8/25/2021»»Wednesday

Check Local Ip

8/25/2021
    54 - Comments

First of all, What is this Local IP Address? It’s quite simple. It’s an IP Address assigned to your computer or any device which is connected to the computer network. This IP is not accessible from internet but only in you local network. That’s why it is called as “Local IP Address”.

Open up the Command Prompt via your Windows Start menu. Type in “ ipconfig ” and hit Enter. Look for the line that reads “IPv4 Address.” The number across from that text is your local IP address. What is IP-based Geolocation? IP-based Geolocation is mapping of an IP address or MAC address to the real-world geographic location of an Internet-connected computing or a mobile device. Geolocation involves in mapping IP address to the country, region (city), latitude/longitude, ISP and domain name among other useful things. The Internet Protocol Address (or IP Address) is a unique address that computing devices such as personal computers, tablets, and smartphones use to identify itself and communicate with other devices in the IP network. Any device connected to the IP network must have a unique IP address within the network.

For example, in you school or in office, there are multiple computers are connected to the local network. Which means they can literally and technically talk with each other. But these computers can not be accessed from internet.

To know your Local IP Address of your computer, follow the below given steps.

  1. Click on the Start menu of your Windows OS, Operating System, and type cmd.
  2. When you see the cmd applications in Start menu panel, click it or just press enter.
  3. A command line window which is by default Black in colour will open.
  4. Type ipconfig and press enter.
  5. Or ipconfig /all to view IP addresses assigned to all the Network Interface Cards.
  6. You’ll see a bunch of information, but the line you want to look for is “IPv4 Address.” The number across from that text is your local IP address. Below is an example image.

Whats My IP Address. An IP address is defined as the numerical representation of a device's location in a network. A device is a computer, a printer, a switch, a cell phone, or an iPad©. The letters IP stand for Internet Protocol. The most widely used IP addresses are IPv4 which consist of four groups of numbers named octets. Look up IP Address Location If you can find out the IPv4 or IPv6 address of an Internet user, you can get an idea what part of the country or world they're in by using our IP Lookup tool. What to do: Enter the IP address you're curious about in the box below.

ipconfig is a very basic but very important command. We will cover it in detailed blog post.

You can also find you Local IP Address from windows network settings. Below are the steps for same.

  1. Clock on the Start menu of your Windows OS, Operating System and click on Control Panel.
  2. In Control Panel, you will find “Network and Sharing Centre”. Click on it.
  3. In “Network and Sharing Centre”, you will find “Local Area Connection”. Click on it.
  4. It will open a Local area connection status window. Click on Properties. There you will find “Internet Protocol Version 4 (TCP/IPv4). Click on it and select properties again.
  5. Another window will open which will show you, the Local IP address assigned to that system. Below is an example image.

If you are a Mac user, follow below given steps.

  1. Open System Preferences, via the Apple menu at the top left hand corner of your screen.
  2. When System Preferences opens, click on the icon labeled Network.
  3. You will find few options on the left, such as, Wi-Fi, Ethernet, Bluetooth, etc.
  4. The option with green dots is an indication of an active device and will have an IP addresses assigned.
  5. Once you select the green dot option, it could be Wi-Fi or You ThunderBolt adapter, You will find and option labeled “Advanced”. Click on it.
  6. It will open an advanced settings window. In this window you will find a “TCP/IP” tab. When you click on it you will find you local IP address. Below is an example image.

In Mac or linux you can also use “ifconfigMultifunction wall clock. ” command.

An IP lookup, also known as an IP address lookup or IP checker, is the act of trying to detect the information behind an IP address, for both IPV4 and IPV6 types of IPs.

When you perform an IP address lookup in real time, you will likely be querying and testing against the ARIN (American Registry for Internet Numbers) database. On other occasions, the query will be answered by a passive DNS, domain or IP database server. In either situation, inputting an IP address will show you detailed information about the ISP and web hosting/server provider using that network block.

Most of the time, this sort of information is queried by technical users, system administrators and security researchers performing infosec investigations surrounding phishing domains, spamming, DNS attacks and other illegal activities.

Today we’ll explore the top most effective tools you can use to perform an IP lookup utilizing terminal-based commands and web-based interfaces.

Top Unix/Linux IP lookup tools

While an IP lookup can be performed from Windows operating systems, Unix and Linux are often the ideal platforms to run a full IP lookup and domain and network diagnostics, due to the wide number of tools available and actions you can perform.

Now let’s analyze the most popular terminal-based tools designed for performing a quick domain IP address lookup as well as a WHOIS IP lookup.

Ping

The Ping tool is a cross-platform command available on most modern operating systems. It’s widely used to determine if a network or remote machine is responding to remote network requests—in other words, if it’s “alive” (online).

The Ping command uses the ICMP echo (RFC 792 Internet Control Message Protocol) function to send packets over the network to a specific hostname or IP address. Once the packet has been sent, it will wait for the remote packet response. If the remote host is up, it will return a network packet; if not, it may be a sign that the host is unreachable, down or simply that the ICMP response is disabled by firewall rules on the destination server.

This command is also used to measure the network response speed, packet loss and number of packets sent/received. Ultimately, the main goal of Ping is to resolve the IP address of any host, as you see below:

ping domain.com

This way you can perform a simple domain IP lookup. When you target a balanced domain that is listening on multiple IP addresses (as used in Round Robin DNS, for example), the domain IP lookup will sometimes resolve to different IP addresses.

Microsoft’s DNS zone exemplifies this case:

The Ping command can also be used against IP addresses—just replace the target for any IP address, as shown below:

ping 8.8.8.8

This way, we can get a summary of all the data obtained from this quick IP network lookup:

And there you have it! That’s the easiest way to perform a domain IP lookup.

Dig

Dig, know as Domain Information Groper, is a popular domain tool and DNS utility used to query DNS name servers while performing IP and DNS lookups.

To run a simple domain IP lookup using Dig, use the following syntax:

dig A domain.com

For example:

In the previous example, dig was querying against the A DNS record type, which answered back showing the 151.139.243.5 as the main IP address.

You can see that there is a lot of information that isn’t directly related to the IP address, such as query time, the DNS server that was queried, query status, and other details.

Here’s a simplified way to achieve the same results:

+noall disables stats, comments and other non-useful things, and +answer will only include the answer from the DNS server, the very part we need.

For an even easier way to do it, use the +short option:

nslookup

nslookup is another widely-used system and network administration terminal-based tool available on Unix/Linux and Windows systems.

This tool is mostly used while running network diagnostics and system administration tasks, often to query DNS servers as a way to grab the IP address behind a host.

Let’s illustrate how to use nslookup to run a simple domain IP lookup:

How Do I Find My Ip Address

nslookup securitytrails.com

Expected output:

Host

One way to use the host command to perform an IP lookup is to query against an IP address. You can also use it bidirectionally when querying hostnames — host can help security researchers perform DNS lookups to translate hostnames into IP addresses, and vice versa. It supports different lookups for various DNS records such as A, MX or NS records.

To find the IP address of the remote securitytrails.com server, just type:

Check Local Ip

host securitytrails.com

This will return something like:

As you see, you obtained the main IP address (151.139.243.5) from the A-type DNS record, as well as the MX records from Google G-suite.

Let’s see the opposite now with the IP addresses of two [popular DNS servers][blog_dnsservers] such as Cloudflare’s 1.1.1.1 and Google’s 8.8.8.8.

In this case, we obtained the rDNS or PTR record from the IP network provider. This is also called reverse IP lookup, or rDNS lookup.

WHOIS

The WHOIS command is one of our favorite terminal commands, as it can reveal a lot of information about any IP address.

As seen in our WHOIS History article, the WHOIS command dates back to the time of ARPANET, and its development has continued to the present day.

When you use WHOIS to perform an IP lookup, your host will try to pick the right WHOIS database server to ask for the information you need. Other times, it will connect to whois.networksolutions.com for NIC handles, or to ARIN at whois.arin.net when you need to perform network and IPv4 lookups.

While it can also be used to fetch domain information, we’ll use it this time to fetch IP information.

The syntax is pretty simple:

whois XX.XX.XX.XX

Output example against Cloudflare’s 1.1.1.1 IP address:

As you see, this tool gave us a few important details about the IP address, such as the network source (APNIC), the AS number (AS13335), INET number (1.1.1.0 - 1.1.1.255), description of the network (APNIC and Cloudflare DNS Resolver project / Routed globally by AS13335/Cloudflare), abuse email address ([email protected] / [email protected]), as well as the full mail address (6 Cordelia St, PO Box 3646, South Brisbane, QLD 4101 - Australia).

Nmap

Local

You’re reading this correctly: Nmap is not only one of the best network mappers and port scanners around, it’s also a useful utility when it comes to IP lookups.

By using Nmap with its powerful NSE scripts, you can also run any IP WHOIS lookup.

The whois-ip NSE script queries the Regional Internet Registries (RIR) WHOIS databases and tries to fetch as much information as possible about the target, such as inetnum, inetname, description, country, organization name and associated email address.

nmap target --script whois-ip

Expected output:

BgpView

Local

BGPView allows any visitor to perform network and IP lookups using a web-based interface, or an API, to view details about IP addresses, ASN, prefix or any resource name on the Internet.

When it comes specifically to IP lookups (in this case bgpview.io/ip/1.1.1.1), it can reveal a lot of information (similar to the whois command), but a handy feature with this tool is its rDNS lookup, and the ability to cross data and jump into related network data such as AS (bgpview.io/asn/13335) or explore the full IP range (1.1.1.0/24).

Historical IP Lookup

Nowadays, network, domain and IP history are critical for investigating any infosec incident, offering the information needed to expose useful information such as where the domain was hosted, technical and personal details about the person involved, where the web servers were hosted, or what MX servers were used to send an email.

SecurityTrails IP History is one of the easiest ways you can perform a historical IP lookup. You can do it by using our web-based interface, or by API. Let’s see two practical examples of how you can perform a simple IP lookup.

  • Move to SecurityTrails.com
  • Enter your domain name, and press Search.

In less than a second, you’ll have the full IP lookup with all the IPV4 records found for that server, including domain name, Alexa rank, web hosting provider and email provider.

One of our tool’s handiest features is the IP neighbors function, which lets you find all the neighbors hosted on the same IP address ordered by IP range and number of sites hosted.

By using our API you can accomplish the same results. Our API supports a wide range of programming languages and integrations, but for this quick example we will launch a query against our database using the old terminal-based curl utility:

Expected output will show something like this:

Our Passive DNS API allows you to fully integrate our intelligent cybersecurity database within your own apps, automating the entire OSINT process in just minutes.

Check

How to perform a passive IP lookup

SurfaceBrowser™ is our enterprise-security OSINT tool that allows you to test, access and correlate domain, DNS and IP data-sets in mere seconds.

What Is Local Ip

Chosen by public and private infosec agencies to perform deep and thorough investigations into all cybersecurity aspects of domain names belonging to any company in the world, it’s also a great way to perform IP research.

IP lookup check

To perform an IP lookup check with SurfaceBrowser, you simply need to follow these steps:

Important: if you don’t have a SecurityTrails account with SurfaceBrowser™ enabled, book a demo today with our Sales team! Or sign up for a 7-day trial for only $49.

  • Login to your SecurityTrails account at [securitytrails.com/app/auth/login][account_login]
  • Move to the SurfaceBrowser™ interface: securitytrails.com/app/sb
  • Enter the IP address you wish to explore.
  • Browse the results and pivot between the ASN, IP and domain data links.

As you can see, by using the IP lookup tool you will be able to access IP details such as associated rDNS, ASN number, Organization, Type of Company and IP route. A real-time map of the geographical IP address origin will be displayed as well.

The same applies to IP ranges—you can extract all the intel about any IP range in the world. In the following example, we’re exploring Cloudflare’s range 1.1.1.0/24:

If you click ‘Explore nearby IPs’, you will find many additional IP ranges associated with your initial IP search, letting you find sites hosted on each one of those ranges instantly.

SurfaceBrowser™ also allows you to explore all the hosted domains within any IP address, and find details about every one of them. The filter lets you order results by hostname, Alexa rank, computed company name, registrar, expiry date, creation date, mail and hosting provider.

It’s an easy and efficient way to cross data and pivot between all information extracted from that single IP address.

Reverse IP lookup verification

A PTR record is also known as reverse DNS, or rDNS. Quite simply, it’s the reverse information shown for the A DNS record.

Usually when you analyze an A record, you’ll find that it points to a domain name. On the other hand, a PTR record will map an IP address to a hostname—just the opposite.

PTR records are not only useful for finding data correlation in your infosec research, but also to protect against spammers and malicious domain names that will try to exploit your mail server. Therefore, most popular email providers always check for PTR records by performing domain and IP lookups before accepting any incoming email from external hostnames.

SurfaceBrowser™ has the ability to show you every PTR record from any company domain name in existence.

In this case, while analyzing cloudflare.com, we were able to get all the associated PTR records from each hostname, as well as the IPs responding to that hostname:

And for each one of those PTR records, you’ll be able to find critical information such as open ports and associated IP addresses.

By clicking the right column, all associated IP addresses belonging to that record will be displayed:

Final thoughts

Performing an infosec investigation will always require the use of manual tools (such as ping and dig) when you run isolated tests and tasks. But when you need to accomplish a number of IP lookups, the entire process can become slow and time-consuming.

Fortunately, there’s a solution. By using our daily-updated historical IP database, you’ll be able to avoid using slow manual commands and start fetching results from our API database with your own apps.

Alternatively, SurfaceBrowser™ is a great infosec tool to cross data between your IP lookups, rDNS lookup, open ports, domain and DNS information in an instant.

Get your free API account today, or book a SurfaceBrowser™ demo with our sales team so you can get a deep IP lookup approach against any IP address and domain name in the world!

Esteban is a seasoned security researcher and cybersecurity specialist with over 15 years of experience. Since joining SecurityTrails in 2017 he’s been our go-to for technical server security and source intelligence info.

Get the best cybersec research, news, tools,
and interviews with industry leaders