We are getting alerts from our firewall about some suspicious activity coming from a certain IP. Is there a way to root out the location of that IP?

From doing a tracert, I've gotten to a mn.rr.com which I assume is a road runner home user in Minnesota. Is there any way to get more information?

Since we have no dealings with home users, especially in Minnesota, I want to dig into this as far as I can.:cool:

Neotrace trial version (http://downloads-zdnet.com.com/3000-2172-7139158.html)

Pretty maps too!

after you find out who they are, you can report them to roadrunner. If nothing is done to stop them by rr you might want to discourage them from trying their luck on you. Here is a good book (http://www.amazon.com/exec/obidos/tg/detail/-/0130332739/qid=1030560209/sr=1-4/ref=sr_1_4/102-9661025-9204115?v=glance&s=books) to help you out

I like that program, but I need to figure out a way to allow the program to work through our firewall. It's not allowing it out of our network. I may have to attach a seperate lone workstation outside the firewall for these issues.

I work for a bank, and if RR doesn't want to do anything about it, I'm sure the legal dept. would love to get their claws into the situation.:flame:

I think you may find NeoTrace very user friendly and has an excellent GUI.

I've used it in the past and liked the mapping function a lot.

You may also want to try Sam Spade (http://www.samspade.org/). There's an online version and a downloadable Windows version.

Umm in this case just report the ip w/ logs of the attempts to abuse@rr.com If the logs actually show anything worth while they wont hesitate to take action.

Has anyone used the WHOIS tools on GeekTools (http://www.geektools.com) is very fast, and browser neutral, many other nice tools abound on this page :D

road runner is a cable ISP..

It'd be interesting to see .. I live in Minnesota, but I don't use cable....mine is DSL

If you need any minnesota help.. let me know in a PM or something. I know a few things about security..