far easier for humans by allowing words in the form of a “domain name” to be used instead of the arcane, numerical IP address. So instead of typing 64.233.161.104, you can just type that IP address’ domain name, and you would then be directed to the website that you are seeking connected to that domain name.
It is possible to “geolocate” an IP address by using a variety of free services available on the Internet. Geolocation is the practice of determining the physical, real world location of a person or computer using digital information processed and collected on the Internet.
Geolocation can offer the city, ZIP code or region from which a person is or has connected to the World Wide Web by using their device’s IP Address, or that of a nearby wireless access points, such as those offered by coffeeshops or internet cafes.
Determining the country of an Internet user based on his or her IP address is relatively simple and accurate (95%-99% percent) because a country is required information when an IP range is allocated and IP registrars supply that information.
Determining the specific physical location of an IP Address down to a city or ZIP code, however, is a little more difficult and slightly less accurate because there is no official source for the information. Further, users sometimes share IP addresses and Internet service providers often base IP addresses.
Even when not accurate, though, geolocation can place users in a bordering or nearby city, which may be good enough for the investigation.
Internet Corporation for Assigned Names and Numbers (ICANN)
The Internet Corporation for Assigned Names and Numbers (ICANN) is an internationally organized, non-profit corporation that has the ultimate responsibility for Internet Protocol address space allocation, generic (gTLD) and country code (ccTLD) Top Level Domain name system management, and root server system management functions. As a private-public partnership, ICANN is dedicated to preserving the operational stability of the Internet; to promoting healthy and lawful competition; to achieving broad representation of global Internet communities; and to developing policies to foster these goals.
Leave a Reply