Follow

Question for network hackers (please boost).

What's the safest way to prove that the ethernet responding to a certain public IP (v4) is located in a certain nation (or at least continent)?

I mean, I can use a geolocation db but I guess it could be outdated. Trace routing the IP and geolocating each hop through the db? Maybe better but... is there an even better way?

@Shamar @jartigag So are you looking to find out if a certain server appearing to be on a certain IP address is actually where the #whois lookup says it is? A server could be using a proxy so may well not be where you think it is. I'm not sure how much info you can get by analysing the data using nmap/wireshark etc...CloudFlare are good at this though!

@acesabe

I'm not much interested where the server actually is, but where the first ethernet that receives the packets directed at such IP is located on Earth surface. Possibly at nation level, but at least at continental level.

I need to exclude the duplication of the public IP over different physical locations, say for load balancing issues.

I know DNS level load balancing is simpler and effective, but... I need to specifically exclude this sort of L3 tricks... for reasons.

(Not that I know anybody doing something like this, BUT I know I'm not an expert on global scale network machinery).

@jartigag

@Shamar @jartigag interesting question, generally you can just look up the IP address via whois lookup which will identify the block range and owner and where they are registered, usually to city & country level. Now, how those IP addresses are then applied, and more importantly where they may be deployed is another matter and probably difficult to find out, although I expect they will generally be where the whois lookup says. IP address duplication should not be possible however.

@Shamar @jartigag so basically you'll have to rely on any info that traceroute/tracert yields and whether the locations of the nodes before destination match the location of the IP address from lookup.

Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves. A STEM-oriented instance.

An inclusive free speech instance.
All cultures and opinions welcome.
Explicit hate speech and harassment strictly forbidden.
We federate with all servers: we don't block any servers.