-
March 21st, 2005, 12:45 AM
#1
Junior Member
Need Help: tracking activity via IP address
A threat against me was recently posted online. I have the IP address of the computer as well as the time of the posting. I also have physical access to the computer, however the computer does not require a login in order to use it. Does anyone have any advice on how I could go about identifying the person that made the post? My thought was simply to try to find other activity with the same orginiating IP address at around the same time, but other/better ideas are welcome.
-
March 21st, 2005, 01:40 AM
#2
So someone posted about you and you tracked the IP to a computer you have physical access to? lmfao, well why dont you just wait around and see if he/she comes back to the machine then jump out of your hidding spot and yell "BUSTED!!!!!" that might get them. or take finger prints off the machine and have them matched to someone you know, or even better get DNA, that will get them for sure.
ok seriously, if it has no login, then it could be anyone. Who else has access to the machine? if its just you and a few other people then ask them, if its ALOT of other pople go with one of my first suggestions or give up, your choice. I guess another option would be to look in the history for places visited around the same time. =/
-
March 21st, 2005, 01:57 AM
#3
Junior Member
I have access to the computer because I'm a teacher and the computer is on the school's network. So, do I need any special software to check the history of the machine at a particular time and/or is there a way to check the network activity through a network administrator (they've been only moderately cooperative so far, which is why I'm doing the legwork)?
-
March 21st, 2005, 02:23 AM
#4
nope, to check the history you click on the pretty little button that says history.
and the network admins can view network activity if they have the software, and are willing to do so. but becasue its a school computer chances are youre not going to catch them becasue you cant prove it was them. even if you think you know which one it was you couldnt prove it. unless of course you have a video camera or something watching them.
-
March 21st, 2005, 02:27 AM
#5
A threat against me was recently posted online. I have the IP address of the computer as well as the time of the posting. I also have physical access to the computer, however the computer does not require a login in order to use it. Does anyone have any advice on how I could go about identifying the person that made the post? My thought was simply to try to find other activity with the same orginiating IP address at around the same time, but other/better ideas are welcome.
Why not run the IP address through a WHOIS server? Then you should be able to get the contact information you need. (Considering the system isnt using winsocks, proxy severs, anonymous proxy servers, foregin proxy servers, wingates, spoofing software or any other techniques to spoof there IP address). Threats are a violation of the acceptable use policys for most ISPs.
-
March 21st, 2005, 02:43 AM
#6
Junior Member
Thanks XTC and Computernerd.
Computernerd: I did the WHOIS query and that was how I determined that it was a computer that belonged to the school. And, of course, you're right that it violates the acceptable use policy (not to mention a few other policies of the school). The problem is it's a computer running in a computer lab.
XTC: The room to the lab has a swipecard reader to get access (security is checking whether its logs can be read) and I don't have too many students. In other words, reasonable evidence (such as checking an email account around the time of the posting, or logging in to another site using an identifiable user name) is all I need to have the student brought before the Dean and, hopefully, talked out of their nefarious ways. Can you tell me what software the admins would need to have. Ours is a pretty good sized university, so I would think they have something - I just need to tell them what to do, apparently.
-
March 21st, 2005, 03:00 AM
#7
Hi. What did this person exactly do to warrant action involving a Dean? Also, what subject do you teach?
-
March 21st, 2005, 03:09 AM
#8
nekenieh/Heineken ( personally, I prefer Molsons ),
You need to tell your network administrator's what tools to use ? Are they doorknobs ? Please tell me what university so I can make sure my kids don't go there.
-
March 21st, 2005, 03:30 AM
#9
Hmmmmmmmmmmm,
My instinctive feeling is that you have no chance whatsoever as you are not using accounts and logons.
Only two slim possibilities that I can see:
1. Any records kept by wherever "online" the threat was posted...............do they have accounts and logons?
2. Students are creatures of habit.................if the activity took place during a supervised session then the supervisor should know who sits at that workstation.............but they could have gone to the restroom?
Remember, that still does not "prove" anything so be very careful, or you and your employers could find yourselves on the wrong end of a very expensive and embarassing lawsuit. I am sure you are aware that you would find such an eventuality very "career limiting" as they say
I think that the lack of enthusiasm from your administrators speaks volumes? Basically most security is designed to prevent unauthorised access, or people going where they should not. The "enemy within" is actually very difficult to deal with.
cheers
-
March 21st, 2005, 05:16 AM
#10
however the computer does not require a login in order to use it.
Ok. So the PCs in the computer lab do not have any form of authentication to login into the PCs. Does these systems keeps any type of log(s) files? Also, if you have the IP address of the computer as well as the time of the posting why not break out the sheet that has everyone whos in your class at that specific time of the posting. This should narrow it down some.
Can you tell me what software the admins would need to have.
Sure. What OS are on the systems in the computer lab?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|