How to get user location using real IP

Question

I recently heard this question:

Can some guys track u using your IP address (what if this guy has access to ISP)?

And I can't find an answer to this question.

Because, I think 99% of people who use the Internet have dynamic IPs. So, the only thing that a person can do is somehow get your IP address even if you are behind a proxy (which is simply possible, as you know). By getting this IP, they have your dynamic address and they could do some DNS-lookup to find out who is your IP provider.

Now I have 2 question:

is it possible to get some information from user to detect user location?
if a government like north Korea gets a user's Dynamic address, what does this government need to go to the ISP and say: "We need the user who was in your **.**.**... IP address?"

I mean what the ISP needs to tell you, the user you who was in an IP address and you want him is: That Guy.

I think it is not OK for an ISP to give governments user info, but I want to find a complete answer for this question for once.

I know there is Geo-location API from HTML 5, but Geo-location show some dialog, and at least we are safe and happy for this.

my question is different because i want to know what if the our guy have assess to the IPS servers as well, in this case what is the information our guys need to do this. @SteffenUllrich — Milad Na, Jan 02 '17 at 08:59
If the IP address is a assigned to a home user the ISP has the location of the home. But the user can still be outside the home and using only a VPN to connect back. — Steffen Ullrich, Jan 02 '17 at 09:02
NO, LOOK, ISP have a lot of user on a dynamic IP, so, even if have this IP u cant go to the ISP and say: can i get to know who was the man on this IP, ISP need more info to detect exact user. @SteffenUllrich — Milad Na, Jan 02 '17 at 09:04
The ISP has a mapping between the IP and the user since the ISP has given the IP to this specific user when the user connects with the ISP. Thus the ISP itself only needs the IP address to find out the account and home address but again this does not mean that the user is currently at this location. — Steffen Ullrich, Jan 02 '17 at 09:06
@MiladNa you can only have one home per IP. Sure that IP might swap homes at some point, but given a time and an IP, the ISP knows exactly who had that IP. — schroeder, Jan 02 '17 at 09:09
so, what are u saying is, if my IP is in this clock: 17:9:45 sec is 1.1.1.1.2 (for example), i am the only one who have this IP and if ISP know the exact time, witch in that time i have the mentioned dynamic IP address, so they can tell me who is the man? if your answer is yes, what is the smallest time unit that an IP change? @schroeder — Milad Na, Jan 02 '17 at 09:50
i get what is your point, but it could be my GPRS. (my phone internet connection by sim card)@SteffenUllrich — Milad Na, Jan 02 '17 at 09:52
@MiladNa IPs can rotate every 24hrs or remain until the home's router is rebooted. I can't tell you what every ISP on the planet might do. Cell networks might give you a new IP when you change zones. — schroeder, Jan 02 '17 at 09:55
Some ISP's also do double NAT'ing which makes life a bit harder though the same principal applies, the ISP knows how to route traffic to your designated router/gateway device at any point in time. — Julian Knight, Jan 02 '17 at 15:17

score 1 · Answer 1 · edited Mar 20 '17 at 10:18

OK, I'll bite as this question seems slightly different from the previous one.

is it possible to get some information from user to detect user location?

Yes, the most accurate will be from dedicated commercial tracking companies that use various datasets to match your computer to your real identity and location. This is mentioned in the question that Steffen links to.

A slight caveat is that if you are on an ISP the uses double-NATing, your IP address alone is not sufficiently unique. If your ISP tells you that you cannot run a home server at all, that is one indication of them double-NATing. Of course, as most ISP's use some form of dynamic IPv4 allocation, again, IP address alone may be insufficiently accurate without knowing what specific time you are interested in.

Note that the browser itself may leak information about your location too. For example, my default browser is set to accept en-GB by default by which you can imply that I am in the UK (unless I'm travelling!).

if a government like north Korea gets a user's Dynamic address, what does this government need to go to the ISP and say: "We need the user who was in your ..**... IP address?"

"The ISP"? Which ISP? Or rather, where are they based. If NK came to my ISP and asked about my location, the ISP would probably chuckle, print the request and stick it on the wall as a souvenir and let the UK government know. ;-)

If there is such a thing as an ISP in NK, I would imagine they would have no problem at all getting the exact details of location and person as long as they knew what time they wanted an answer for.

score 0 · Answer 2 · edited Jan 02 '17 at 17:30

Spoofing an IP is fine within the local LAN, but not usually effective out in the real world because at some point one must utilize an ISP to get onto the backbone.

ShieldsUp from www.grc.com shows what IP information you are showing to the rest of the world. Using the IP address you can certainly find the ISP, whether it be Cox cable, McDonalds, Starbucks, whatever.

When it comes to spoofing, most newbys will think spoofing their MAC address is the way to hide. However, to really find an individual what you want to do is go through server logs and look at their browser fingerprint. It tends to be a fairly unique mix of headers including browser type, plugins, fonts and version numbers, and more. There is even a hash for the version of WebGL.

panopticlick.eff.org will show you an example of what to look for in the logs.

Then no matter what IP the computer is used on, you can tell with some degree of confidence that it is the same one.

Of course, this can be spoofed as well.

If it is a law enforcement issue, such as a direct threat to life or property, you can bet the ISP will cough up all they have on a particular user upon receipt of a court order (even a restraining order).

How to get user location using real IP

2 Answers2