Guest Posted November 16, 2012 Share Posted November 16, 2012 Just keep standing by your guy. It was HIS computer that sent the "tip off" email. The IP addy establishes that. I was reading this and I wanted to hand off some information. I am i no way getting into the argument, but I wanted to mention about IP and names. IP address does not give away the person as it is from the mail server and hosting providers use hundreds of mail servers and the email is stamped with POP or IMAP account information from the mail server. If 300 people send an email from a "godaddy" asia mailserver the same IP will be on the email as the other 299. This is only in the case of trying to trace via email. Second, you cannot get a persons name from a DHCP address as it is obviously leased for a specified length of time and the carrier will not divulge the owner of the MAC address on the Public side of the NAT without a court order. The closest you can get to the owner is the tracert and it will give you the farthest gateway to the exposed MAC ""if"" the carrier is not blocking ICMP packets. As a result, the only information would be the carrier info and what router or layer3 switch. Third, You cannot get a persons name from an IP unless they pay for domain name and register with IANA. To complicate this more, the registrar may not use the home address or even a business. Use WHOIS on the internet and try to find your own IP. 99.999999% of the time you will get the carrier only and some DNS information. Fourth, If someone uses a http proxy you will never find the source and if two people use it to post here, you will see the same IP of the Public Proxy. In addition, if someone uses SSH or Remote tunnel into another server across the world then connects or creates a session you will get the server IP if public IP exists. Otherwise it is a private classfull or classless IP and by design NAT does not allow Private IP to be placed in Public cloud. To sum this up, an IP does not and cannot finger a person unless the carrier (cox, comcast, quest, mcleod, Time Warner, roadrunner etc.. etc.. etc..) are forced by a court to provide the information. Test for yourselves and try to find yourself, you will start to learn there is no easy way, if any at all. Forums can block a subnet range or specific IP, but that also blocks some unlucky person getting DHCP from the carrier they subscribe. So basically, toss out the IP as it is worthless and can be anyone even if I spoof the Public exposed MAC. Link to comment Share on other sites More sharing options...
bipedalist Posted November 16, 2012 BFF Patron Share Posted November 16, 2012 How about maine.rr.com type servers? Link to comment Share on other sites More sharing options...
Guest Posted November 16, 2012 Share Posted November 16, 2012 IP tracing is easy for those who know how, and is done by PIs, police, intelligence agencies, and people who do it just because they can. Link to comment Share on other sites More sharing options...
Guest Posted November 16, 2012 Share Posted November 16, 2012 How about maine.rr.com type servers? the Maine = State then RR = RoadRunner. I am assuming this is from the FQDN of the mail server? If so, it came from that mail server. Behind this main.rr.com (if DNS / DHCP) would be the DHCP pool and leased to clients i.e.. the customer. This is the closest you can get to a name or client. But it gives you a geographic region. Although, if someone remote bounced off the main.rr.com server they could have been anywhere in the world. But I am going on the 99.99% off chance they did not. So, Maine would be the area and the hundreds of thousands of IP's within that subnet. IP tracing is easy for those who know how, and is done by PIs, police, intelligence agencies, and people who do it just because they can. I outlined the closest you can get to the customer. Then we get into another world of authority, crime and the FCC. Since this is regulated by the FCC (Federal). Only a Federal Judge can order a carrier to release DHCP logs and clients to law enforcement. Off topic now. Link to comment Share on other sites More sharing options...
Guest BFSleuth Posted November 16, 2012 Share Posted November 16, 2012 BadVoodoo, using your example of 300 people sharing the same IP the thought occurred to me that it would be unlikely that of the 300 people there would be more than one person on that IP that participates in more than one BF forum and sends e-mails to BF researchers to alert them about a trackway. Perhaps someday we will be able to read those e-mails. It would be interesting to run a language analysis program on them to see how they match to various folks on this forum.... Link to comment Share on other sites More sharing options...
Guest Posted November 16, 2012 Share Posted November 16, 2012 Wanted to clarify, they don't share the same IP. If the source was a mail server then the mail server IP would be the same as the other "300" users. You can narrow it down to carrier if email. Some other options are if posting on forum the IP is exposed. Link to comment Share on other sites More sharing options...
Drew Posted November 16, 2012 Share Posted November 16, 2012 Drew, I've said it before, and apparently I need to say it again: you would be calling for my head, or Dr Meldrum's, or Derek's or DDA's on the proverbial pike if any of us pulled a stunt like Elbe. It is very telling that you continue to dismiss/minimize/overlook it when a Skeptic crosses the line. We still don't know who did it. You certainly haven't provided any evidence of that. Link to comment Share on other sites More sharing options...
Guest Posted November 16, 2012 Share Posted November 16, 2012 And don't point to the thread in the tar pit, Mulder. there's just one post that's hearsay in that thread. Link to comment Share on other sites More sharing options...
Cotter Posted November 16, 2012 Share Posted November 16, 2012 Of the threads about it that are still there. ;-) We did have a member claim to be able to 'clear things up', but chose not to.......in said thread.......that is no longer there..... Link to comment Share on other sites More sharing options...
Guest Cervelo Posted November 16, 2012 Share Posted November 16, 2012 ^^^^^ Cotter, Another misinterpretation on your part, that statement I made was only in relation to my own statements that were and apparently still are beyond your comprehension. Keep floundering in your own ignorance if you choose Just as I have said in the past and others have pointed out, the answer is/has always been right in front if you. But it's still fun to watch your quest that's for sure! Link to comment Share on other sites More sharing options...
Guest Posted November 16, 2012 Share Posted November 16, 2012 We still don't know who did it. You certainly haven't provided any evidence of that. Yes I have, as have others. And don't point to the thread in the tar pit, Mulder. there's just one post that's hearsay in that thread. Last I checked, BFTimes isn't the Tar Pit and they posted the same information. And the other evidence is being discussed in various ways. There's a lot more than just the IP addy, but those who currently control that information are apparently waiting for the right time to use it. I would have thought that time was "at once", but I don't know all the circumstances in play here. I just love watching apologists for the Elbe Hoaxer(s) flail about trying to pull out of the mess they've created for Skeptics. Link to comment Share on other sites More sharing options...
Cotter Posted November 16, 2012 Share Posted November 16, 2012 @Cerv - well, apparently I've misconstrued some of your statements. Help me understand. Did you have any prior knowledge of the Elbe Trackway prior to DDA posting the thread on the BFF? Link to comment Share on other sites More sharing options...
Guest Posted November 16, 2012 Share Posted November 16, 2012 (edited) I was reading this and I wanted to hand off some information. I am i no way getting into the argument, but I wanted to mention about IP and names. IP address does not give away the person as it is from the mail server and hosting providers use hundreds of mail servers and the email is stamped with POP or IMAP account information from the mail server. If 300 people send an email from a "godaddy" asia mailserver the same IP will be on the email as the other 299. This is only in the case of trying to trace via email. Second, you cannot get a persons name from a DHCP address as it is obviously leased for a specified length of time and the carrier will not divulge the owner of the MAC address on the Public side of the NAT without a court order. The closest you can get to the owner is the tracert and it will give you the farthest gateway to the exposed MAC ""if"" the carrier is not blocking ICMP packets. As a result, the only information would be the carrier info and what router or layer3 switch. Third, You cannot get a persons name from an IP unless they pay for domain name and register with IANA. To complicate this more, the registrar may not use the home address or even a business. Use WHOIS on the internet and try to find your own IP. 99.999999% of the time you will get the carrier only and some DNS information. Fourth, If someone uses a http proxy you will never find the source and if two people use it to post here, you will see the same IP of the Public Proxy. In addition, if someone uses SSH or Remote tunnel into another server across the world then connects or creates a session you will get the server IP if public IP exists. Otherwise it is a private classfull or classless IP and by design NAT does not allow Private IP to be placed in Public cloud. To sum this up, an IP does not and cannot finger a person unless the carrier (cox, comcast, quest, mcleod, Time Warner, roadrunner etc.. etc.. etc..) are forced by a court to provide the information. Test for yourselves and try to find yourself, you will start to learn there is no easy way, if any at all. Forums can block a subnet range or specific IP, but that also blocks some unlucky person getting DHCP from the carrier they subscribe. So basically, toss out the IP as it is worthless and can be anyone even if I spoof the Public exposed MAC. Good stuff BVD. This is actually about the IP of a mail server matching the IP of a registered forum member at the BFF. I think only phone dial up services have a unique IP but that aside, what about the issue of matching an IP address at all? You can't single anyone out, but you can match their blood type. And if it's AB- then we are talking about a highly suspicious match from someone "in the BF biz". IOW, 1 in 200 is probably close enough. If the glove fits, where it. Edited November 16, 2012 by Gigantofootecus Link to comment Share on other sites More sharing options...
Guest Posted November 17, 2012 Share Posted November 17, 2012 I think only phone dial up services have a unique IP but that aside, what about the issue of matching an IP address at all? No carrier has explicit IP range based on medium type they must use, only the addresses they purchased in blocks. Then the customer is assigned one of the IP's. The main point I wanted to emphasize. You cannot finger a person hitting the keyboard using an IP. You can get the carrier, the name of the servers, but not the customer name. Unless, they are posting and the IP is exposed via the session. Admins have this ability in the control panel, but that is IMO going to far. Unless someone is being threatened with death by Squatch farts. Link to comment Share on other sites More sharing options...
Guest Posted November 17, 2012 Share Posted November 17, 2012 (edited) Yes I have, as have others. Last I checked, BFTimes isn't the Tar Pit and they posted the same information. And the other evidence is being discussed in various ways. There's a lot more than just the IP addy, but those who currently control that information are apparently waiting for the right time to use it. I would have thought that time was "at once", but I don't know all the circumstances in play here. I just love watching apologists for the Elbe Hoaxer(s) flail about trying to pull out of the mess they've created for Skeptics. First,the bf times didn't post any proof just a bunch of talk. Second, I'm not apologizing or trying to protect anybody, just waiting for the proof, which no matter how you spin it, it's not there. If you have actual documentation, I'd love to see it. Talk and hearsay don't cut it. Edited November 17, 2012 by squatting squatch Link to comment Share on other sites More sharing options...
Recommended Posts