Retrieving a Stolen Laptop By IP Address Alone? 765
CorporalKlinger writes "My vehicle was recently burglarized while parked in a university parking lot in a midwestern state. My new Dell laptop was stolen from the car, along with several other items. I have no idea who might have done this, and the police say that without any idea of a suspect, the best they can do is enter the serial number from my laptop in a national stolen goods database in case it is ever pawned or recovered in another investigation. I had Thunderbird set up on the laptop, configured to check my Gmail through IMAP. Luckily, Gmail logs and displays the last 6 or 7 IP addresses that have logged into your account. I immediately stopped using that email account, cleared it out, and left the password unchanged — creating my own honeypot in case the criminal loaded Thunderbird on my laptop. Sure enough, last week Gmail reported 4 accesses via IMAP from the same IP address in a state just to the east of mine. I know that this must be the criminal who took my property, since I've disabled IMAP access to the account on all of my own computers. The municipal police say they can't intervene in the case since university police have jurisdiction over crimes that take place on their land. The university police department — about 10 officers and 2 detectives — don't even know what an IP address is. I even contacted the local FBI office and they said they're 'not interested' in the case despite it now crossing state lines. Am I chasing my own tail here? How can I get someone to pay attention to the fact that all the police need to do is file some RIAA-style paperwork to find the name associated with this IP address and knock on the right door to nab a criminal and recover my property? How can I get my laptop back — and more importantly — stop this criminal in his tracks?"
Report it to the Univeristy's judicial board... (Score:5, Insightful)
University cops do the bidding of the school... they're more into securing physical spaces and crowd control than anything in the tech sphere. But there's some part of the school that handles the misbehaving students, and they're the ones to contact. You've got your $1000 laptop missing, they get to threaten his $30,000-$120,000 investment in education.
This is the threat the RIAA/MPAA loves to use, they don't have the school police raid the computer, they just get the school admins to hammer the kid.
Re:Report it to the Univeristy's judicial board... (Score:5, Funny)
University cops do the bidding of the school...
Just call the RIAA and tell them that IP downloaded a song. They seem to be able to do all the John Doe stuff through the courts to find out who it was...
Better idea for CorporalKlinger (Score:5, Funny)
Come on CorporalKlinger - you know they're reading your mail - work with it. Do I have to get Radar to bail you out?
Bonus points if you pull a real Corporal Klinger and go in a dress. Either way, bring a camera. And a few friends. Make him wish he was in Toledo.
Re:Report it to the Univeristy's judicial board... (Score:5, Interesting)
Just call the RIAA and tell them that IP downloaded a song. They seem to be able to do all the John Doe stuff through the courts to find out who it was...
Actually, you can do that stuff yourself. File a claim with the courts for recovery of your possession, send a subpoena to the ISP, get the address, then either serve papers to continue the possession claim or hand the address to the state police.
Re:Report it to the Univeristy's judicial board... (Score:5, Funny)
Actually, you can do that stuff yourself. File a claim with the courts for recovery of your possession, send a subpoena to the ISP, get the address, then either serve papers to continue the possession claim or hand the address to the state police.
Another option is to visit your local congresscritter's office. If you can get a staffer to send a "yo, what's the holdup here?" letter on behalf of your representative, that usually greases the wheels just enough to get them moving again. This is also a good way to restock on pens, buttons, and bumper stickers if you happen to be running low.
Re: (Score:3, Insightful)
Re:Report it to the Univeristy's judicial board... (Score:5, Informative)
There are multiple jurisdictions involved, any of which could choose to pursue the case if they wanted to. They include:
The best revenge is that which you can obtain for yourself. Find out what ISP has the IP address. Contact the local police where that ISP is and ask that they contact the ISP to get the subscriber data for that IP. If that doesn't work, you can sue John Doe from your own jurisdiction and force the ISP to provide the information you seek. The police may be more willing to take up the case if you do the legwork.
Another option too is to contact the prosecuting attorney who handles the university polices cases. They might be able to pressure the police to take action, considering the ease with which the criminal can be identified.
Lastly, but certainly not leastly, post the IP address to 4chan. They have more than enough unscrupulous individuals that could find the person for you. If nothing else, they will at least DDOS the IP for you.
Re:Report it to the Univeristy's judicial board... (Score:5, Informative)
Have you tried calling your insurance company and telling this to them?
First, file a claim. You have renter's insurance, right?
Assuming you haven't...
Do an nslookup on the IP address to find out what you can glean about which ISP/node the user is at. You might be able to do some sort of geographical IP lookup, I know mine narrows it down to about three houses.
Call the local police in -that- area and tell them that you've identified your stolen property, conference a police detective in with the ISP and see if the ISP folks fold and give an address/account that's actionable. There's still no warrant, so the officer will likely stop by and 'ask politely' (especially if you offer to ride-along). Failing that (meaning that the thief knows their rights), you'll have to ask the officer to get a warrant, which he will bitch and moan about, and it likely won't happen.
By this time, that insurance deductible is looking mighty reasonable, and you should get a policy.
If you're dead-serious about justice and you know the address/account... Take the person to small claims. You won't need a lawyer if you have everything written down and articulated, and have friendly municipal workers in your area. I'm not entirely sure, but I think that those judges have an easier path (a fellow judges' number) to get a warrant issued, and then you're back to the cops.
Now... In the future... Keep a better eye on your stuff, get an insurance policy, and -always- stash enough money to pay the deductible somewhere where you won't spend it. I guarantee the $12/month and $250 in your 'unlinked' savings account would be more than worth this kind of effort. Plus, acting like a fat-cat and having a new laptop paid for is much more rewarding than rarely-served justice.
Re: (Score:3, Insightful)
Are the condescending 'you should have had insurance' comments necessary?
Insurance is a really fucking good idea if you drive and could face effectively unlimited liability if you kill or, worse, injure someone. It's also a good idea in some other situations where $replacement_cost >> $personal_liquidity.
This doesn't look like one of those situations. It sounds more like this guy wants to catch the criminal than that he wants reimbursement for his $1000 laptop.
Actually, that's NOT what insurance is good for. (Score:5, Insightful)
Actually, if you do something to be liable for killing or seriously injuring someone, it's pretty damn likely that insurance won't help you.
Get out your policy. Go ahead, I'll wait. Now read it carefully. Somewhere buried in there is the maximum amount of money the insurance company will pay for such a claim. Now go look up how much plaintiffs win when you're held liable for someone dying or getting maimed, and compare it to the first number. If you kill or main someone, you're pretty much going to declare bankruptcy unless you're Bill Gates, pure and simple, and there's not a damn thing having insurance will do for you.
What insurance is good for is one thing and one thing only: To handle things between minor fender benders up to totaling a car and/or covering relatively minor injuries to others or major ones to yourself. Anything past that and you're screwed. Anything less than that, and you're better off simply paying out of your own pocket because of how much higher your premiums will be.
In case you don't know this yet, insurance is a scam. It sounds nice in theory, but it's legalized gambling with a twist--you're betting money on something bad happening instead of something good. Just like in a casino, in which the house always comes out ahead, the insurance companies will always come out ahead, too. There's actually a special word for people who make sure this stays true, they're called actuaries [wiktionary.org]. Add up all of the money you--and your employer, on your behalf--have paid over the years for insurance, and imagine how far that money would have gone had you paid it into, I dunno, a mutual fund or something instead of paying for actuaries and marble-halled buildings. You might actually be able to pay off a large liability claim if you had.
And now, a lot of states have mandatory automobile insurance laws on the books. Do you live in one? I do, and I remember when it went into effect. If you do, have your premiums gone down because so many more people are now paying into the system and because there are so fewer uninsured motorists on the roads now? Yeah, mine haven't either. Funny how that works, isn't it? Again, it sounds nice in theory, but in reality, these laws are just a blatant money grab by insurance companies to use police power to force you to pay them money. Like I said, the industry as a whole is a scam.
Re:Actually, that's NOT what insurance is good for (Score:4, Informative)
I totally agree with you. I had a similar rant typed in about expensive yachts and skyscrapers, but I've posted such here before and it doesn't generally go anywhere productive.
With regards to the third party insurance issue I thank you for correcting me. I was writing on the assumption of an American audience and it's not too surprising I got it wrong.
In my country of residence we can't be sued into bankruptcy, due to a government department that pays for injuries arising from accidents. We are still liable for actual damages, but million dollar lawsuits for pain and suffering don't happen. As a result my yearly premium on a V6 sedan is 127 dollars.
PS - My father is in fact an actuary. Your expected return on most policies is 50 - 70 cents on the dollar.
Re: (Score:3, Insightful)
Like I said, the industry as a whole is a scam.
Same thing with the surge in DUI arrests in the past decade (or a little more). The insurance companies pressured the police into actually charging people with DUIs instead of making them walk home or dropping them off in the drunk tank because they realized that they can charge otherwise very safe drivers who had a little too much at a cocktail party with insane premiums.
Re: (Score:3, Insightful)
Yes, because it's the victim's fault. Thanks for that.
!!Ask first, before getting police involved!! (Score:5, Informative)
Their questions: "Are the police involved?" and "Are you a network administrator?"
Since I answered the questions right ("No" and "Yes"), they gave me all the information. Had the police been involved, their instructions were to only provide information with a warrant.
The moral of the story is to ask for the information first, prior to getting the police involved. Mod me up, so the guy sees this critical piece of information!
Re:Report it to the Univeristy's judicial board... (Score:4, Insightful)
Lastly, but certainly not leastly, post the IP address to 4chan. They have more than enough unscrupulous individuals that could find the person for you. If nothing else, they will at least DDOS the IP for you.
That is the last thing you should ever do for a number of reasons. DDOS violates the computer crimes act here in the US (and using an illegal method to regain your property is never a good idea as you will end up in court charged with a crime yourself).
Filing a claim in your local state court is not all that expensive (and with the help of the local free law association, you might actually get it done properly).
One rule to remember when going up the 'food chain" at your University: always be nice. explain your situation in a clear and logical form and request that they help you. if they can't, get referred further up the chain. you will eventually get to someone who can say yes or take action (usually at the university presidents level). also, do follow up with the local police and send a certified letter to the local FBI office asking for help (send a fax and an e-mail as well). If you need to, get the local news media involved (beauracracies don't like negative public exposure). In all these cases, BE NICE! Stick to the point and don't embellish.
The more of a paper trail you can establish, the better your chances of regaining your property expeditiously.
Good advice (Score:4, Informative)
Except for the 4chan part. The IP they DDoS might not be assigned to the thief when they get it. (also illegal blah blah)
To add to the IP address part:
When you find the ISP, call them. Wait on the phone, get transfered to people. Always be nice and polite and say stuff like "I understand you are really busy.." and "I know this is an unusual request but..." and patiently wait, acknowledging their apologies and asking advice like "what can you do for me?" and "is there anyone else I can talk to?"
Doing this will get you far.
Now, tell the person who you finally get on the phone with the IP address and the TIME it was accessed. If the IPs were of the same ISP then ask if each one used the same MAC address at the time it was accessed. Then ask "Can you give me the information on that account or do I have to do something else?" You might get someone who does, you might get transferred to someone who can give it to you or you might be told that it might have to be done with more formal measures.
Then get the address of where the company receives subpoenas, get the person's name who you talked to. Ask them who to ask for next time if you have any more questions. Thank them for their time and their help and then call the cops with the information you got.
This works. I have done it before (but not with a stolen laptop). Sometimes the information you get is astounding. Sometimes they blow you off (Verizon will do both but they have big call centers so try many times)
Good luck.
Re: (Score:3, Informative)
I used to work at a Verizon call center. I didn't even realize there were other centers that wouldn't blow you off. We weren't able to access that kind of information; if you got me on the line when I worked there with that question, I almost certainly would have ended up bouncing you around.
Believe me, it's not that I'm not sympathetic to the issue, or that I get off on screwing someone, it's that Verizon's call centers (or at least, the one I was at) are so amazingly fucked up that, in that situation, I w
Re:Report it to the Univeristy's judicial board... (Score:4, Insightful)
Re:Report it to the Univeristy's judicial board... (Score:5, Insightful)
As I read it, it was stolen FROM a university, and is now located one state away.
So neither the local Muni's or the local Uni's are the right jurisdiction.
Where the machine is NOW is what matters. Those are the only cops who can go knocking on doors in that jurisdiction.
Re:Report it to the Univeristy's judicial board... (Score:5, Informative)
Icebike gives the answer that matters. You send a copy of the original police report to the police WHERE THE IP IS LOCATED, and ask them to pick up your computer. The cops in your state cannot do anything, but the cops in the state where the computer is located certainly can. IF they are tech savvy enough to understand your evidence, and to subpoena the ISP for the address.
Re:Report it to the Univeristy's judicial board... (Score:5, Interesting)
Re: (Score:3, Informative)
Yeah, you were lucky in that instance, pretty much all internet connections here are behind a NAT firewall.
I know if my laptop is stolen its game over, so I just make sure its insured for full value, has a bios password and the drive is truecrypted and fully backed up every night, if the thing gets stolen, I get a free upgrade :)
Re: (Score:3, Interesting)
I'm not sure where you're getting your legal theories from but it isn't right.
If I steal a car in Minnesota, the state doesn't lose jurisdiction because I go to Wisconsin. Both states can prosecute me, but only Wisconsin can arrest me. Minnesota has to ask Wisconsin nicely(via extradition) to hand me back to them. The charges aren't necessarily the same though.
In this hypothetical, Wisconsin could prosecute me for probably a variety of misdemeanors or maybe even felonies. Likely, they would prefer to extrad
Re:Report it to the Univeristy's judicial board... (Score:4, Interesting)
I suggest calling the ISP yourself if you haven't already and BEG them to get you to their 2nd or 3rd level support guys that can get to someone that can at LEAST preserve the IP lease information for you. Just in case it takes a while to educate or motivate the cops.
Re:Report it to the Univeristy's judicial board... (Score:5, Insightful)
Talk to the dean of your college. Call up and setup a meeting. Remember HIS time is important. So make it quick.
"I recently had my laptop stolen. The police say it is the campus police jurisdiction. They refuse to help. I have an IP which uniquely identifies who it is. However I need their help getting the proper warrants to find my laptop. Please help me I need my laptop to continue my education here.'
You would be amazed the reaction you get. The campus police have people *THEY* answer to. The dean will pick up a phone and make it happen.
If the dean refuses to help. Your next stop should be your local college newspaper and the local city newspaper laying out the story. Embarrass them into helping you. However, remember you are now flaming out a bridge over a 1k laptop. Be prepared for that.
Now another response is to go back to the local campus police and lay it out for them. What is an IP? How to get an search warrant for an address. Make it STUPID easy for them, (in many cases you are dealing with ex jocks/military grunts who really couldnt cut it at any other job). I used this approach a few times with other stolen items over the years. Cops can be lazy. Remember you are dealing with basically babysitters here. They are not exactly having rocking cases and have been relegated to babysitting the 'rich brats'. A hard night for them is when there is a major game on. So lay the whole case out for them. Show them how for a few hours of work they can do the good thing. Be personable. 'hey hows it goin' 'looks like you had a rough night last night...' etc... Its cheesy but it works. It shows you are not looking for them to run forms for you but want help and hey they can help right? If you go in with phone numbers and address instead of an IP that could help too. It shows you are interested in getting your property back and have run into legal black holes that only they can help with. Show them you are willing to help them out. Cops are notoriously 'you scratch my back I scratch yours'.
Another place you could go is the mayor of the city you live in. "The police are giving me the run around in recovering my property even though we have enough information to find the criminal". The MAYOR runs the police... You can also get a civil judgment to compel them to help you. This could make your life really uncomfortable in the future MAKE SURE YOU ARE WILLING to do it. You need to ask yourself what are you willing to do to recover your property?
What does the university have to do with this? (Score:5, Insightful)
OK, so the laptop was stolen on school grounds. But the problem is now to locate and recover it from another state. The school cops have jurisdiction on school grounds and keep the peace there. So if the laptop turns out to be on another campus you could try the cops in THAT school (though it seems unlikely, since the person holding the laptop is using a service). Don't expect the cops at the school where it was lifted to go out of their way to chase down stolen property in another state, outside their jurisdiction. Once you have a specific thing to ask for (like trying to get the location from the ISP and forward that info to the cops of local jurisdiction there) maybe they'll do it - and maybe not.
Got the report number? You (or a lawyer) might be able to get the ISP to cough up the info with that, or get started on getting a court order if they're reticent.
(You might also try the county sheriff. In some states they have overriding jurisdiction on school grounds. File a crime report with them, too.)
= = = =
The laptop is phoning home from an apparently static IP address - or a long-duration connection. Can you remotely log into it? If so you might be able to do things like turn on the microphone, look at files the new user is taking notes in, or follow his browsing. Does it have a built-in camera? Does it have any remote administration or monitoring software installed - or could you install some remotely?
Does it have built-in WiFi and if so do you have the MAC address of it? (You could probably get it by that hypothetical remote login if you don't have it recorded.) If the WiFi is on or can be turned on and if you can get the neighborhood information you could then sniff the location when nearby. (That would also help the cops with jurisdiction in the area if you go along with them to sniff it when they want to bust it. Gives 'em probable cause.)
Note that IANAL. So I could be talking through my Stetson.
Check with a lawyer if you can find one with the appropriate specialization. If you're a student at that university you might have legal advice resources available through them. Or if they have a law school ask who among the faculty is expert on this and talk to that prof. Academics sometimes like to help, especially where the law is squishy. B-)
Re:Report it to the Univeristy's judicial board... (Score:5, Funny)
I suggest using whois to find out who "owns" that IP address- then write a convincing sounding letter to the ISP and pray that it works.
No no no, you're going about it all wrong.
Step 1. You use the whois data to write a letter (not an e-mail) to that County Sherrif's Office:
Dear Sherrif,
Some idiot stole my laptop in [my State] and is now in your jurisdiction.
No law enforcement agency has been interested in helping me to recover my stolen property.
Here's [all the information] you need to subpoena the thief's location from their ISP.
As I cannot legally access that information, I've hired a PI to find it for me.
This is just a heads up that I'll soon be visiting your fine County with an address and a gun.
Yours Truly,
CorporalKlinger
Step 2. Ditch your cellphone and go on vacation for a week.
Step 3. Come home to discover the police have recovered your laptop and arrested the thief
Re:Report it to the Univeristy's judicial board... (Score:5, Insightful)
Until you got to the issue of suggesting that you are going to head off to that particular jurisdiction with a gun, this is a fairly sound letter: Short, simple, and to the point.
I wouldn't suggest that I'm bringing a gun, even if I had a legal concealed weapons permit or a federal firearms permit. Police and Sheriff's offices tend to get real jumpy if you hint that you have a gun, particularly if you explicitly mention it in some form of communications. In this case the implication is that you are exasperated and want to take the law into your own hands... again something no law enforcement agent would look on favorably for many reasons (some valid and others not).
If you do say that you are hiring a private investigator, make sure that you do. Again, this is something unnecessary in the letter of this nature, at least for an initial letter and perhaps is better left out. Don't lie or even stretch the truth as that can and will come back to bite you hard.
Remember, it is easier to attract flies with honey than with vinegar. Doing all of the leg work for a felony arrest and having that land on an officer's desk is a godsend, and something most officers really don't mind. Police love to brag about arrests of that nature. Odds are high that the thief stole much more than the simple laptop too, and it gives probable cause to search the house with the information that you could provide in this situation.
Saying that you would like to personally visit the county (and actually do so) also helps, as it shows you are serious about the issue and would like to get some resolution. Again, that is a big plus, as long as you avoid the stuff that would make a law-enforcement officer's skin crawl. It is also not strictly necessary, but suggesting that you would like a phone conversation with that department to confirm receipt of the letter and to see what is happening with the investigation could be useful too.
Re:Report it to the Univeristy's judicial board... (Score:5, Funny)
Close.
Step 1: Use whois to find out the owning ISP.
Step 2: Use social engineering techniques as needed to obtain the direct telephone number for the wire center for the city in question.
Step 3: Call the wire center using a telephone from work (where caller ID is blocked) and use social engineering techniques, pretending to be from another part of the company (claim to be calling from the NOC in another state trying to track down rogue BGP packets from the specified IP number) and request that they disable the circuit. At some point, casually ask what circuit ID they disabled so that you can properly fill out the work order after the fact.
Step 4: Have another person call at the same time (preferably female) and ask them if [your fake name] had reached them about the aforementioned problem while you are still on the phone. This instills a sense of urgency.
Step 5: Upon obtaining the circuit ID, wait a day. Then use a similar social engineering technique (call until you get a different person) and tell them you're a line worker out in the field and you're trying to trace down a problem with incoming calls on circuit [insert circuit ID here]. Tell them that it's an E911 call center and you really need things fixed urgently, but you don't have the direct dial phone number associated with that circuit ID. Obtain the phone number for the circuit.
Step 6: Using a reverse number lookup, determine the street address of the person in question.
Step 7: Drive to the address in question.
Step 8: Lift the prints from the person's doorknob.
Step 9: Construct a negative impression using photoresist on copper.
Step 10: Construct a positive using gelatin or silicone.
Step 11: Wait for a murder to occur. Use social engineering techniques to find out the model of handgun used.
Step 12: Purchase a similar model of handgun and file off the serial numbers.
Step 13: Use the gelatin fingertips to leave conspicuous fingerprints on the weapon, fire it several times, then leave it in the thief's car.
Step 14: Place an anonymous tip call from a pay phone near the house (use gloves), then leave the city for a few days.
Step 15: Wait for the police to arrest the thief.
Step 16: Break into the person's house that night and take your stolen laptop back.
Now that is how it's done.
Re: (Score:3, Funny)
Step 17 (Score:3, Funny)
Step 17: Put on sunglasses and scream YYEEEAAAAAAHHHHHHH
Re: (Score:3, Insightful)
Call your local news network. It'll be a nice feel good story about the internet if they can get your laptop back
Re: (Score:3, Insightful)
The current user may not be the criminal, just some guy who bought a computer second hand. When I bought mine through ebay it came with plenty of files and apps installed, people don't bother to clean that up, so he may not have realized he bought a stolen computer.
Re:Report it to the Univeristy's judicial board... (Score:4, Informative)
The purchase of stolen merchandise is being an accessory to the crime itself, unless you can provably argue that there was no criminal intent in the purchase of that item. That would still require you to get a paper trail (as the owner of a 2nd hand computer that is stolen property) to document just who you got that computer from and to demonstrate in a provable fashion that you had no idea that the merchandise was stolen.
Buying from a pawn shop is such a proof, but then again the pawn brokers routinely register the serial numbers of everything they buy and require photo identification associated with that purchase. Those pawn brokers who don't can and often do end up in jail.
If you are buying something from another person, you had better trust their reputation enough to know if you are purchasing something stolen or not. If you have knowledge of a past criminal history with a friend, buy something from them that you aren't sure they got legally, you would simply be screwed if you just happen to be in possession of that stolen property.
Regardless, even if you can prove that you were acting on good faith to buy the stolen merchandise, it can still be confiscated from you and your only recourse to get your money back (if you paid money for it) is to sue the person who sold it to you as a breech of contract. Presuming that you have ratted them out, a friend sitting in jail is not likely to have much money to give to you in that situation either.
"Kind of deserved it"??! (Score:4, Insightful)
I think CorporalKlinger needs to learn the first rule of owning tech devices - don't leave them unattended in a car. If you can't observe basic security of your own devices then you kind of deserve to have it stolen.
Never leave anything in the car unattended. Hmmm. So, by that logic you can then never leave the car itself unattended, because you are asking to have it stolen?
You forgot to remind them that they shouldn't dress in any way that another person might find sexy, because then they "kind of deserve to" be raped.
(not sure if CorporalKlinger is female or just wears women's clothes)
Re: (Score:3, Interesting)
It isn't really a strawman. You were blaming the victim. He's pointing out other common examples of victim-blaming.
Re:"Kind of deserved it"??! (Score:4, Insightful)
heya,
Yeah, I have to say, sortius_nod that you are being a bit of a tool here, mate.
Look, while I normally advocate that people need to take responsibility for their actions - this isn't like he left his house unlocked or something. He locked his car, it just so happened they probably smashed the window and got in and started searching for things.
I have absolutely no respect for people like that, and I really hope he does find them, and they have to face a court and explain why they stole.
The victim here is obviously happy to do legwork to get his belongings back, and it's not like he came here to whine about how unfair it was - he simply came here for advice, so the nice thing to do is to offer him whatever help we can.
Cheers,
Victor
Post the IP address (Score:5, Interesting)
Then maybe somebody here will have something close enough for you to be able to identify the ISP.
Re:Post the IP address (Score:5, Informative)
Here's the IP: 208.102 (DOT) 223.137
I split it up so auto-filters and bots wouldn't find it.
Thank you everyone and anyone who may be on the inside of 'Ma Bell who can help me track this thief down. I apologize if this is a TOS violation for Slashdot, but I am really at wit's end and have PROOF that this is the IP that's violating my account. I need your help.
Re: (Score:3, Informative)
208.102.223.137 resolves to
"MW-ESR1-208-102-223-137.fuse.net"
Administrative Contact, Technical Contact:
Hostmaster, Fuse hostmaster@fuse.net
Fuse Internet Access
Cincinnati Bell Telephone
209 W. Seventh St., 121-550
Cincinnati, OH 45202
US
Re:Post the IP address (Score:5, Funny)
Post his IP address on 4chan, not here. Within minutes, they'll have his name, address, mother's maiden name, his high school yearbook picture photoshopped onto longcat, 50 pizza delivery guys on the way to his place, and the FBI at this guy's door to search his (your) laptop for child animal porn. ...or maybe that's not such a good idea.
Re: (Score:3, Insightful)
Don't do this. I know of a few chans that could definitely get dox on that guy: I've seen them social engineer contact, even billing, information out of ISPs. Heck, during the opening days of the Anon vs Scientology thing, before the protesters took over, I saw people obtain secret Scientology documents through a combination of hacking and social engineering. They could definitely get that info. However, in your case, you want something that's permissible in a court of law. So you can't go with any illegal
Re:Post the IP address (Score:5, Funny)
OMG, we tracerouted the IP address and it's coming from upstairs!
Re:Post the IP address (Score:4, Informative)
Re:Post the IP address (Score:5, Informative)
OK, That IP address resolves to New Richmond outside CIncinatti. http://geotool.flagfox.net/ [flagfox.net]
Call the New RIchmond Police: 102 Willow Street New Richmond, OH 45157-1354 (513) 553-2001
You're welcome
ping! it's online. (Score:3, Informative)
ping 208.102.223.137
PING 208.102.223.137 (208.102.223.137): 56 data bytes
64 bytes from 208.102.223.137: icmp_seq=0 ttl=49 time=91.270 ms
64 bytes from 208.102.223.137: icmp_seq=1 ttl=49 time=102.547 ms
64 bytes from 208.102.223.137: icmp_seq=2 ttl=49 time=85.332 ms
64 bytes from 208.102.223.137: icmp_seq=3 ttl=49 time=91.327 ms
traceroute to 208.102.223.137 (208.102.223.137), 64 hops max, 52 byte packets
7 pos-0-10-0-0-cr01.denver.co.ibone.comcast.net (68.86.86.22) 44.308 ms 36.699 ms 26.050 ms
It's in Batavia OH, Lat 39.0972 -84.1225 (Score:3, Informative)
http://www.infosniper.net/index.php?ip_address=208.102.223.137 [infosniper.net]
hostname: mw-esr1-208-102-223-137.fuse.net
google maps for: Lat 39.0972 -84.1225 (Score:4, Informative)
http://www.gorissen.info/Pierre/maps/googleMapLocation.php?lat=39.0972&lon=-84.1225&setLatLon=Set [gorissen.info]
there you go, it's on Bauer rd near the intersection with 276 in Batavia Ohio. Assuming the infosniper geolocater is working.
Re: (Score:3, Insightful)
You can safely assume that it isn't. Just try entering your own IP address and see what it finds. It's likely to get the state right, but that's about it.
(Or, if you can't be bothered, remember all the targeted ads you've seen online that seem to think you live in Lustville, when in reality you live in Lackawanna).
In my case, it misses by about half the state, and no, it doesn't guess anywhere near where the ISP is either. My guess is that it's the address of
Re:Post the IP address (Score:5, Funny)
I don't think you can do much, and the sooner you put this sorry episode behind you the better.
Agreed. On an entirely unrelated note: I just got this new Dell laptop and it seems to be going to off to an e-mail server somewhere. Anybody have any idea how to make it stop doing that?
Re:Post the IP address (Score:5, Insightful)
And then, have you considered that the person in possession of the laptop may not be the one who stole it? It could be he bought off eBay and for whatever reason, is examing what's on the hard drive.
So? It's still the poster's laptop, and he has a right to try to get it back. The person who bought it, if that's what they did, bought stolen property, and will have to take that issue up with the seller. Of course, the seller will be busy dealing with the police.
Just because another innocent person may have gotten involved, doesn't mean the poster shouldn't attempt to regain his rightful property and bring the criminal to justice.
Re:Post the IP address (Score:5, Interesting)
Go ahead and email your credit card info to that email. Once they use the card - assuming they are stupid which thieves usually are - you will have the address to where they send stuff too. Also, now they have committed credit card fraud (not sure if using someone's credit card - therefore pretending to be that person - also counts as identity theft.)
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
heya,
You realise that buying stolen property is err...a crime? Lol. Saying, "but officer, I bought it off this guy in the back of a van, he looked legit, I swear!" is not an admissible defense. As an above (more knowledgeable) posted, you've just made yourself an accessory to a crime.
So yeah, say he somehow didn't know it's a stolen box - the onus is on him to provide a paper trail to the police and prove he didn't. I mean, you buy a laptop from BestBuy - you get a receipt. You buy it from a pawnshop - you
Re: (Score:3, Funny)
I have Viking relatives in Batavia, but I don't know any of their names. Dammit!
Re: (Score:3, Insightful)
Not this -- The thief will simply sell the laptop making it harder to track, you're better off not tipping your hand until you have your hands around them.
This is what pisses me off about police (Score:5, Insightful)
Re:This is what pisses me off about police (Score:5, Insightful)
You don't know the half of it.
A couple years back, I worked at a place once that dealt in video games and consoles and an older customer came in and stole an X-Box. This guy was about 6ft 8 inches and pretty big. We let him get away cause hell, we had his name, we had his phone number, we had witnesses, and we even had him on camera. You can't get more open and shut than that.
Well, I was calling the cops once every couple of days after I reported him to see if they had got started on it. After about 2 weeks, they told me that they weren't going to do anything about it. They said that unless he stole over a thousand dollars worth of stuff it wasn't even worth it to assign it to an officer regardless of how much information we had. I actually did a reverse phone number search of his cell phone number and told them the provider so they could use it for his address if the fact we had his name, description and photo wasn't enough.
After that, from that point on, the cops became the last people I call unless I can get the media involved. I call friends and family first now otherwise, street justice is about the only justice you can get without having cash or influence.
Re: (Score:3, Insightful)
I once worked somewhere that we had the networks attacked, phone lines cut, and other kinds of harassment by a competitor. The local cops said they wouldn't do anything because it involved technology. The FBI said they wouldn't do anything because the damages weren't over a million dollars.
Re: (Score:3, Insightful)
If the police don't do anything when given all the info needed to bust someone, they're not going to do anything at all, ever. If you ask them why, they answer you that they're "too busy". As a result, cases go unsolved. The crooks know it; so they get away with it. As a result, crime rises, and the police are now *even busier*. So basically the police are simply letting crime spiral out of control.
We seriously need Batm
IP not precise enougn (Score:5, Informative)
That IP could be behind a router at a School or Library with thousands of computers behind it.
There is no way to determine who is leasing that IP without forcing ip block owner to cough up records. That will probably take a court order, and they won't tell you, (fearing you will show up gun in hand).
If you get a court order they will tell the local authorities in the jurisdiction where the IP resides. That could be any one of 20 different police departments if it is in an urban area.
But if you can track it to a specific area, (traceroute is your friend), you might get a cop from an small not too busy department to go out and check the address.
I say MIGHT.
Busy departments will laugh you off and tell you to file an insurance claim.
Replevin (Score:5, Informative)
See if you can file a civil replevin action against John Doe to recover the laptop. That will give you the ability to issue subpoenas to trace the IP address. Once you have the identity of the thief, report the information to both the campus police (for the theft) and to the local police (for possession of stolen property). Good luck!
Re:Replevin (Score:4, Insightful)
Use your email (Score:5, Insightful)
Obviously they've launched Thunderbird, so they are possibly interested in gleaning whatever information they can in that way. You could try sending a trojan to your account in the hopes that they run it, in order to open some remote access to your machine. Perhaps based on their web browsing history, etc, you can determine more specifically who they are.
Also note that the person may have purchased your laptop unaware that it was stolen.
Re:Use your email (Score:4, Funny)
I have my computer where I can remote into it. If some fool dares steal my laptop. I'll remote in and send a email bomb threat to the person's local municipalities from the persons laptop. Wait 2 days then watch CNN to find out which dumb ass stole my laptop.
Let us take care of it (Score:3, Insightful)
Sometimes you just have to let the system work.
Re: (Score:3, Funny)
Because you should trust a story written on the Internet enough to assault a stranger.
If you do most of the work... (Score:3, Informative)
the school cops may be more willing to help
This site claims to get it down to the ISP or provider:
http://www.ip-adress.com/ip_tracer/ [ip-adress.com]
SO, then you would have to look up your local laws and what is needed to identify the person or block that the IP is assigned to. Next, you have to start "kicking down doors" (it might take a few) and recover your property in a stunning raid.
Probably not, get an encrypted hard drive on your next laptop so that it just becomes a brick for anybody that takes it
Re:If you do most of the work... (Score:5, Interesting)
Re: (Score:3, Funny)
I'm not going to post the IP address here since that probably violates the TOS of Slashdot or something...
Uhhh... wut? [slashdot.org] You have a real short memory, bud.
Re: (Score:3, Insightful)
Someone mod this up.
It's a slightly complicated attack but has a real chance of working: Setup a web page that uses browser geolocation features (and saves the locations somewhere), send the url as email to the thief with a good enough story, hope the thief uses a new Firefox and bingo: you have the coordinates from Google Geolocation service. This may be just IP based location but it could be wifi location as well -- it should be easy enough to test which it is.
Easy as Pi (Score:5, Funny)
Simply create a GUI interface using Visual Basic to track his IP address [youtube.com].
Report it to Dell (Score:5, Informative)
Re:Report it to Dell (Score:4, Funny)
And that's different from how they'll act if you don't report it exactly how?
I have cases like this a lot (Score:5, Informative)
I'm a cybercrimes detective and computer forensics examiner in a Sheriff's Department and do this all the time. It simply requires a subpoena to the ISP that the IP address returns to. If the campus police and city police won't do it, try your county or state police agencies (both which also have jurisdiction). In my state, all police officers have power anywhere in the state and I could "technically" investigate and/or charge anyone with a crime anywhere in the state. We just don't typically do this because it's stepping on each other's toes. As a county officer though, I frequently investigate crimes involving cases inside city or town limits if that agency doesn't have the capability. If the IP address ends up being from another state, we just contact the local police there to ask for their assistance.
Keep asking and ask to talk to a supervisor if they are not helping as much as you would like. While there is no obligation from a police agency to necessarily do everything they can on a property crime, most department heads will do what they can to keep the public happy.
Like others have said though, you may simply get a return to a campus, business, or open wireless network.
Good luck.
Re: (Score:3, Informative)
You don't need jurisdiction to investigate it. You send out the subpoena, the ISP responds, and you then contact the local police there to investigate further. Most states also allow prosecution of Internet crimes in either the place of the victim OR suspect. Not to mention, the original theft occurred where the victim is at...
Re:I have cases like this a lot (Score:5, Insightful)
If he's getting into the person's gmail account, it most certainly is. It's called "computer trespass" in my state.
But hey, don't take my word for it. I just do it 40 hours per week...
Re:I have cases like this a lot (Score:5, Funny)
Re: (Score:3, Interesting)
Well it depends on the agency. For most agencies in my area, you start off as a patrol officer and work your way up. A degree in an IT field or similar will help you stand out, although not always required. Then get ready for LOTS of schools to learn the methodology to not only get the information you're looking for, but to then prepare it for court.
I know that some agencies in other areas hire non-sworn personnel for computer forensics experts (typically larger departments). Also, the FBI has civilian
Civil action (Score:5, Interesting)
Not legal advice, but you might consider that there is not only a criminal case against the thief, but also a civil case. If you want it back badly enough, you may be able to get a local lawyer to initiate a civil action against the John Doe and subpoena the university to get the identity of the person in possession of the laptop (you could also do this yourself, but it could be very easy for a non-lawyer to make a fatal mistake when going up against the general counsel of a university to enforce the subpoena, assuming they don't just give in, so I don't really think I'd recommend it). That not only identifies who it is so that you could potentially get it returned through the civil court system, it also may increase the likelihood of the police doing something.
Re: (Score:3, Insightful)
Btw, the police doing something is not always the best option. Half the time they will try to nail YOU for something you did on that laptop, be that having some hacked software or pornography. It's an unfortunate state of affairs in this country.
Change the nature of the action (Score:5, Insightful)
It's not just theft of the laptop,
They have illegally used Thunderbird to gain access to your e-mail account.
That means they have gained access to both the laptop and your e-mail account without authorization.
Maybe you don't need to stop with the police. File a suitable civil action, and get a court order to compel the ISP to reveal the information.
Not just theft of property, but gaining access to 2 computer systems without authorization, aka 2 accounts of computer fraud and abuse, AND 1 count of theft/conversion.
Re:Change the nature of the action (Score:5, Insightful)
You just need to be more interesting (Score:3, Insightful)
Threaten them (Score:4, Interesting)
You have an IP, you have a vague location, and you have an e-mail address that the perp is likely reading. If you can't get law enforcement to do anything about it, and all else fails, they don't have to know that. Send an e-mail telling them that the laptop they are using is stolen property, you have the IP address, which can be used to track their exact location, then give them the location info that you have been able to track. Tell them that you are giving them one chance to respond personally and arrange for return of the stolen property before you contact the authorities to have them arrested. Remind them of the severe criminal penalties for such a theft, and you can even throw in some digital crime mumbo-jumbo (which may or may not actually be prosecutable), to trump up the charges to felony.
The ability to communicate with the possible thief (or eventual owner) is a powerful thing, so if you can't find any other route, don't waste that chance. If it's already been resold, then the new owner may be more than willing to negotiate a return. I had my laptop stolen early last year, and after endlessly calling pawn shops, scouring Craigslist and Ebay for months, we finally gave up. I was perfectly willing to take matters in to my own hands if I saw it turn up on ebay or craigslist, knowing full well that the local Police as much as admitted there was little they could do about it.
step 1? (Score:3, Interesting)
what's the ip address? you could post it here and get some "help" in more ways than one.
Setting that aside for the moment, the first thing you should be doing is tracerouting the ip address and doing a lookup on it also to see who owns it. That should get you a geographic location and a contact. Figure out who the ISP is and contact them directly. They are almost guaranteed to say they won't give you customer information, expect that. BUT, they are almost certainly used to these sorts of things already, and will know the name and number of their local police department or sheriff you need to contact to GET that request. (THEFT if a matter of jurisdiction, but possession of stolen property is a local matter) Sometimes the ISP requires a subpoena, sometimes they're used to it enough that a fax from the local sheriff on their letterhead will do the trick. Usually they won't give YOU the information, but they will give it to the law enforcement agent. Hopefully, if it was the one the isp recommended to you in the first place, that should be a person experienced in handing this sort of issue, knows what an IP address is etc, and can at least somewhat sympathize with your situation.
All that considered, you may still be crap out of luck if it turns out to be the open wifi at Starbucks. But then again it may pull up a specific home address somewhere. (most thieves are less technical than the police you've been dealing with, and don't forget it's entirely possible your computer has already been sold and is in the hands of a soccer mom or a friend of the thief or through a pawn shop already) Be sure you have EXACT DATE AND TIME to go with the IP addresses, since DHCP leases on cable modems expire and change from time to time. The ISP SHOULD have record of who had what IP when, but don't bet the farm on them keeping that information indefinitely, so you need to act fast. It's very challenging, although possible, to track down a wifi user.
Bonus info: nmap has a very nice OS fingerprint feature that can often guess what is at the end of an ip address. It may say something like "busybox linux vers xxx" indicating a router. or it may say "Mac OS X 10.5" or it may say "windows xp sp 1" etc. If it gives a computer and not a router, you can think more positive.
My laptop security (Score:5, Interesting)
My Mac Powerbook takes a picture every time it wakes up or is rebooted, then stores the picture. If there is a network connection, (any stored) pics are emailed to me along with a text containing the IP and timestamp, then the pics are deleted from the Mac. While it's likely that someone may disable this feature, it's unlikely that it will be before it gives me what I need to find them. In other news, anyone want to buy a couple thousand candid pictures of me (and some other people) opening my laptop?
Re: (Score:3, Interesting)
just curious, how did you set this up?
Re: (Score:3, Informative)
I have tried a number of utilities. The most effective daemon has been sleepwatcher from http://www.bernhard-baehr.de/ [bernhard-baehr.de]
// Process item looks like:
/usr/local/sbin/sleepwatcher -d -V -s /etc/rc.sleep -w /etc/rc.wakeup
Which basically just runs a ~/.wakeup or ~/.sleep if it exists.
That bash script ~/.wakeup is where I do data collection;this is a rough approximation:
// Google iSightCapture
/sbin/iSightCapture /output/file
// This gets the OS to try all hardline/wifi networks, which it doesnt have after waking
File a civil suit for discovery of the IP address (Score:3, Interesting)
You can handle this outside of the criminal justice process for a fair amount of the process.
File a civil suit against "Joe Doe and Does 1 to N, etc." (just like the RIAA) for theft of private property and asking for a judgement ordering the return of the property, etc. In tandem with that, file a request for a subpoena with the ISP to whom this IP belongs for the associated address.
Because the filing of the suit, getting the subpoena, etc., is going to take some time, you should send a letter to the ISP informing them that the subpoena will be coming shortly and that you are informing them of their responsibility to preserve evidence in a pending civil suit.
Once you have the name and address of the party in question, you should do two things:
First, file a formal criminal complaint with the local police and DA concerning stolen property which is being used in their jurisdiction. The original theft may not be their concern, but the receipt of stolen property is there concern.
Second, file a request for in civil court for an order requiring the return of stolen property at address X. Once you have this court order, you can go and get a sheriff (usually at a cost to you) to accompany you to this address and force them to open up and show you it isn't there.
Too often people forget their are parallel legal systems - civil and criminal - in this country and fail to realize that they have control. The RIAA does and takes advantage of it. Why shouldn't you?
Laptops aren't worth enough money (Score:3, Insightful)
Frankly, the cops have better things to do.
Buy a new laptop and move on. And don't leave it in your car, which is *unbelievably* stupid. Consider it a lesson.
The Broken Window Principle (Score:3, Insightful)
Its the FBI's Job (Score:3, Interesting)
Just make sure police/FBI has records (Score:3, Insightful)
This is for all portable stuff with connectivity getting stolen: Make sure the device serial number/IMEI (cell phones) is recorded somewhere officially.
Those guys who doesn't have a slightest clue about IP address can get really smart if a crime (worse than stealing) takes place with that particular device.
I know some people doesn't take their time reporting and it is like a time bomb waiting to happen. For example, what happens if that unreported cheap cell phone is used by a major drug dealer? It would really take time and money to explain the situation in that case.
Mine was stolen and I got it back, here's how: (Score:5, Interesting)
I actually just went through this exact situation a week ago. Here's my story and how I was able to get the computer back with the cops' help. My country (Canada) works very similar to most US states so hopefully this will help you.
Our outfit is into tech in a big way. We are all scientists of some sort and up and up on O/S, security and the latest tech gizmos. When my boss wanted to upgrade his systems to dual Macbook Pros, we immediately setup s mirroring system where he could be perpetually synchronized between his office and home with automated backups to the university servers. We had a script I had written to do much of this along with posting an IP address every hour in 24 blocks. We also were using Log Me In so that he could remote control his systems. The server ran on startup and wasn't viewable in the taskbar as my boss hates clutter.
Anyhow, we had two separate systems that were capable of posting IP addresses when online.
Three days after the theft we started getting IP writes in the logs.
The first and major things we both had to do was 1) restrain ourselves from doing absolutely anything to jeopardize the comp from going offline 2) contact the police immediately with the IP information.
Before we contacted the police again, I had determined where the IP was coming from (a home account from a major ISP). We waited another three days, consistently getting the same IP posting. We then went back to the police. Like the OP, they view a computer theft as insignificant given their work load. They saw a wealthy scientist ($500k/year) who had lost out on a $5000 laptop (Macbook Pro 17" with all the fixins) containing $30k of specialized software (and we had the discs of course to reload) a digital project worth $1.5k and a few other smaller items. Even though this was over $5000 (which is like a felony in Canada), they simply weren't able to provide us with much help. They knew what a computer was and even an IP but after that they were deers in headlights. I requested to speak with someone in their cyber-crimes division and I was told that because of the G8 and G20, I was out of luck there.
Not unlike research institutes and universities world-wide, this police department fought for funds internally and also internally, departments would "pay" other departments for work. In this case, because it would be a "special favour," during an immensely chaotic time for our police forces because of the heads of states well, they simply said no to all those requests.
Here is where things got both fun and tricky but I think could work for the OP.
A consistent IP can easily be traced to the ISP. If the IP is consistent over a select period of time, a motion can be filed before a judge and a warrant issued to get the personal information of the person owning said account. I happen to be a trained lawyer, so the detectives were really open to what I was suggesting, and since I also happen to be a computer scientist who does research into security as well as other things, they viewed me as an expert in the field. The first warrant was sought and granted within two days of us suggesting this avenue. This is your first MAJOR task and one that will be the most fruitful.
Legally, I was able to log into the stolen computer without comprising any investigation because I was about to be "contracted" by the police department to do what their cyber-crime division wouldn't do but could: gain network access and collect as much data as possible.
I did this and eventually worked around the router (a joke given the default settings that existed) and then the grey area began where we required another warrant: checking out the other comps on the network. While the search warrant was being issued for this, a SECOND warrant (and really the only other one we needed) was being issued to search the premises the cops received via the ISP. The IP had been consistently posting with the same address over 10 days and staying online for 6-10 hours at a time. I could hav
IP address tracked to name,address,phone (Score:5, Informative)
Please contact Rick Wagner by email at wagner@fuse.net or hostmaster@fuse.net , or phone at +1-513-397-6598 or +1-800-387-3638.
I talked to Dick and he said he will be happy to assist you.
and plan better for the next time. (Score:5, Informative)
Maybe I'm paranoid. Or maybe I just really want to reign hell down on whom ever steals my laptop.
First, most thieves are dumb, they're not going to wipe it. They're going to sell it as fast as possible to get cash.
All of this is free and open source and should work on Mac and Linux, not sure how to create services in Windows.
1) Prey Project [preyproject.com]. An OSS theft recovery tool. Uses google geo location, web camera if it comes installed.
2) AutoSSH [wikipedia.org]. I have an autossh run as a service that creates a link between my home router and my laptop. ssh -R 2222:127.0.0.1:22 home.example.com. So no matter where I leave my laptop, if it can get out to the internet, I can ssh into it from my home router.
3) OpenVPN [openvpn.net]. AutoSSH * 10. No matter where my laptop is, it IS no my home network. Leave it at a friend's house.
4) Keylogger. [google.com]. I have a launchd (cron) set up to sftp me the log every day and then restart the log.
So now I know: 1) Where my laptop is and possibly have a photo of who is using it. 2 & 3) Can access my laptop and play fun tricks [macosxhints.com] 4) Know exactly what said person is up to and when they login to gmail, facebook, etc. I have their passwords.
Sadly my laptop hasn't been stolen yet.
Re: (Score:3, Funny)
Re:This is why you have insurance. (Score:4, Insightful)
Maybe it's his insurance company he should be contacting anyway. They may do their own investigation based on your evidence because they don't want to have to pay a claim. They may have a little more clout than the average citizen too.
Re: (Score:3, Insightful)