Spam tracing tools

• Common to most OSes
• Unix/Linux
• Windows 95/98/NT
• Windows 3
• Macintosh

Common to most OSes

telnet

If you have telnet you can do a lot

Need to check for an open SMTP port? Check here for full instructions.

Need whois? telnet whois.internic.net 43 and type the domain you want to check

Need to check for an open NNTP server? telnet news.wherever.org 119 - if it gives a 200 response it allows posting

Need to grab a webpage at http://wherever.com/whatever/what.html? telnet wherever.com 80 and type GET /whatever/what.html

Been mailbombed? telnet your.pop.server 110 then enter

USER your_username

+OK

PASS your_password

+OK

LIST

mailbox listing, with message-number/message-length pairs

TOP message-number 5

headers and first 5 lines of body for the given message

DELE message-number

Delete the given message (repeat as necessary)

QUIT

Commit deletes and finish

You can also enter RSET to undo all the deletes

ping

See if a remote machine is alive - not foolproof as some outfits block ping at their routers. If you think they're doing that try telnetting to port 80 (web server) instead...

whois

Asks one of the national registries about a registered domain or netblock. See Bill Mattocks whois tutorial first, then take a look at this one

nslookup

Map a machine name to an IP address or vice-versa. See the tutorial for more details

traceroute

Or tracert as some systems call it

Find out how your packets get to a system. Again some outfits block traceroutes through their systems.

UNIX

dig

The all-singing, all-dancing DNS query hack.

host

An evolution of nslookup and dig

perl

perl is the sysadmins friend. With its stupidly powerful pattern matching, good network support and good selection of perl5 modules supporting various net protocols it's the swiss-army chainsaw of 'net tools

strobe

Scans a machine looking for available services

Windows 95 / NT4

Cyberkit

It's a nice lightweight whois / nslookup / ping / traceroute tool. Postcardware

Sam Spade/Personal

Freeware. It provides nslookup, dig, ping, traceroute, whois, ip block checks, smtp port probing, port scanning, automagic header analysis, usenet cancel checking, a web browser/crawler and a few other things.

NetLab

Another finger / whois / ping / traceroute / nslookup / portscan tool. Freeware.

WS_Ping ProPack

Ping / Traceroute / nslookup / finger / whois / LDAP / portscan / SNMP / WinNet. US$25

AGNetTools

ping / traceroute / nslookup / finger / whois / portscan. Freeware.

NetScanTools

nslookup, finger, ping, tracert, whois, socket analyser, daytime check, qotd check, echo, and time sync. US$25

Windows 3.*

Macintosh

MacTCP Watcher

ping / traceroute / nslookup. Shareware US$10

WhatRoute

ping / traceroute / dig. Requires OpenTransport. Freeware.

AGNetTools

ping / traceroute / nslookup / finger / whois / portscan. Requires OpenTransport. Freeware.

IPNetMonitor

ping / traceroute / nslookup / whois. US$20

BetterTelnet

A freeware, GPLed telnet

Other