Find Article by Date
Mon, 26 Jul 1999

JP/Try 'NeoTrace' and feel like an FBI agent tracing criminals

Try 'NeoTrace' and feel like an FBI agent tracing criminals

By Lim Tri Santosa

BANDUNG (JP): Have you ever seen Sandra Bullock's movie The Net? Bullock was chased by bad guys who traced down her address after she received important information from someone over the Internet.

David Smith, the creator of Melissa, a sneaky e-mail virus which invaded thousands of computers last March, was arrested at his home in New Jersey by the FBI after a one-week roller-coaster Internet hunt. The last saga is a Taiwanese programmer who spread the deadly CIH virus and was arrested by Interpol, using the same method. The route could be traced.

Here's another different experience that you might have encountered. You logged onto the Internet and were unable to go to a particular site. You called technical support and they told you that it was not your fault or theirs, but you are still curious as to what the problem was.

All traffic on the Internet is made up of packets of data that travel between multiple computers or nodes from their destination to their source. The path that these packets traverse is called the route. The structure of the Internet has a long history and many aspects of it are a result of the evolution it has made from the original network into the global data infrastructure it is today.

One of these aspects is that there is no single route between any two distantly spaced nodes. Another aspect is that you are at the mercy of the intervening route for the performance of your traffic.

Here I would like to introduce software called NeoTrace, a very popular graphical route trace program for detecting network problems and finding net information. For your information, FBI uses NeoTrace for their agents as a favored investigative tool. NATO, U.S. Customs, the Royal Canadian Mounted Police and Interpol are also customers.

Worldwide Cyberhunting

NeoTrace is available to individual users as "shareware", and if you use it Neoworx encourages you to register it. If you use it for commercial purposes you are required to register it. You can download it at http://www.neoworx.com.

NeoTrace is a cool program that allows the user to chart an actual geographic path to servers on the Internet. The program traces and "pings" a web site and analyzes how data packets are transported between your computer and the target computer.

This program further breaks down the veil of anonymity that currently covers the Internet. NeoTrace can also be used as a tool to sleuth a failure at your ISP or some other point on the Internet.

It can help you monitor your real performance, not just your connection speed. It will also provide useful information about the owners of a site: company name and address, domain name, technical/administrative contact information, when the information was last updated and Domain Name System (DNS) info.

There are two neat utilities used to track down the connections between your computer and the computer that you are trying to reach on the Internet. The utilities are Ping and Tracert (Trace Route). Ping will tell you if the computer is responding and Tracert will find exactly where the problem is if you can't get that web page you need.

To better explain what a "ping" is, suppose that you live in Jakarta and you call one of your friends in Los Angeles. If your friend stays silent for some time, you ask, "Are you there?", and your friend should reply with, "I'm here!". That is a human-to- human "ping".

The ping command is very similar for two computers. All you are going to do is ask the other computer if it is still there. Tracert does just that. It traces the route that it takes to get to the computer you are trying to reach. This utility shows you each router your packets cross when trying to reach your destination.

NeoTrace is surprisingly fast. It runs through its entire process in just a half minute and uses various sound effects to inform you of its progress.

The interface displays a complete world map, which is great for the visual analysis of data transfers. An interface that graphically displays the hops and a zoom-able map of the world is designed to show the actual route according to the destination. Use it as easily as starting the application and typing in a web address to check.

Targeting The Jakarta Post home page at http://www.thejakartapost.com, I hit the "Trace" button. The trace began immediately, I heard a series of sounds and the display began updating with information. It seemed a bit confusing at first. Eventually, the sounds will give you instant feedback on how a trace is progressing and the display will make perfect sense.

Assuming the trace was completed successfully, I saw a series of nodes starting with my computer and ending with the target computer. Moving the mouse over each node will reveal a tool-tip type box listing more details about the node.

The icons used to represent nodes have several meanings. They are intended to convey the type or location of node and the relative speed or latency of traffic to that site. Then, right click on any node to reveal a pop-up menu with further options for detailed information or action.

Clicking on "Who's Details", I got detailed information on the name of the person in charge of technical/administrative matters, including his phone/fax number, e-mail address, the registrant of TheJakartaPost.com, when the database was last updated, and the street address.

What surprised me was the geographic location of the server, revealed at 6.160 degrees south and 106.830 degrees east, including the response time of the server, and the Internet Protocol (IP) address of the server. The IP address revealed further that the street address is not The Jakarta Post building, but another company who runs the business as an Internet Service Provider. It gave me more than enough information.

Indonesian law enforcement could use this software as an introduction lesson to their members to track down illegal Internet activities in the country, like Internet sex offenders who spread indecent pornographic material.

The police have occasionally raided the Glodok market, but it still remains a safe haven for pirated and "hot" VCD vendors. The Internet jungle is bigger than the Glodok market, thus law enforcers should be responsible for monitoring it.

If you are looking for a handy utility to trace the connections between computers on the Internet or just curious about where that spammer sends out those informative "get rich quick" message from, NeoTrace deserves your attention. Try it, and feel like an FBI agent hunting down a culprit.