Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 36

Thread: IP address leads to arrest??

  1. #11
    Senior Member
    Join Date
    Mar 2004
    Posts
    119
    When you are assigned an IP address by your ISP it does pinpoint you to a geographical location as they know what end node was assigned that ip address. The then cross reference that with their accounting database and they have your address.

  2. #12
    @ÞΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,705
    Quote Originally Posted by Net2Infinity
    When you are assigned an IP address by your ISP it does pinpoint you to a geographical location as they know what end node was assigned that ip address. The then cross reference that with their accounting database and they have your address.
    Dumbass.

    The IP still does not identify you geographically.

    It is no different than a phone number... just because you can look up the address it goes to, does not mean that there is any relation between the address and the assigned phone number, short of a very general location.
    Real security doesn't come with an installer.

  3. #13
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    every mail sent ( by any computer using whether an pc or laptop , using either lan,internet connection or wireless connection) has an ip address i.e. from which ip address it is origianting or sent to any body.
    from this ip address one can find out the exact location of the ip address.
    as all ip address are registered.
    That is correct

    When you are assigned an IP address by your ISP it does pinpoint you to a geographical location as they know what end node was assigned that ip address. The then cross reference that with their accounting database and they have your address.
    That is also correct

    However, both premises are oversimplifications, as they are only a partial view of the real World of the internet.

    In the first proposition, it is true that the contact can be resolved to the IP, but that will normally only get you as far as the provider (ISP). You would need access to the ISP's logs and other records to get any further.

    So, this (the ISP logs) will get you as far as a compromised machine, a wireless hotspot, a public library............... but no idea of the identity of the user at that point in time.

    In the second proposition, there is an underlying assumption that the ISP actually "knows" the user.

    Certainly, they will know who the provided the service and IP address to, at that point in time, but how useful is that?.

    1. Compromised computer
    2. Stolen identity
    3. Free wireless node
    4. Unsecured wireless node
    5. Public Libraries
    6. False name and address to open a genuine account
    7. Internet cafe
    8. Anonymous proxy
    9. Webmail providers
    10. Anonymous mailers

    and so on........................ sure they all point to somebody, but to who? ......... not the person who actually did it
    Last edited by nihil; October 9th, 2007 at 10:14 AM.

  4. #14
    @ÞΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,705
    Nihil, there is still a critical distinction between being able to pinpoint a geographic location from an IP, and being able to subpeona some records as to what physical location recieved that IP.

    THe fact of the matter is, the IP does not resolve to anything more than a very general area, if that is even correct. The fact that you can get ISP records to match it with a physical location is another matter entirely, that has nothing to do with the addressing scheme.

    Not clarifying this, only perpetuates the myth that an IP is some "magicaL" address that needs to be kept "secret" at all costs. It is simply a network address... nothing more, nothing less.
    Real security doesn't come with an installer.

  5. #15
    Senior Member
    Join Date
    Mar 2004
    Posts
    119
    Quote Originally Posted by D0pp139an93r

    Dumbass.

    The IP still does not identify you geographically.

    It is no different than a phone number... just because you can look up the address it goes to, does not mean that there is any relation between the address and the assigned phone number, short of a very general location.

    How does this make me a dumbass? Heck you agreed that I was right ... lol.

    You are correct that people shouldn't perceive an IP address as a guarded secret.

  6. #16
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Nihil, there is still a critical distinction between being able to pinpoint a geographic location from an IP, and being able to subpeona some records as to what physical location recieved that IP.
    That is exactly the point I was trying to support your argument on. The first poster was talking about the first point and the second about the records trail? Obviously they are separate concepts, though might be connected, given the right circumstances?

    Let's try some examples that people can look at for themselves? [ Sorry for those who know all this, but we do have students, newcomers to the subject, and the like who might benefit from developing this discussion a bit further]

    My provider is BritishTelecom, I guess they are the largest in the UK. As my profile states I live in Bridlington............. that is on the bit to the left of this post, and in my profile.

    It is a town of about 32,000 on the East Coast of Northern England (about half way up, and on the right, to our putative US Army types )

    My IP address is : 81.152.9.99

    Now, just go check that:

    Here are some links to tools and resources:

    http://www.dnsstuff.com/

    http://samspade.org/

    Then look at a map of the UK

    //aside

    Any good links to lookup facilities that are current, folks? //


    EXAMPLE #2

    Try checking an AOL account e-mail. Because of their network architecture, you will be sent to one of their switching centres. No locational relevance; as they seem to use some sort of load balancing system (well that is a little while back, but the architecture is still there)

    EXAMPLE#3

    Road Runner........... (beep! beep!) that resolves to Virginia try it folks................

    I am sure that fellow members will provide other examples?

    Hey, Doppy, I guess this thread is talkin its way into "Forensics"?

  7. #17
    @ÞΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,705
    Quote Originally Posted by Net2Infinity
    How does this make me a dumbass? Heck you agreed that I was right ... lol.

    You are correct that people shouldn't perceive an IP address as a guarded secret.
    I did not agree with you.


    Nihil... I've seen IPs resolve to completely different continents. :P
    Real security doesn't come with an installer.

  8. #18
    Senior Member
    Join Date
    Mar 2004
    Posts
    119
    You agreed you can determine a physical address based on subpoenaing the ISP records for an IP address.

  9. #19
    @ÞΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,705
    Quote Originally Posted by Net2Infinity
    You agreed you can determine a physical address based on subpoenaing the ISP records for an IP address.
    You have to subpeona the records because the IP does not correspond to a geographic location.
    Real security doesn't come with an installer.

  10. #20
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Nihil... I've seen IPs resolve to completely different continents. :P
    Oh yes! ........... sometimes mine will resolve to Fernando del Rey (California?) which must be at least 6,000 miles away

    Another thing to consider is the ISP's architecture and modus operandi. The closest you would get to me is about 70 miles, as that is the nearest "node", but a lot of ISPs have some sort of load balancing, so you don't always get connected to the same node.

    You have to subpeona the records because the IP does not correspond to a geographic location.
    Yes, the point I would make is that although you appear to get a geographic location, it is actually an administrative address belonging to the ISP, and NOT the user.

    Basically, the internet was designed for communication, rather than traceability. In that respect it is rather like snail mail........... you can initially tell the sorting office that processed the item, but that is all.

Similar Threads

  1. MAC Address and ARP Spoofing v1.3 by stevecronin
    By stevecronin in forum The Security Tutorials Forum
    Replies: 5
    Last Post: January 5th, 2005, 03:51 AM
  2. the anonymity tutorial
    By hot_guy in forum AntiOnline's General Chit Chat
    Replies: 3
    Last Post: August 2nd, 2003, 02:18 PM
  3. PING - What happens?
    By variable_node in forum Other Tutorials Forum
    Replies: 0
    Last Post: January 31st, 2003, 07:43 PM
  4. Newbies, list of many words definitions.
    By -DaRK-RaiDeR- in forum Newbie Security Questions
    Replies: 9
    Last Post: December 14th, 2002, 08:38 PM
  5. Anonymoity Tutorial
    By ac1dsp3ctrum in forum The Security Tutorials Forum
    Replies: 8
    Last Post: February 13th, 2002, 12:36 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •