Author Topic: IP address on public network (Read 15104 times)

edbro · « **on:** June 15, 2010, 06:55 PM »

If I connect wirelessly to a public network, or even the open network at my work, is my computer traceable? Is my ip address dependent on the source router or my computer?

Deozaan · « **Reply #1 on:** June 15, 2010, 07:00 PM »

AFAIK:

The router assigns your PC an IP address, so it could potentially change each time you connect to the AP.

Your MAC address, however, is unique to your machine and will not change unless you switch out the hardware itself.

EDIT: There is also other information that may be traceable to you, such as your PC's name as it appears on the network.

edbro · « **Reply #2 on:** June 15, 2010, 07:03 PM »

But is the MAC address shown outside the local network?

If I'm using a hotel's wireless network and I connect to a torrent, is that traceable back to me?

Deozaan · « **Reply #3 on:** June 15, 2010, 07:11 PM »

I'm not an expert, so don't take my word for it, but I think the MAC address wouldn't go beyond the router. But the fact that you connected to a torrent could be traced back to you.

How exactly, I'm not sure. I have some theories but they could be cockamamie for all I know. I'd await a response from someone who is more knowledgeable on the subject than I.

Eóin · « **Reply #4 on:** June 15, 2010, 07:23 PM »

It's not so much a question of the outside world tracking you as it's one of the hotel doing so. Whether they can link activity on their network with you the person/laptop depends on their setup.

But in general the answer would be yes; they can do so, they will do so, and they will keep records of having done so should they later need to blame you for illegal activity carried out on their systems.

edbro · « **Reply #5 on:** June 15, 2010, 07:33 PM »

Good to know. I'm still not sure how they would do that if I'm wireless. If I connected at a Starbucks, dl'ed a file and left, I don't see how they would be able to trace that to my name or home address. Same for a hotel; I could be in a room or just a driveby in the parking lot.

Renegade · « **Reply #6 on:** June 15, 2010, 07:39 PM »

Connecting to a torrent isn't illegal. It depends on what you are downloading.

You can use HTTP proxies (e.g. www.hidemyass.com) to anonymize yourself, but that still doesn't prevent checking on what you are doing locally. You need to use a secure proxy (HTTPS).

For torrents, use the onion router or IP2P or TOR to anonymize yourself. Search on those for more information.

Basically, you need 2 things to remain anonymous and not have people eavesdrop on you: 1) an anonymizer to make you anonymous (big surprise there), 2) a secure connection to encrypt whatever you are doing against prying eyes.

40hz · « **Reply #7 on:** June 15, 2010, 07:47 PM »

Please note that many public access wifi host routers block known torrent and proxy ip addresses and ports for exactly that reason.

Eóin · « **Reply #8 on:** June 15, 2010, 07:56 PM »

It's true that simply connecting to an unsecured wifi network is unlikely to be traced back to you, in some cases probably impossible, but still you are on someone else's network and at the mercy of their level of sophistication.

Also it's generally it's considered very bad netiquette to use TOR for things like file sharing.

40hz · « **Reply #9 on:** June 15, 2010, 11:09 PM »

Also it's generally it's considered very bad netiquette to use TOR for things like file sharing.
-Eóin (June 15, 2010, 07:56 PM)

Thankyouthankyouthankyou! for pointing that out.

The only way TOR is going to remain viable is if people play by the rules and remember they're not all by themselves when they're using it.

Renegade · « **Reply #10 on:** June 16, 2010, 12:51 AM »

Actually, I think that the more traffic there is on TOR, the better it is. More nodes means higher reliability and faster, while more traffic means more noise to obscure your signal. So no matter what people are using it for, the fact that they are using it makes it better.

Or do you mean that ISPs might decide to murder the baby when they throw out the bath water by banning TOR traffic altogether and blame it on file sharing?

Xenonym · « **Reply #11 on:** June 16, 2010, 05:37 AM »

Actually, I think that the more traffic there is on TOR, the better it is. More nodes means higher reliability and faster, while more traffic means more noise to obscure your signal. So no matter what people are using it for, the fact that they are using it makes it better.

Or do you mean that ISPs might decide to murder the baby when they throw out the bath water by banning TOR traffic altogether and blame it on file sharing?
-Renegade (June 16, 2010, 12:51 AM)

No, the problem is that Tor relies on its users to route traffic through the network, and if you use BitTorrent over it, you inevitably hog everyone's bandwidth and make things slower for everyone. Also, I think that ISPs can't actually ban Tor because it uses encryption, and also because it does not really have a predictable traffic pattern (unlike BitTorrent).

Renegade · « **Reply #12 on:** June 16, 2010, 06:08 AM »

Has there been some update in the last while? I remember reading an article about people using TOR with no encryption and passwords getting lifted. Some government office or embassy was particularly hard hit. I think that was a while back though. Sigh... guess I need to keep up to date more.

40hz · « **Reply #13 on:** June 16, 2010, 06:12 AM »

^Xenonym beat me to it!

But yes. Congestion issues caused by the use of certain protocols remains a problem for TOR regardless of any future capacity increases on it's network. If you have people using "high demand" apps behind TOR, it will contribute to slowing everybody down. And according to TOR's creators, simply adding more nodes and relays won't solve that problem.

Besides, the folks who brought us TOR have very politely asked us not to use torrents in conjunction with their network. Maybe I'm a little old fashioned, but (to me at least) common courtesy dictates this alone should be reason enough not to.

steeladept · « **Reply #14 on:** June 16, 2010, 07:21 AM »

Am I wrong here or is everyone missing the one point that can't be worked around. While the download may not be determined due to encryption, and the source may not be trackable due to anonymizers, to make the connection in the first place, the router assigns (albit temporarily in the case of DHCP) the IP address to a MAC address. This guarantees that the routing goes to the right place (assuming the IP address doesn't point to more than one address, but that is another issue that shows immediately to at least one person with that address). Therefore, with even the most basic logging, all sources, even wireless, has access to the MAC address of that interface.

THEORETICAL DISCUSSION POINT HERE - MAY OR MAY NOT BE FEASIBLE IN REALITY!

Once you have the MAC address, you can then follow MAC address connections and if you use wireless in your house regularly, you can determine where that MAC address connects most of the time. Even if not, you can narrow it to a specific location and frequent any location that seems to show a regular connection to the hotspot. Once you see that connection made, you found the person.

/THEORY

Is this time consuming - absolutely. Will it happen? Probably not. Is it possible in reality? This I do not know, as you would essentially have to gain access to each hotspot and search the history to track the MAC Address. This would require a HUGE amount of resources and probably a ton of cooperation that may or may not be available. Would someone attempt this for an illegal torrent, doubt it. For National Security, Weapons trafficking, or espionage? Not so doubtful. The real question here is can it happen vs. how likely is it to happen.

Xenonym · « **Reply #15 on:** June 16, 2010, 08:10 AM »

Am I wrong here or is everyone missing the one point that can't be worked around. While the download may not be determined due to encryption, and the source may not be trackable due to anonymizers, to make the connection in the first place, the router assigns (albit temporarily in the case of DHCP) the IP address to a MAC address. This guarantees that the routing goes to the right place (assuming the IP address doesn't point to more than one address, but that is another issue that shows immediately to at least one person with that address). Therefore, with even the most basic logging, all sources, even wireless, has access to the MAC address of that interface.

THEORETICAL DISCUSSION POINT HERE - MAY OR MAY NOT BE FEASIBLE IN REALITY!

Once you have the MAC address, you can then follow MAC address connections and if you use wireless in your house regularly, you can determine where that MAC address connects most of the time. Even if not, you can narrow it to a specific location and frequent any location that seems to show a regular connection to the hotspot. Once you see that connection made, you found the person.

/THEORY

Is this time consuming - absolutely. Will it happen? Probably not. Is it possible in reality? This I do not know, as you would essentially have to gain access to each hotspot and search the history to track the MAC Address. This would require a HUGE amount of resources and probably a ton of cooperation that may or may not be available. Would someone attempt this for an illegal torrent, doubt it. For National Security, Weapons trafficking, or espionage? Not so doubtful. The real question here is can it happen vs. how likely is it to happen.
-steeladept (June 16, 2010, 07:21 AM)

Unfortunately, MAC addresses are also very easily spoofed. I can only assume anyone doing espionage or anything of that sort would have covered that weak spot. There are probably easier ways to track a person down then the method you describe. In theory, this would be workable, but practically it will just take too much time.

steeladept · « **Reply #16 on:** June 16, 2010, 10:22 AM »

True, they can be spoofed, but how often does anyone actually change them? Other than to set a router to match a machine or to make one machine match another for some specific reason, I would venture to say NEVER.

As for tracking someone, I agree. That might be one individual way used in concert with other ways. It was more an example lending to the OP's question. That being can they be tracked. My answer is yes, but it is unlikely.

rgdot · « **Reply #17 on:** June 16, 2010, 05:52 PM »

Router's Routing table will save the interface that the IP/computer is 'attached' to. Switches will save Mac addresses in their Mac tables.

Deozaan · « **Reply #18 on:** June 20, 2010, 02:26 PM »

Someone was recently tracked down through a public/open wifi access point and arrested for criminal actions:

Barry Ardolf, 45, is accused of using his neighbor’s computer to send the threatening message to the Vice President [Joe Biden]. Ardolf has a history of disagreements with neighbors in the various places he has lived.

According to the affidavits filed by FBI Special Agent Robert Cameron, Ardolf was already using his technical skills to harass his neighbors. Not only did he send threatening messages to the Vice President, Ardolf also sent child pornography to his neighbor’s colleagues under a fake email account he set up [in his neighbor's name] without his neighbor’s knowledge.
-http://www.thenewnewinternet.com/2010/06/15/hacker-threatens-biden-frames-neighbor/

So, as has been said before: Yes it's possible for you to be tracked down through public/open wifi APs.

Note: Additional details from http://www.federalne...d=15&sid=1983642

Eóin · « **Reply #19 on:** June 20, 2010, 02:48 PM »

Technical skills? Sounds more like 1337 haxxor skillz to me!

40hz · « **Reply #20 on:** June 20, 2010, 03:26 PM »

+1!

It barely qualifies as a dirty trick even though I'd probably give it full points for "DUH!"

Threatening a member of the executive branch in post-911 'after the Patriot Act' USA using a laptop you own from a neighbor's router? Is this guy totally insane or just clueless? We need a new word added to the dictionary for that level of stupidity.

And the reporting...

Some guy reads a 10 year old issue of 2600 or visits some script-kiddie hax0r website and somebody thinks what he did required skill? Good grief! Are there still reporters that clueless about how this stuff works after all this time?

(And this reporting website fancies itself a "breaking" tech news website?)

Deozaan · « **Reply #21 on:** June 20, 2010, 04:43 PM »

Technical skills? Sounds more like 1337 haxxor skillz to me!
-Eóin (June 20, 2010, 02:48 PM)

I'm not sure about that.

It's not that hard to create a fake e-mail account and send messages to people while connected to an unsecured AP.

Also, sorry if you were being sarcastic and I missed it.

Pre-post edit: I tried to submit this quite some time ago but was having internet problems. After reading 40hz's response, it seems I did indeed miss your sarcasm.

Renegade · « **Reply #22 on:** June 21, 2010, 01:22 PM »

Some guy reads a 10 year old issue of 2600 or visits some script-kiddie hax0r website and somebody thinks what he did required skill? Good grief! Are there still reporters that clueless about how this stuff works after all this time?
-40hz (June 20, 2010, 03:26 PM)

'c0z reel sk!llz meez u dunt get cot~!

For faking email, it's very simple: Email Avenger < An old tutorial and emergency email program that lets you use a fake email address if you want.

Deozaan · « **Reply #23 on:** June 23, 2010, 02:12 PM »

From what I understood, he didn't even fake his neighbor's real e-mail address. I think he just created a new account in his neighbor's name.

The only thing he did that requires any kind of special knowledge is know where to find child pornography to send to his neighbor's co-workers.

Which by the way, makes me curious as to why the guy isn't being charged with possession of child porn. I suppose making a threat against the VP would probably be considered a worse crime though (from the law's perspective).