How To Trace A Hacker
I discovered a nice beginner's tutorial that explains how you can trace people that try to break into your computer system. It covers lots of explanations to questions like "How do these people find their victims" and "What doe the terms TCP/UDP actually mean".
It explains the netstat command which shows all connections to your computer and how to find out which connections may be malicious or dangerous and which are not. After that the tracert command is explained which you can use to trace connections. Finally it gives information on dns, how to lookup an ip and get the host of the connection.
It's a useful tutorial that everyone who has none or only rudimentary knowledge about the discussed topics should read through to get a basic understanding. It does not explain proxies which most hackers nowadays use. A tracert would lead to the proxy but not to the IP address of the hacker.
Here are the most important steps that you need to undertake to trace hackers or other attackers:
- Open the command line (for instance with the hotkey windows-r, typing cmd and tapping on the enter key), and run the command netstat -a there. This displayed all active connections of your computer. Then run netstat -an so that you get both hostnames and IP addresses.
- Now that you know the IP address, you can use the tracert command to trace the IP address or hostname from your computer to the computer that is used to make the connection.
- The information provided here can give you information about the Internet Service Provider or server that the hacker uses. Keep in mind that this can be a proxy server or VPN, or even another hacked computer.
Steps that you can undertake from here are to try and contact the abuse department if it is an IP or server, for instance by trying the email abuse@hostname.Advertisement