mgs
[Top] [All Lists]

RE: End of the year awards... Message CAN be traced! NO MG

To: "Simon Matthews" <simon_atwork@hotmail.com>, <mgs@autox.team.net>
Subject: RE: End of the year awards... Message CAN be traced! NO MG
From: "Jerry Erbesfield" <jerbesfield@mediaone.net>
Date: Wed, 2 Jan 2002 18:54:08 -0500
Simon:

You are in fact probably correct about the header info for this one specific
"Awards Committee" message. I never investigated it and my intent never was
to trace this one specific message but rather to just use it as an example
(as stated) and to publicize the fact that tracing e-mail IS very possible
through various means, of which you have added to the information bank on
how to do it with your response here. All I was trying to do was to
discourage this person and/or others from doing this again, by publicizing
the fact that e-mail CAN be traced if necessary.

To be honest, I don't believe that any ISP would go to the trouble of
becoming involved for something as relatively minor as this "Awards
Committee" message was anyhow. They usually reserve their extended efforts
for really bad porn, smut, spam, libelous or raciest statements and the
like. While this message hurts feelings and is in bad taste otherwise, I
don't believe that this message fits those parameters.

You are NOT accurate on what you said about DHCP though. The very nature of
DHCP is the assignment of an IP address, from a pool, each time a new
connection is made. While, by the luck of the draw, the same IP address
maybe could come up twice in a row, depending on how large or small the pool
is and how many users, more often than not a different (random) number will
be assigned at each connection.

Most major ISP's (at least those that I've had experience with) use DHCP and
a few offer a static IP address only as an extra cost option. I am sure that
there are differences in geographic areas and between ISP's, but in general,
this is how I know it to work in our area.

My department (300 + computers) supports multiple dialup accounts from
various ISP's all over our Atlanta, Georgia metro area (150 mile service
area driving end to end) and I can tell you, beyond a shadow of a doubt,
from actual hands on experience, that ALL of our dialup accounts (from
various ISP's in the area) are assigned a different IP address virtually
every time they connect. At one time, some years back some ISP's here did
use a static IP address but not for a long time now though.

Additionally, I personally use AT&T/Mediaone broadband cable (terrible
service! - but the only game in town - DSL is not available yet) and it gets
a different IP address virtually EVERY time I restart the cable modem. Maybe
some cable companies elsewhere DO assign static IP addresses, but NOT this
one here. I wish they did.

For a free utility to test/verify what IP address your computer is actually
using at any point in time, just click on the following link:
http://grc.com/su-help.htm and then scroll down a little to "Free IP Agent
and click on it to download a very small program named "IP_Agent.exe" that
will report back to you the actual IP address being used - AND it will test
various other security issues for you too.

By the way, at the risk of sounding ignorant myself, who/what is Mark or
Mark's mail list? I am NOT familiar with it and would like to know.

Thanks for you response to this very important subject - I hope I don't get
too bombed from the list for being too far off topic! I believe that this is
important to the list too though.

Jerry Erbesfield
MIS Director
Prudential Georgia Realty
73 B Black Beauty roadster
jerbesfield@mediaone.net
website- http://people.atl.mediaone.net/jerbesfield

-----Original Message-----
From: owner-mgs@autox.team.net [mailto:owner-mgs@autox.team.net]On
Behalf Of Simon Matthews
Sent: Wednesday, January 02, 2002 4:36 PM
To: mgs@autox.team.net
Subject: Re: End of the year awards... Message CAN be traced!


Jerry,

Unfortunately, in the email you show, all the headers in the original email
from the sender have been removed. What you are seeing is only the headers
that were added when the email was sent my Mark's mailing list program.

However, I expect Mark has the original source email.

If Mark has the original email and if it was sent via a cable modem, then it
would be simple to track the sender. DHCP does not normally assign IP
addresses randomly. In fact, IP addresses for cable internet customers tend
to be pretty stable for months at a time. Thus, Mark could scan for the same
IP address in other recent emails.

Simon

///
///  mgs@autox.team.net mailing list
///  or try http://www.team.net/cgi-bin/majorcool
///


<Prev in Thread] Current Thread [Next in Thread>