info from URL

Given a website URL, what's the best way to find out all the information
about:

- where the site is hosted, either internally by the company or by a hosting
company, webfarm, etc,
- platform and server
- contact information

I'm taking over the care of a website and the person I'm replacing is not
available so I need to learn everything I can about it on my own, and
contact the hosting company (if applicable) and change the passwords.

Thanks in advance,
Dave

In article <6MP5f.11138$H3.752@twister.nyc.rr.com>,
David Arden Stevensonn <dfgkkdfjgddfgd@gmail.com> wrote:
:Given a website URL, what's the best way to find out all the information
:about:

:- where the site is hosted, either internally by the company or by a hosting
:company, webfarm, etc,

nslookup or dig to find the IP address(es) associated with the URL.

telnet to port 80 of the IP, issue a GET request with a Host: header
and manually examine the top of the output to determine whether there
is redirect header or HTML meta redirect header sending you to another
site. If so, loop back the process applying to that site.

When you have found the site that gives meaningful content for the URL,
then look at the IP address and see if you recognize it as being
part of your company. If not, use whois or equivilent tool to find out
who that IP block belongs to.

If you are *sure* that the IP belongs to your company, or if you
are sure that your company is renting dedicated server space (no-one
else's web site on the same machine), then you can use nmap to probe
to find out more about the machine... if it isn't sufficiently firewalled
to prevent that.

You can examine the headers returned when you telnet'd to the appropriate
location, as they will often indicate which server software and possibly
even what kind of platform.

If the IP block doesn't belong to you or might be shared, look at
the Technical Contact information returned by whois and write a message
to that contact.

Write a message to webmaster at your site.

If you track down a hosting company but can't figure out who the
official contact is within your organization, contact the hosting
company and ask what to do. They might tell you to send a letter on
company letterhead... but at least then you'd know the procedure.
--
Chocolate is "more than a food but less than a drug" -- RJ Huxtable

thank you thats helpful.

> If you are *sure* that the IP belongs to your company, or if you
> are sure that your company is renting dedicated server space (no-one
> else's web site on the same machine), then you can use nmap to probe
> to find out more about the machine... if it isn't sufficiently firewalled
> to prevent that.

If I do a whois on the URL or IP, the name servers listed are at the same
top level domain as the url. example:

the url is:
www.mycompany.com

the name servers listed in the network solutions whois are
ns1.mycompany.com
ns2.mycompany.com
ns3.mycompany.com


The thing is the ARIN information for the IP of www.mycompany.com lists
different name servers (from Verio). Also the IP of www.mycompany.com
doesn't seem to be related (first 3 numbers are different) to the name
server IPs.

what if anything does this indicate? Is the site hosted where the name
servers are or is it at verio? or is it not possible to tell?

TIA,
Dave

In article <03Q6f.18671$h25.11789@news-wrt-01.rdc-nyc.rr.com>,
"David Arden Stevensonn" <dfgkkdfjgddfgd@gmail.com> wrote:
> The thing is the ARIN information for the IP of www.mycompany.com lists
> different name servers (from Verio). Also the IP of www.mycompany.com
> doesn't seem to be related (first 3 numbers are different) to the name
> server IPs.

See the answer I posted to the identical question you posted in
comp.protocols.tcp-ip. In the future, if you *must* post to two groups,
cross-post properly (by listing both groups in the Newsgroups: line)
rather than posting separately to each group.

This question doesn't really seem security-related, so I question
whether it was appropriate to post to both groups in the first place.

--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***