What's new
  • ICMag with help from Landrace Warden and The Vault is running a NEW contest in November! You can check it here. Prizes are seeds & forum premium access. Come join in!

Advanced Computer Security: How to Remove and Sever the Trail of Evidence

R

real food

Member
if peeps are smart enough to have a commercial grow im sure they are smart enough to not surf on a connection tied to that address or their real name or address.. its that simple...

If they get a new router they will have to spoof the MAC on the one the ISP gave them, to access the net in most cases, you gonna teach them to do that or refund their money for the new router when they cant get online?

If you do surf and post commercial grow photos at any address, I suggest you use a VPN provider thats homed in another country such as Holland.

That way all your youtube, google, email, bank, everything else that says who you really are is securely tunneled, hidden from the ISP eyes.
 
dreadvik

dreadvik

Active member
real food said:
if peeps are smart enough to have a commercial grow im sure they are smart enough to not surf on a connection tied to that address or their real name or address.. its that simple...

If they get a new router they will have to spoof the MAC on the one the ISP gave them, to access the net in most cases, you gonna teach them to do that or refund their money for the new router when they cant get online?
Click to expand...

Firstly you would hope so but seems not if you read the papers and see how some of these commercials get busted. Not sure how easy it is to get a phone line here without very good docs tho.

No need to spoof the of the old router MAC unless the ISP has to have it on a permit list but if they do that your not ditching the MAC linked to your account and contact details so as I said before you need to move ISP :) No need for a refund you use the purchased equipment at an ISP that is not so anal, most of them that do this suck anyway :) You live with the downtime for the fact you don't read so good ;)

Your VPN tunnel is just a secure proxy mentioned previously. Does the text just blur for you? ;)
 
P

Preacharound

New member
real food said:
wrong, call your isp now and ask them what your computers MAC is..or your wifi SSID...

They will tell you...

Go in your ISP provided router and look, BAM all connected devices are listed with MAC, you think ISP cant see?.

They run a network and need the info many reasons..

They see way more details about you than you even know to look for...

Its their JOB
Click to expand...

I edited this post because I reread what real food said and I agree. Thought he was saying that MACs couldn't be traced but my reading comprehension was never my strong point. lol.

Right on man. Your ISP has all that info. I don't know if your MAC is cataloged by them in a DB somewhere but it's probable. But I know for a fact that companies have been subpoenaed to provide information.
 
G

growcodile

hey preacharound, would you pls line out roughly how you would be able to get MAC from IP ?
 
P

Preacharound

New member
growcodile said:
hey preacharound, would you pls line out roughly how you would be able to get MAC from IP ?
Click to expand...

If i were an end user i'd probably use something like this

http://lizardsystems.com/find-mac-address/

There are a ton of warez out there and i've never tried that one I linked. It was just the first that popped up in a google search.

Now with your MAC I could contact the manufacturer of your hardware and try to retrieve your info but as a civilian it would be very very tough.

When you are banned from a forum or internet service, usually it's your MAC address that's used to ban you because this number is unique and static.

It's just something to consider. You probably won't ever be identified by your MAC address but it belongs in this thread, no question.
 
dreadvik

dreadvik

Active member
@growcodile: Open a command window and type arp (works for linux and win) look for the IP you need the MAC for. You need to be on the local network of that network interface though so the users local LAN for his clients MAC or on the ISP L2 network segment all the users connect to for their routers MAC. If you never registered either of these to your person or where gifted them by the ISP you have no security issue of course :)
 
G

growcodile

dreadvik said:
@growcodile: Open a command window and type arp (works for linux and win) look for the IP you need the MAC for. You need to be on the local network of that network interface though so the users local LAN for his clients MAC or on the ISP L2 network segment all the users connect to for their routers MAC. If you never registered either of these to your person or where gifted them by the ISP you have no security issue of course :)
Click to expand...

ty dreadvik :tiphat:
i was asking preacharound because he said

When you are banned from a forum or internet service, usually it's your MAC address that's used to ban you because this number is unique and static.
Click to expand...

imho your ISP can ban your MAC from his ISP network access ok .. but for example ICMAG banning you by your MAC ? this wont work except you are on the local network of ICMAG .. then i had to say .. WTF ?!?!?! ;-)
 
Crake

Crake

Member
-~Wind Walker~- said:
Crake and others,

Thanks for the info. Bookmarked the thread.

When I was in the command prompt I tried the "ipconfig /flushdns" command and received this response: "The requested operation requires elevation."

How do I resolve this?

TY

-~WW~-
Click to expand...

Hey Wind Walker, thanks for joining the discussion. Sounds like you aren't running as an administrator on your account! You'll need to change your account type to administrator, which means you'll probably need to log into an administrator account. Hope that helps. Cheers
 
Crake

Crake

Member
dreadvik said:
Crake,

Think that MAC stuff should get added under connection equipment or some such I reckon :)

Might also be worth talking about data exposure. This could be protocols that reveal information about the user of the machine that are open to the public, from samba to websites. Just incase they are trying to link a IP to a person where the ISP has inadequate logging or they don't have enough for a warrant yet. They could possibly get profiles off other sites you visit with this IP too so again use a secure proxy method for all browsing etc. Probably all pretty obvious though but I dunno :) Probably comes near to talking about firewalls, I think you did?
Click to expand...
dreadvik, awesome--I'm learning tons about IT here. I agree that this is worth mentioning but I still need some clarification about the MAC address. The ISP is privy to the MAC address(es) of the machines that connect to their modems, apparently? So we can assume the MAC is then exposed to the ISP, but is it exposed to the internet? I assume not, but need some clarification here please!
 
D

djnz

New member
Crake said:
dreadvik, awesome--I'm learning tons about IT here. I agree that this is worth mentioning but I still need some clarification about the MAC address. The ISP is privy to the MAC address(es) of the machines that connect to their modems, apparently? So we can assume the MAC is then exposed to the ISP, but is it exposed to the internet? I assume not, but need some clarification here please!
Click to expand...
I would not worry about MAC addresses unless you're intruding on someone elses internet connection. Say, if you were connecting to an open WIFI, you'd want to spoof/change your MAC address, as it could otherwise link you to the intrusion.
Trying to hide yourself from your own ISP is pointless. They already know who you are :)

MAC addresses are not used in the internet protocol, you can see the content of an IP packet header here: http://www.networksorcery.com/enp/protocol/ip.htm

Using an encrypting proxy (ie. tor) and stripping sensitive HTTP header fields (ie. privoxy) is probably the best security most can get. In terms of internet connectivity.
Local security is a different animal and a LOT more work, and knowledge, is required to keep a computer forensically clean.
 
Yes4Prop215

Yes4Prop215

Active member
Veteran
so yahoo could give them an IP address which gives my address...even if i use a IP blocker that changes my IP everytime i log in?
 
Crake

Crake

Member
Yes4Prop215 said:
so yahoo could give them an IP address which gives my address...even if i use a IP blocker that changes my IP everytime i log in?
Click to expand...

Using a proxy like Tor can give you a substantial layer of anonymity in this situation.

The IP you would leave wouldn't be yours. I'm not 100% certain on how Tor routes IPs, and whether or not there is any record of IPs at the nodes between you and the "exposed" IP. You'd have to check into that yourself. I'd say that for general purposes, you can feel almost 100% safe. However, if you're doing something egregiously heinous, authorities may have enough pull to figure out who you are.
 
InlineMax

InlineMax

Member
I have a question about uploading pictures here. Does IC log the directory the files were uploaded from?

Also, is posting from a different IP enough to keep myself safe or is there some way to track which computer is logging in no matter which IP?

When lurking, your IP is logged but there must be millions of them a day coming to this site, how likely is it that that info will be found?

Thanks for this guide by the way, its great the way people bring their professional knowledge to this site and share.
 
You must log in or register to reply here.

Latest posts

Latest posts

Top