There are many aspects to web security. You can hardly move for apps that automate online protection and safeguard your identity, for instance. But one area that gets less attention is IP-address tracing.
If you happen across a suspect website or receive a dodgy-sounding email, it’s possible to turn detective and find out where the company behind it is located. This information is stored in the IP address.
To trace the IP address of a web domain, such as pcadvisor.co.uk, go to Start, Run and type cmd. In the command prompt that pops up, type tracert, followed by the domain name.
Tracert will track all stages of connection between you and the website, then provide a final line that includes its IP address. Use this to check the location of the server by using ip-adress.com or visualroute.visualware.com.
The ease with which you can locate an IP address for an email depends on the program you’re using. Information is stored in an email header. Some mail clients display this clearly; others hide it away for your ‘convenience’. We’ll show exactly where to find it.
We’ll also be looking at ForceField, a new security product from the makers of ZoneAlarm. While ZoneAlarm is a front-line defence to prevent dangers making it into your network, ForceField prevents any hazards that do manage to sneak in from making changes to your PC.
ForceField creates a virtual drive. Any data from potentially malicious websites is stored in a cloned version of your hard drive, preventing it from causing harm to your actual system.
In addition, the software protects against keyloggers and spyware, adds an antiphishing filter and checks the credentials of every site you visit. ForceField will also prevent potentially dangerous downloads from occurring.
Locate the source of an email
1. In order to trace the IP address of an email, you’ll need to reveal the header of the message, which is usually hidden by an email client. The method for doing this varies between email and webmail clients. In Gmail, click the arrow next to Reply in a message and select ‘Show original’.
2. Some applications display the header above the main message; Gmail opens it as a separate text document. To find the IP address of the message sender, locate the section beginning ‘Received: from’ and look for a series of four sets of numbers separated by full stops, such as 192.168.2.1.
3. To find the physical location of the server from which the mail was sent, use a tracer program such as VisualRoute. There are various versions you can download, including the free Lite. Alternatively, you can run the program through a Java applet on the main site.
4. This applet is in the bottom half of the screen. In the field next to ‘Test Internet Connectivity & Trace IP Addresses’, enter the IP address you wish to trace and perform a connection test to either the VisualRoute server or your computer. When you’ve entered your address, click Start.
5. The trace will take some time to complete, since it follows the various connections between you and the mail server from which the message was sent. The program also monitors the efficiency of the connection. At the end of the process, you’ll see a visual link to the source on the map displayed in the main window.
6. The free and paid-for versions of the software offer a number of tools to analyse your connection. As well as a zoomed-in map, VisualRoute will display a list of the points between you and the remote IP, and a summary of performance. The paid-for versions offer more details.
Surf in safety with ZoneAlarm ForceField
1. Download and install ForceField. The software adds a new toolbar to your browser, providing information about the site you’re currently visiting. ForceField is easy to use, and you can access everything you need from the three icons pictured.
2. The ZoneAlarm ForceField icon in the top-left corner allows you to bypass ForceField and open an unprotected browser. We wouldn’t recommend this, but occasionally you’ll find that the program’s protection causes conflict with the graphics of certain websites. You can also adjust various settings via this menu.
3. Opening the Settings panel brings up a screen with two tabs. The General tab contains three options and a product-support link. You can select whether ForceField automatically checks for updates and whether it launches at startup (we recommend this), and you can reset warning messages from security hazards.
4. The Advanced tab offers a further three sets of options. The first identifies and protects you from specific web threats such as phishing. The second monitors the potential activity of spyware. The third activates virtualisation, the process whereby ForceField stores temporary files.
5. Returning to the toolbar, select the Protection Activity icon to be notified of any potential threats that have occurred during your time online. These include suspicious sites, spyware- or virus-infected downloads and potentially dangerous data transfers that are stored in the temporary files.
6. If you want to check whether a particular website is safe, click the Site Status icon. As well as a basic thumbs-up or -down rating, ForceField displays information such as when it was registered. If the site has only recently sprung up but claims to be Amazon, you can be fairly sure it’s a spoof.
7. The final icon in the ForceField toolbar, Private Browser, opens a special instance of your web browser that offers greater privacy. When surfing the web during such a session, no record of your online activity – such as browsing history and cookies – is left behind on your computer.
8. It’s easy to distinguish between normal and private browsers, because a message will inform you that nothing from the latter session is recorded. As well as not adding pages to your history or download lists, the program will block all cookies and erase any autofill and autocomplete fields.