August 8, 2001

By Karen Kenworthy

IN THIS ISSUE

It sure is good to talk to you again! After my last newsletter, back at the end of June, I decided to take a couple of weeks off. I wanted to finish work on my new CD, and do some contract programming for my busy friend Bob. Little did I know that we'd be apart for a whole month!

I did accomplish what I set out to do. Along the way I also changed Internet Service Providers -- twice. I also built a new server, updated the software I use to send this newsletter, and wrote some new programs I use behind the scenes. I even found time to write a new Power Tool program, and updated a couple of old ones.

But when people started writing, asking if I was still alive, I knew I'd been away too long. :)

Around The World

I spent much of the last month taking a cyber trip around the world. During my voyage I visited web sites located in dozens of countries, and managed to learn a little Chinese, Korean, Polish, French, Spanish, German, Australian, Canadian, and other exotic languages.

I made this trip to improve my WhoIs program. Most of you will remember WhoIs, a Power Tool that can discover who owns web servers and other computers providing public Internet services. Originally, WhoIs needed to know the domain name of the site being investigated. It would then contact one of the many Internet Top-Level Domain (TLD) Registries, and retrieve the domain name owner's information.

WhoIs still does that job. In fact, the new version performs that job more reliably than ever. But thanks to my travels, WhoIs has learned another trick. It can now display information about the owner of some computers, given just the computer's numeric IP address.

This trick comes in particularly handy when tracking down spammers and other 'Net ne'er-do-wells. That's because they often hide their computers' domain names, or don't give their computers names at all. But every computer connected to the Internet must have an IP address, opening the door to the new version of Karen's WhoIs

IP Addresses

We've talked about IP (Internet Protocol) addresses before. Every computer connected to the Internet must have at least one. Once assigned, these large numbers become a computer's Internet address -- the way it is known by all other computers on the 'net.

Now we humans don't deal very well with large numbers. Our eyes glaze over, just as our computer's CPUs are getting excited. So to make our lives easier computer's across the Internet are given domain names, such as www.microsoft.com. And a large, distributed database called the Domain Name System (DNS) converts these familiar names into the more daunting numeric IP addresses our silicon friends prefer.

If you've been around the Internet for long, you're probably seen an IP address. For example, this one belongs to one of Microsoft's web servers: 1100 1111 0010 1110 1100 0101 0110 0100.

If that form of address doesn't look familiar, perhaps this version will: 207.46.197.100

It's the same address. But this time the 32 binary digits are gathered into four groups of eight bits, called octets. Then, the decimal equivalent of each octet is written, separated from the others by a period. The familiar result is sometimes called the "dotted-quad" form of an IP address.

Regional Internet Registry

Now we know what IP addresses look like. And we know that every computer connected to the Internet must have one. But who, or what, assigns unique IP addresses to each of the millions of computers on the Internet? And where do IP addresses come from?

If your computer connects to the Internet via a telephone modem, cable modem, DSL adapter, or other dial-up means, it is probably assigned a temporary IP address by an Internet Service Provider (ISP) each time it connects to the Internet. When your computer disconnects from the Internet, its IP address is freed, and may later be reassigned to another computer. The assignment of temporary IP addresses is performed by a special bit of software known as a DHCP (Dynamic Host Configuration Protocol) server.

If your computer is connected to a Local Area Network (LAN), it may receive a temporary IP address via your LAN's DHCP server. Or a system administrator may have assigned your computer a permanent IP address.

But where do ISPs and system administrators get the IP addresses they distribute to others? The answer used to be simple. When the Internet still had that new network smell, all IP addresses came directly from an organization known as The Internet Assigned Numbers Authority, or IANA.

The Internet Assigned Numbers Authority http://www.iana.org/

In a sense, this organization owns all of the 4,294,967,296 possible IP addresses. When the Internet was young, IANA allocated blocks of consecutive IP addresses to universities, government agencies, and businesses. These organizations, in turn, assigned IP addresses to their computers out of the blocks given them by IANA. If an organization grew, adding more computers, IANA gave then additional blocks of IP addresses.

As the Internet expanded, so did the demand for IP addresses. Eventually, IANA decided to delegate the job of IP address allocation to three regional organizations. Each of these Regional Internet Registries, or RIRs, was given a large number of previously unallocated IP addresses, to meet the networking needs of their part of the world.

Today, requests for IP addresses from Europe, the Middle East, and North Africa are now handled by an organization called RIPE, or the Reseaux IP Europeens. IP addresses given to computers located in Asia and the Pacific are allocated by APNIC, or the Asia Pacific Network Information Centre. The rest of the world, including North and South America, the Carribean, and sub-Saharan Africa obtain their IP addresses from ARIN, the American Registry for Internet Numbers.

Reseaux IP Europeens RIPE Network Coordination Centre http://www.ripe.net/

Asia Pacific Network Information Centre http://www.apnic.net/

American Registry for Internet Numbers http://www.arin.net

But if you're thinking about contacting one of these, to obtain some IP addresses of your very own, think again. Today, only ISPs are given blocks of IP addresses by the Regional Internet Registries. ISP's are responsible for sub-allocation of their IP address -- the assignment of IP addresses to customers -- whether the customers are individuals, companies, government agencies, schools, or even smaller ISPs.

Karen's WhoIs version 2

Fortunately, for us, the Regional Internet Registries maintain publicly accessible databases containing information about the IP address blocks they've allocated. In addition to the block's starting and ending IP address, the databases include contact information for the user of each block. Like the databases of Domain Name Registrars, this contact information often includes names, phone numbers, fax numbers, email addresses, and mailing addresses!

And now, our WhoIs program can interrogate the RIR databases, and report what's found there. Just enter the IP address of any computer, and Karen's WhoIs will contact the appropriate RIR's WhoIs server. It will then display the complete reply. The information can be viewed on-screen, or copied to the Windows clipboard.

There's more to say about Karen's WhoIs, and how to use it to track down Internet miscreants. But we'll have to talk about that the next time we get together. In the meantime, if you'd like to try out the new version of Karen's WhoIs, visit the program's home page at:

https://www.karenware.com/powertools/ptwhois

As always, both the program and its Visual Basic source code are free.

Karen's CD!

Or, you can receive a copy of Karen's WhoIs -- plus copies of all 21 other Power Tools -- on a CD! That's right, after years of reader requests, I've finally created a CD containing all of my Power Tools programs. The CD also contains two bonus programs (SendTo Clipboard and MatchMaker) that are no longer available anywhere else.

All back issues of Karen's Power Tools newsletter are also included too, plus some articles I wrote for Windows Magazine. The articles were selected because they show the origins of some of the most popular Power Tools, including the Alarm Clock, Version Browser, Mailer, Font Explorer, Countdown Timer, DriveInfo, and more.

And in the best Power Tools tradition, the Visual Basic source code for all programs is on the CD too!

If you'd like to order your copy of Karen's Power Tools CD, visit the web site at: https://www.karenware.com/licenseme . It's only $29.95, including shipping. And you can pay by credit card or check.

That's all for now! I've got to stuff some envelopes and lick some stamps. But I'll find some time to get on the 'net soon. If you see me there, be sure to wave and say "Hi!" And if you want to help me mail those CDs, just pull up a chair. :)