- From: <D.White@mcs.surrey.ac.uk>
- Date: Wed, 12 Mar 1997 21:23:21 +0000
- To: www-talk@w3.org
- cc: D.White@mcs.surrey.ac.uk
Hi all,
Does anyone have any ideas on how to find country or geographical info or
timezone info for an arbitrary domain name or IP address?
I'm trying to see if it's possible to perform a timezone-based analysis of
our Web server logs, to see the distribution of accesses by timezone (and
hence country). The Web server logs record either the IP address or the
FQDN of the requesting machine. I've already assumed that I can look at
FQDNs with country codes at the end, and use that to determine which country
the machine's in.
First question: does anyone know where to find the official country code
listings, and how to relate these to timezone, ie. GMT+n?
However, many FQDNs fall into the categories of .com, .edu, .gov etc, and
unfortunately these do not necessarily imply being in the USA. Many UK
companies have registered themselves in the .com domain rather than the .co.uk
domain (and I'm sure the same is true of many other domains).
Also, many machines don't even HAVE FQDNs at all - just IP addresses.
So, I find myself in need of, at base, a mechanism to identify the timezone
from an IP address. Now, I know this may not always be possible in the extreme
case of a portable computer moving between timezones, but that is a pretty
extreme case!
I've been discussing this with my colleagues, and we've come up with the
following possible approaches. None are guaranteed to work in all cases,
but together they might make an impact on all the .com, .edu and numeric IP
addresses in typical Web access logs!
1). make a daytime or time service request via telnet or similar libraries
(eg expect or Perl Net:: libraries)
Problem: This would only work on machines running a time service. Mainly only
Unix machines, we suspect! We further suspect that most Unix machines would
be DNS registered.. Still, this might work to prove that many .com and .edu
machines were really in the USA.
2). try locating a nearby mail server using MX records in the DNS, talk to
it and see if it puts the current time of day into the first 220 response
(many do).
Problem: this will only work if we can find a nearby mail server - this may
help with many .com and .edu addresses. But how do you find a machine nearby
to an IP address?
3). Try replacing the last octet of the IP address with special values such as
1, 2, 3.. and ping each one and then try approaches (1) and (2) on them!
Problem: totally hit and miss.
4). Use a tool like traceroute to see where the packets go, and try contacting
machines topologically close to the destination, applying techniques (1)
and (2) on them..
Problem: most intermediate hardware are routers, not computers! Also,
topologically close ain't necessarily physically close!
All these approaches are heuristics. Does anyone know any more definitive
mechanisms (or better heuristics!)? Or should I forget the whole idea of
analyzing the past, and maybe set up a form to ask people (with the problems
of self-selection and randomness in sampling that causes)?
Unfortunately, the DNS doesn't seem to have any such info - it was my first
idea! I've been trawling the InterNIC Web site (http://rs.internic.net/)
for several hours now, just in case they maintained a master list of
IP addresses (class A, B and C, etc) -> country code/timezone..
cheers,
duncan
------------------------------------------------------------------------------
Duncan C. White, Senior Computing Officer, Dept of Maths and Computing Science,
University of Surrey, Guildford, Surrey GU2 5XH, UK.
Email: D.White@mcs.surrey.ac.uk Phone: +441 483 259632
URL: http://www.mcs.surrey.ac.uk/showstaff?D.White Fax: +441 483 259385
PGPkey: http://www.mcs.surrey.ac.uk/Personal/D.White/pgpkey.html
Key fingerprint = 91 93 0D 90 D0 5E 62 BF 57 39 08 56 43 FC E5 C8
------------------------------------------------------------------------------
"After all, this is a species whose principal means of population control are
famine, abortion, a high infant death rate and war."
Intervention (page 442) - Julian May
------------------------------------------------------------------------------
Received on Wednesday, 12 March 1997 16:49:27 UTC