Someone messing w/ my Ebay PW

[GrimMan]

It just came to my mind that the perfect place to post my little recent quandry would be AO...so here goes.
Months ago, I get e-mail from Ebay asking me to confirm a password-change request. I say "Um, no" and ignore it...figuring it's a glitch or some random shmo ****ed up.

Last week, I get two more e-mails just like it...
And Ebay was kind enough to give the ISP and IP addy of who tried to change the PW, I compared the 3 mails...and indeedly-doodly: the same IP.
My pw is secure, and changed often...so I'm not concerned...BUT, the principle of the matter is bugging me...
Thus, any suggestions? (I contacted RCN, his ISP, and e-mailed them...but I doubt they'll evenr ead my mail)

Also, if someone could help me figure out his e-mail addy from his IP and ISP, I'd be appreciative...I'd like to drop the culprit a line.
Thanks
-Grim

[lord_darkside_x]

post his ip and isp for us.... i'll see if i can look into it for you.

[GrimMan]

This request was made from:
IP address: 207.172.192.179
ISP host: 207-172-192-179.s433.tnt2.nywnj.ny.dialup.rcn.com

There ya go, that's all Ebay gave me to work with. Other then his general location and the other obvious info, I'm not much at digging up other data.
Thanks,
-Grim

[lord_darkside_x]

no prob.... i'll look into it..... as far as i can tell it's either a cable modem or a dial up. (the company allows both....) the fact that the ip is always the same sounds like cable, but the ip looks like a dial up (they may have exclusive ip's for specific users.... making it easier to track activity)... i'll let you know what i find

[zion1459]

I'll give it a shot... I've traced down quite a few dickhead SKs... It somehow gives me that special feeling of satisfaction... damn I hate crackers!

[Focmaester]

I see that this person uses dial up, maybe he doens't have a solid IP.
Some free ISP's give u another IP every time you log in.

[lord_darkside_x]

no, he uses the same isp.... he did this attack on more then one occassion and it was the same isp.... some of the cable lines use the same setup as dial-ins which is why i leave the option for it to be both... (although it is a really bad set up)

[zion1459]

Registrant:
RCN (RCN5-DOM)
105 Carnegie Center
Princeton, NJ 08540
US

Domain Name: RCN.COM

Administrative Contact:
RCN Terms of Service (ETS3-ORG) abuse@RCN.COM
RCN
7921 Woodruff Court
Springfield, VA 22151
US
703-321-8000
Fax- 703-321-8316
Technical Contact:
Network Operations Center (EROLS-NOC) domreg@RCN.COM
RCN
1 Federal St
Building 111-4L
Springfield, MA 01105
US
(609) 734-3700
Fax- 609-919-8574
Billing Contact:
RCN Accounts Payable (RA470-ORG) domains.admin@RCN.NET
RCN Corporation
ATTN: Donna Farray
506 Carnegie Center
Princeton, NJ 08540
US
(609) 919-5562
Fax- (609) 919-5653

Record last updated on 22-Aug-2001.
Record expires on 01-Jul-2011.
Record created on 30-Jun-1997.
Database last updated on 5-Dec-2001 19:25:00 EST.

Domain servers in listed order:

AUTH1.DNS.RCN.NET 207.172.3.20
AUTH2.DNS.RCN.NET 206.138.112.20
AUTH3.DNS.RCN.NET 207.172.3.21
AUTH4.DNS.RCN.NET 207.172.3.22


all this firm needed to do was to leave the key under the doormat and every1 would using their toilet. I guess contacting the firm would be a good start if u really wanna give the SK some problems... just call 'em and sound very pissed... but don't try to be smart... sound like a very angry but sound stupid... ISPs don't like clever customers...
the only 2 solutions i found to trace the bastard is either wait until his online and do it directly (u need to know when he's online though) or go through RCN's server, but i can't find a legal way to do the latter, so i wont even try that solution....

hope this helps u out.... i only did this whois query, due to my lag of time... i would like to dig deeper but it might be a while before i have that much time on hands.... (what can i say, studying and working doesn't make life easy )

[lord_darkside_x]

yeah, this is basically the best idea so far... until one of us can snag him.... we'll see though

[GrimMan]

Hey, thanks Zion...I agree w/ what you said, and I'm not gonna try and crack into the ISP, so I believe I'll just make a phone call or three and see if I can't get the dude in some trouble.
Heh, if I can just get his e-mail somehow I'll use telnet and send a real official sounding letter froma real official sounding bureau warning him.
Ah well, thanks again man...and everyone else that helped out too.
-Grim