RE: Wireless IP leads to arrest.. (UNCLASSIFIED)

["Craig Wright" <Craig.Wright () bdo com au>]

Then this is something that needs to be included in court. It is not an
issue to stop the arrest. There seems to be a confusion between being
charged/arrested and being found guilty in the minds of many people.

Craig



Craig Wright
Manager of Information Systems

Direct : +61 2 9286 5497
Craig.Wright () bdo com au
+61 417 683 914

BDO Kendalls (NSW)
Level 19, 2 Market Street Sydney NSW 2000
GPO BOX 2551 Sydney NSW 2001
Fax +61 2 9993 9497
www.bdo.com.au

Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within 
those States and Territories of Australia where such legislation exists.

The information in this email and any attachments is confidential.  If you are not the named addressee you must not 
read, print, copy, distribute, or use in any way this transmission or any information it contains.  If you have 
received this message in error, please notify the sender by return email, destroy all copies and delete it from your 
system. 

Any views expressed in this message are those of the individual sender and not necessarily endorsed by BDO Kendalls.  
You may not rely on this message as advice unless subsequently confirmed by fax or letter signed by a Partner or 
Director of BDO Kendalls.  It is your responsibility to scan this communication and any files attached for computer 
viruses and other defects.  BDO Kendalls does not accept liability for any loss or damage however caused which may 
result from this communication or any files attached.  A full version of the BDO Kendalls disclaimer, and our Privacy 
statement, can be found on the BDO Kendalls website at http://www.bdo.com.au or by emailing administrator () bdo com au.

BDO Kendalls is a national association of separate partnerships and entities.

-----Original Message-----

From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Matthew Lee Hinman
Sent: Thursday, 11 October 2007 5:43 AM
To: Eric Marden
Cc: security-basics () securityfocus com
Subject: Re: Wireless IP leads to arrest.. (UNCLASSIFIED)

Ahh yes, MAC address may be tied to hardware, but you can also change
it. He could have been framed!

- Lee Hinman

* Eric Marden <security () xentek net> [2007-10-10 09:01:05 -0400]:

> Your Mac Address is tied to the hardware - anywhere you connect would
get 
> it. The ISP may not see it, but the local router surely will.
>
>
> Eric Marden
> xentek: enlightened internet solutions
> http://xentek.net/
>
> On Oct 9, 2007, at 6:40 PM, Nic Stevens wrote:
>
> > How would the ISP know the mac address? I can't see my mac address
from
> > my server located elsewhere. Once I leave home my mac address doesn't
> > follow.
> >
> > Chinea, Jose L. Jr. (Contractor) wrote:
> > > Classification:  UNCLASSIFIED
> > > Caveats: NONE
> > >
> > > This one is simple!  The media has no idea what it is talking about!
How
> > > many times do we hear on the media terminology that makes no sense
at
> > > all!?!?!?!  More than likely they tracked IP to an ISP and then
demanded 
> > > the
> > > ISP to reliquish the MAC address to username being used at that time

> > > (every
> > > ISP has a username and password in order to access their resources).

> > > Also,
> > > if there was a 5 year investigation already going on, they may have 
> > > already
> > > known of the hacker's location and narrowed down any monitoring to a

> > > single
> > > subnet on the ISP's network.
> > >
> > > just a theory.... but this is probably what happened and the media
didn't
> > > know how to word it
> > >
> > >
> > > Luis
> > > Computer Systems Analyst II
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: cobrajet [mailto:uby500 () yahoo com]
> > > Sent: Tuesday, October 09, 2007 3:12 PM
> > > To: security-basics () securityfocus com
> > > Subject: Re: Wireless IP leads to arrest..
> > >
> > >
> > > Hi Guys,
> > >
> > > I am sorry for the delay in getting you more info on this (I was 
> > > traveling).
> > > Here's the story as it appears on the web and for the life of me I
can't
> > > fathom what damning electronic evidence they used to arrest this
guy? 
> > > ..or
> > > for that matter what the crime was (a criminal opinion?)
> > >
> > > "Type of Investigation: Forgery and Identity Theft; Date and Time: 
> > > 3/25/06
> > > at 1:00 pm; Location: V/Fredonia; Subject(s): xxxxxxxx, of Rock
Hill, SC;
> > > Charges: Forgery 3rd, Identity Theft 3rd; Court: C/Dunkirk; Details
of 
> > > the
> > > Incident: A five-month investigation concluded in the arrest of
above
> > > subject.  It is alleged that the above subject opened a yahoo email 
> > > address
> > > with the name of the victim. The subject then sent a politically
charged
> > > editorial letter to the Observer in the name of the victim.  This
letter 
> > > was
> > > published.  An investigation into the opened yahoo profile and the
sender 
> > > of
> > > the letter showed internet addresses that came back to the above 
> > > subject's
> > > addresses in South Carolina and Fredonia.  The subject was issued 
> > > appearance
> > > tickets for the above charges and will appear in the C/Dunkirk Court
at a
> > > later date.  This incident was investigated by the Chautauqua County
> > > Sheriff's Office by Inv. Lawrence S. Klajbor."
> > >
> > >
> > > How could they arrest someone using an IP address alone without
siezing 
> > > or
> > > analyzing anything? How could they determine (from many states away)
who 
> > > did
> > > what on a wireless PC network without supporting forensics or misc
> > > investiagting evidence?
> > >
> > > I was curious as to your comments/clarity nbecause this looks very
odd to
> > > me.
> > >
> > >
> > >
> > >
> > >
> > >
> > > security-35 wrote:
> > >
> > > > Maybe it was IP + Mac Address of the Wireless NIC?
> > > >
> > > > Where's the full story (link)?
> > > >
> > > >
> > > > Eric Marden
> > > > xentek: enlightened internet solutions http://xentek.net/
> > > >
> > > > On Oct 6, 2007, at 11:03 AM, cobrajet wrote:
> > > >
> > > >
> > > > > How can this be possibile?
> > > > >
> > > > > A man in WNY was arrested and sentenced to a year in jail over an
> > > > > email with the sole piece of evidence being an IP address? (- and
a
> > > > > wirless IP address at that?! -) How can they determine from an IP
> > > > > address who in the house or on a network is actually on the
computer?
> > > > > Can anyone explain this to me?8-O
> > > > > --
> > > > > View this message in context: http://www.nabble.com/Wireless-IP-
> > > > > leads-to-arrest..-tf4580165.html#a13074514
> > > > > Sent from the Security Basics mailing list archive at Nabble.com.
> > >
> > > --
> > > View this message in context:
http://www.nabble.com/Wireless-IP-leads-to-arrest..-tf4580165.html#a1312
4923
> > > Sent from the Security Basics mailing list archive at Nabble.com.
> > > Classification:  UNCLASSIFIED
> > > Caveats: NONE
> >
> > -- 
> > Rock is dead! Long live paper and scissors!