How to find people ONLINE... A "how to" manual....

First things first, I am going to assume that you have a copy of NETSCAN32.. If you dont then then CLICK HERE and get it from tucows!!!

Next that you have a winsock type PPP connection... That you'll have to get on your own.


We'll assume that you want to find someone to -for instance get their real name. With that and the local library you can get their phone # and address, with that information you can get a birth certificate, social security #, driver's License #, credit report, etc... AMAZING ISN'T IT!!!

For the purposes of this document we'll use some information from a hack job done recently. Including the uniformative information.

This is the asshole I was looking for:

gambit = [email protected]

First step was to peg the IP addresses of the server with the Name Server function....

Translated Name: IP Address: IP Address: IP Address: IP Address: IP Address:

A PING to see which IP responded.. that would also be the one you telnet to if you don't specify the IP address!! It may not let you in but the others might... Try them all

Pinging [] with 48 data bytes

Reply from 48 bytes in 331 msec. TTL: 241 Reply from 48 bytes in 326 msec. TTL: 241 Reply from 48 bytes in 320 msec. TTL: 241 Reply from 48 bytes in 321 msec. TTL: 241 No data received.

PING Statistics for 5 packets transmitted, 4 packets received, 20% packet loss round-trip (ms) min/avg/max = 320/324/331

Sending 48 data bytes to []

Now we run a TRACEROUTE... This will help us visualize and see the geographic location (In this case SanFrancisco)

1:Received echo from ? [] in 200 msec. 2:Received echo from in-gw-e0/ [] in 209 msec. 3:Received echo from sl-fw-11-S2/ [] in 229 msec. 4:Received echo from sl-fw-5-F1/ [] in 490 msec. 5:Received echo from sl-kc-2-H2/ [] in 268 msec. 6:Received echo from sl-chi-15-H2/ [] in 295 msec. 7:Received echo from sl-chi-6-F0/ [] in 277 msec. 8:Received echo from sl-chi-nap-H1/ [] in 275 msec. 9:Received echo from [] in 284 msec. 10:Received echo from [] in 271 msec. 11:Received echo from [] in 298 msec. 12:Received echo from [] in 312 msec. 13:Received echo from [] in 306 msec. 14:Received echo from SanFrancisco-ATM-GW.CSU.NET [] in 323 msec. 15:Received 48 bytes from [] in 318 msec.

TraceRoute Statistics for 15 packets transmitted, 15 packets received, 0% packet loss round-trip (ms) min/avg/max = 200/290/490

You guessed it - Time for a WHOIS - BUT use the sever not the rs..... it will search everywhere.

He wasn't there though - There are some names and addresses and phone #'s of sysadmin listed (HOME #'s)

The whois server is being queried: -------------------- Gaon, Brian D. (BDG6) [email protected] San Francisco State University 1600 Holloway Avenue San Francisco, CA 94132 (415) 338-2876

Record last updated on 02-Jul-91.

The whois server is being queried:

Baum, Amy (AB374) [email protected] 510.757.3333 Gonzalez, Aurelio (AG344) [email protected] 415-276-0532 MacDonald, C.j (CM1455) [email protected] 415-752-9305 Naumann, Jon (JL311) [email protected] (415) 338-1584 Riddle, Stephen (SR1056) [email protected] 415-752-8512 Schmidt, Heidi (HS30) [email protected] 415-338-6175 Strickler, Don (DS2362) [email protected] 415-338-3046 Tse, Jack (JT124) [email protected] 415-338-2627

The whois server is being queried:

No match for mailbox "@SFSU.EDU".

This time I whois'd GAMBIT instead of the server (he might not have an account there - it might be a spoof....

Fried, Matt (MF236) [email protected] (603)358-8028 Gambit Automated Design Inc. (NET-NET-GAMBIT) NET-GAMBIT Gambit Automated Design Inc. (GAMBIT-DOM) GAMBIT.COM Gambit BBS (GAMBITBBS-DOM) GAMBITBBS.COM Gambit Communications, Inc. (GAMBITCOMM-DOM) GAMBITCOMM.COM Gambit Media (GUAGENTI-DOM) GUAGENTI.COM Gambit New Orleans Weekly (GAMBIT-NO-DOM) GAMBIT-NO.COM Gambit Systems (GAMBITSYS-DOM) GAMBITSYS.COM Nelson, Philip (PN218) [email protected] 318-322-8222 Ritter, Russell (RR1116) [email protected] 541.883.2028 ext.35

The whois server is being queried:

whois: connect: Connection refused

There were a couple... to be sure Telnet into the mail server (port 19 or 25) like so :

vrfy [email protected]

250 ALONZO SAMPSON San Francisco State University

Got the BASTARD.. A call to Directory Assistance and you can get the university operator's #. They'll give you the phone # and mailing address....

University Operator - 415-338-1111

This was a simple search that included more steps than usual for the sake of completeness. It also implied that you could view complete headers with your news and mail programs and decipher them.