Re: Tracing Threatening Email to an IP Address

["Francois Yang" <francois.y () gmail com>]

1. when your friend sends you an e-mail from his work e-mail address.
it gets routed through their e-mail server.  So you see some internal
IPs (this should be fix and stripped off).
2. The anonymous e-mail was probably sent from a website or even from
yahoo's webmail.
So you won't see the internal IP's.

Unless, in 1 your friend sends you e-mails from yahoo.

I hope that helps.


On 2/1/07, Navroz Shariff <navroz.shariff () gmail com> wrote:
> You Cisco device performs NAT which is why it does not advertise any
> internal addresses.
>
> On 1 Feb 2007 19:42:34 -0000, ka4731 () aol com <ka4731 () aol com> wrote:
> > My friend and I received a threatening email from an anonymous yahoo account.  We believe this may have come from one of my 
> friend's coworkers because the header information was traced back as far as the IP address of the Cisco Pix firewall within my 
> friend's company network.  All emails I receive from my friend have the IP address of his computer within his network.   Why is it 
> that the anonymous email header doesn't tie me to a computer or work station just like my friend but only shows the IP of the 
> firewall?
> >
>
>
> --
> "If... the machine of government... is of such a nature that it
> requires you to be the agent of injustice to another, then, I say,
> break the law."
>
> - Henry David Thoreau


--
If you think technology can solve your security problems, then you
don't understand the problems and you don't understand the technology.
Bruce Schneier