Security Basics mailing list archives
Re: Wireless IP leads to arrest.. (UNCLASSIFIED)
From: Tremaine Lea <tremaine () gmail com>
Date: Tue, 9 Oct 2007 23:02:13 -0600
Not every ISP requires a username/pass to connect to their service. I've had 3 different high speed providers and was never required to 'log on' to the network in any way. Connect network gear, and go.
Having said that, they could also search their dhcp logs for the time period being investigated and the requested IP, tie that to a mac address, locate that mac on their network and identify which cable modem it's attached to. From their the cable modem is tied to a customer account and viola, bobs yer uncle and it's off to pmita prison.
Which is why any reasonably bright monkey would boot a laptop from a livecd, run macchanger, connect to an insecure wireless network and then find an anonymous proxy somewhere.
--- Tremaine Lea Network Security Consultant Intrepid ACL "Paranoia for hire" On 9-Oct-07, at 3:42 PM, Chinea, Jose L. Jr. (Contractor) wrote:
Classification: UNCLASSIFIED Caveats: NONEThis one is simple! The media has no idea what it is talking about! Howmany times do we hear on the media terminology that makes no sense atall!?!?!?! More than likely they tracked IP to an ISP and then demanded the ISP to reliquish the MAC address to username being used at that time (every ISP has a username and password in order to access their resources). Also, if there was a 5 year investigation already going on, they may have already known of the hacker's location and narrowed down any monitoring to a singlesubnet on the ISP's network.just a theory.... but this is probably what happened and the media didn'tknow how to word it Luis Computer Systems Analyst II -----Original Message----- From: cobrajet [mailto:uby500 () yahoo com] Sent: Tuesday, October 09, 2007 3:12 PM To: security-basics () securityfocus com Subject: Re: Wireless IP leads to arrest.. Hi Guys,I am sorry for the delay in getting you more info on this (I was traveling). Here's the story as it appears on the web and for the life of me I can't fathom what damning electronic evidence they used to arrest this guy? ..orfor that matter what the crime was (a criminal opinion?)"Type of Investigation: Forgery and Identity Theft; Date and Time: 3/25/06 at 1:00 pm; Location: V/Fredonia; Subject(s): xxxxxxxx, of Rock Hill, SC; Charges: Forgery 3rd, Identity Theft 3rd; Court: C/Dunkirk; Details of theIncident: A five-month investigation concluded in the arrest of abovesubject. It is alleged that the above subject opened a yahoo email address with the name of the victim. The subject then sent a politically charged editorial letter to the Observer in the name of the victim. This letter was published. An investigation into the opened yahoo profile and the sender of the letter showed internet addresses that came back to the above subject's addresses in South Carolina and Fredonia. The subject was issued appearance tickets for the above charges and will appear in the C/Dunkirk Court at alater date. This incident was investigated by the Chautauqua County Sheriff's Office by Inv. Lawrence S. Klajbor."How could they arrest someone using an IP address alone without siezing or analyzing anything? How could they determine (from many states away) who didwhat on a wireless PC network without supporting forensics or misc investiagting evidence?I was curious as to your comments/clarity nbecause this looks very odd tome. security-35 wrote:Maybe it was IP + Mac Address of the Wireless NIC? Where's the full story (link)? Eric Marden xentek: enlightened internet solutions http://xentek.net/ On Oct 6, 2007, at 11:03 AM, cobrajet wrote:How can this be possibile? A man in WNY was arrested and sentenced to a year in jail over an email with the sole piece of evidence being an IP address? (- and a wirless IP address at that?! -) How can they determine from an IPaddress who in the house or on a network is actually on the computer?Can anyone explain this to me?8-O -- View this message in context: http://www.nabble.com/Wireless-IP- leads-to-arrest..-tf4580165.html#a13074514 Sent from the Security Basics mailing list archive at Nabble.com.-- View this message in context:http://www.nabble.com/Wireless-IP-leads-to-arrest..- tf4580165.html#a13124923Sent from the Security Basics mailing list archive at Nabble.com. Classification: UNCLASSIFIED Caveats: NONE
Current thread:
- RE: Wireless IP leads to arrest.. (UNCLASSIFIED), (continued)
- RE: Wireless IP leads to arrest.. (UNCLASSIFIED) Friend, Jason A Mr CTR USA AMC (Oct 10)
- Re: Wireless IP leads to arrest.. (UNCLASSIFIED) Ansgar -59cobalt- Wiechers (Oct 11)
- RE: Wireless IP leads to arrest.. (UNCLASSIFIED) Craig Wright (Oct 11)
- RE: Wireless IP leads to arrest.. (UNCLASSIFIED) Adams (Oct 12)
- Re: Wireless IP leads to arrest.. (UNCLASSIFIED) Yousef Syed (Oct 15)
- RE: Wireless IP leads to arrest.. (UNCLASSIFIED) Craig Wright (Oct 11)
- Re: Wireless IP leads to arrest.. gjgowey (Oct 10)
- Re: Wireless IP leads to arrest.. (UNCLASSIFIED) Nic Stevens (Oct 11)
- RE: Wireless IP leads to arrest.. (UNCLASSIFIED) David Gillett (Oct 11)
- Re: Wireless IP leads to arrest.. (UNCLASSIFIED) jam (Oct 11)
- RE: Wireless IP leads to arrest.. (UNCLASSIFIED) Craig Wright (Oct 11)