Someone messing w/ my Ebay PW
Results 1 to 10 of 10

Thread: Someone messing w/ my Ebay PW

  1. #1
    Member
    Join Date
    Nov 2001
    Posts
    38

    Cool Someone messing w/ my Ebay PW

    It just came to my mind that the perfect place to post my little recent quandry would be AO...so here goes.
    Months ago, I get e-mail from Ebay asking me to confirm a password-change request. I say "Um, no" and ignore it...figuring it's a glitch or some random shmo ****ed up.

    Last week, I get two more e-mails just like it...
    And Ebay was kind enough to give the ISP and IP addy of who tried to change the PW, I compared the 3 mails...and indeedly-doodly: the same IP.
    My pw is secure, and changed often...so I'm not concerned...BUT, the principle of the matter is bugging me...
    Thus, any suggestions? (I contacted RCN, his ISP, and e-mailed them...but I doubt they'll evenr ead my mail)

    Also, if someone could help me figure out his e-mail addy from his IP and ISP, I'd be appreciative...I'd like to drop the culprit a line.
    Thanks
    -Grim
    Share on Google+

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    681
    post his ip and isp for us.... i'll see if i can look into it for you.
    Share on Google+

  3. #3
    Member
    Join Date
    Nov 2001
    Posts
    38
    This request was made from:
    IP address: 207.172.192.179
    ISP host: 207-172-192-179.s433.tnt2.nywnj.ny.dialup.rcn.com
    There ya go, that's all Ebay gave me to work with. Other then his general location and the other obvious info, I'm not much at digging up other data.
    Thanks,
    -Grim
    Share on Google+

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    681
    no prob.... i'll look into it..... as far as i can tell it's either a cable modem or a dial up. (the company allows both....) the fact that the ip is always the same sounds like cable, but the ip looks like a dial up (they may have exclusive ip's for specific users.... making it easier to track activity)... i'll let you know what i find
    Share on Google+

  5. #5
    Senior Member
    Join Date
    Oct 2001
    Posts
    293
    I'll give it a shot... I've traced down quite a few dickhead SKs... It somehow gives me that special feeling of satisfaction... damn I hate crackers!
    zion1459
    Visit: http://www.cpc-net.org
    \"Software is like sex: it\'s better when it\'s free.\" -Linus Torvalds
    Share on Google+

  6. #6
    Banned
    Join Date
    Oct 2001
    Posts
    590
    I see that this person uses dial up, maybe he doens't have a solid IP.
    Some free ISP's give u another IP every time you log in.
    Share on Google+

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    681
    no, he uses the same isp.... he did this attack on more then one occassion and it was the same isp.... some of the cable lines use the same setup as dial-ins which is why i leave the option for it to be both... (although it is a really bad set up)
    Share on Google+

  8. #8
    Senior Member
    Join Date
    Oct 2001
    Posts
    293

    whois

    Registrant:
    RCN (RCN5-DOM)
    105 Carnegie Center
    Princeton, NJ 08540
    US

    Domain Name: RCN.COM

    Administrative Contact:
    RCN Terms of Service (ETS3-ORG) abuse@RCN.COM
    RCN
    7921 Woodruff Court
    Springfield, VA 22151
    US
    703-321-8000
    Fax- 703-321-8316
    Technical Contact:
    Network Operations Center (EROLS-NOC) domreg@RCN.COM
    RCN
    1 Federal St
    Building 111-4L
    Springfield, MA 01105
    US
    (609) 734-3700
    Fax- 609-919-8574
    Billing Contact:
    RCN Accounts Payable (RA470-ORG) domains.admin@RCN.NET
    RCN Corporation
    ATTN: Donna Farray
    506 Carnegie Center
    Princeton, NJ 08540
    US
    (609) 919-5562
    Fax- (609) 919-5653

    Record last updated on 22-Aug-2001.
    Record expires on 01-Jul-2011.
    Record created on 30-Jun-1997.
    Database last updated on 5-Dec-2001 19:25:00 EST.

    Domain servers in listed order:

    AUTH1.DNS.RCN.NET 207.172.3.20
    AUTH2.DNS.RCN.NET 206.138.112.20
    AUTH3.DNS.RCN.NET 207.172.3.21
    AUTH4.DNS.RCN.NET 207.172.3.22


    all this firm needed to do was to leave the key under the doormat and every1 would using their toilet. I guess contacting the firm would be a good start if u really wanna give the SK some problems... just call 'em and sound very pissed... but don't try to be smart... sound like a very angry but sound stupid... ISPs don't like clever customers...
    the only 2 solutions i found to trace the bastard is either wait until his online and do it directly (u need to know when he's online though) or go through RCN's server, but i can't find a legal way to do the latter, so i wont even try that solution....

    hope this helps u out.... i only did this whois query, due to my lag of time... i would like to dig deeper but it might be a while before i have that much time on hands.... (what can i say, studying and working doesn't make life easy )
    zion1459
    Visit: http://www.cpc-net.org
    \"Software is like sex: it\'s better when it\'s free.\" -Linus Torvalds
    Share on Google+

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    681
    yeah, this is basically the best idea so far... until one of us can snag him.... we'll see though
    Share on Google+

  10. #10
    Member
    Join Date
    Nov 2001
    Posts
    38

    Cool

    Hey, thanks Zion...I agree w/ what you said, and I'm not gonna try and crack into the ISP, so I believe I'll just make a phone call or three and see if I can't get the dude in some trouble.
    Heh, if I can just get his e-mail somehow I'll use telnet and send a real official sounding letter froma real official sounding bureau warning him.
    Ah well, thanks again man...and everyone else that helped out too.
    -Grim
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides