OT - How to find ISP from an IP address?

[IndyJaws]

I got into work this morning to discover that an employee had got a hold of his manager's e-mail password and sent a very hateful, vulgar message to much of the company. If I get the IP address from the e-mail Internet header, how do I trace that back to the ISP?

Also, would the ISP give me account information on the individual that sent the e-mail (just need account holder's name) and would they close their account based on their TOS?

Thanks in advance,
Indy

 

[Jani]

http://www.ripe.net/perl/whois is maybe what you're looking.

 

[minendo]

Neotrace will do it too. Good luck in catching that fool.

 

[micron]

I use http://www.arin.net/whois

 

[DnetMHZ]

http://www.samspade.org/ssw/

DnetMHZ

 

[IndyJaws]

Thanks for the advice everyone!

I got an emergency page at 4:45 this morning and my brain has never recovered...didn't think about tracert until after I posted the message, so I used that and was able to find what I was looking for as well.

I'll save the links for future usage.

 

[Lithium381]

did you catch the guy? Whats the punishment for that sort of thing?

 

[IndyJaws]

As it turns out, the person had been fired yesterday. The obscenity-laced diatribe (and that's the big word for today, kids - diatribe ) was aimed at the district manager that fired him. We traced the IP back to the ISP, who confirmed his identity and promptly closed his account.

Chalk one up for the good guys!