HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 40 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Otherarrow Got IP Address of Hacker, Now What?
EH-Net
May 23, 2013, 03:59:54 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Got IP Address of Hacker, Now What?  (Read 5903 times)
0 Members and 1 Guest are viewing this topic.
Doyle
Newbie
*
Offline Offline

Posts: 1


View Profile
« on: September 21, 2009, 11:38:34 AM »
Hello everyone.  So I have LogMeIn to access my work computer from home and somehow someone got the login and password of it and also the login/password of my computer at work.  They accessed my work computer from LogMeIn and tried to access some payroll files.  I got the persons IP address and have somewhat of an idea who it was, but cannot prove it.  What can I do with this IP address in order to know for sure whether or not it was the person I believe did this?
« Last Edit: September 21, 2009, 09:30:47 PM by Doyle » Logged
nebu10uz
Sr. Member
****
Offline Offline

Posts: 368



View Profile WWW
« Reply #1 on: September 21, 2009, 11:48:26 AM »
If it's a public IP address you can do a whois on it in order to find out the ISP that owns the IP. After obtaining this info you need to contact the ISP, however, you will probably need to provide a subpoena if you want to find out the person that used the IP at the specified date/time that the person logged onto your work computer.
Logged
Security+, OSCP, CEH
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #2 on: September 21, 2009, 12:20:05 PM »
If you need some contact information for the appropriate contact at the ISP to receive the subpoena, you can use the following URL:

http://www.search.org/programs/hightech/isp/default.asp
Logged
~~~~~~~~~~~~~~
Ketchup
former33t
Full Member
***
Offline Offline

Posts: 226


View Profile
« Reply #3 on: September 21, 2009, 12:25:29 PM »
To add to the above, you will likely not be able to get a subpoena without involvement of your legal counsel (or law enforcement).  In my experience, law enforcement will not get involved unless there are threats of bodily injury or you can demonstrate substantial financial loss.

If you do not pursue the criminal aspect, there are still civil remedies for losses suffered.  You will need your legal counsel to get a subpoena then (through the courts).  You have a limited time to act as most ISP's only keep IP/username correlations information for 30 days.

Good luck.  This is not something that is easily done by non-professionals.  You have a tough road ahead.
Logged
Certifications: CREA, MCSE: Security, CCNA, Security+, other junk
carboncopy
Newbie
*
Offline Offline

Posts: 10


View Profile
« Reply #4 on: October 20, 2009, 02:37:48 AM »
http://www.usdoj.gov/criminal/cybercrime/reporting.htm
Logged
nightmare44
Newbie
*
Offline Offline

Posts: 10


View Profile
« Reply #5 on: October 20, 2009, 08:51:51 AM »
Not to mention if he/she hopped through proxies...
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.415 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.