[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 306
  • Last Modified:

Assistance Pinpointing an Anonymous User

Ladies and Gentlemen,

       I am an executive for a small non-profit enterprise.  One of our affiliates is being confronted with slanderous attacks stemming from the "comments" form on their website "contact us" page and through an anonymous <My Space.com> poster. We believe these attacks are coming from a single individual. A NuVox Communications branch in Greenville, SC. provided the IP Address employed to address our web site. The email address inserted at our web site is <momentone@aol.com>; we believe it is fictitious.

Our associates made several attempts at contacting this individual for their name via their <My Space.com> site without success. My goal is to contact the person and try to address these issues with out any litigation, if possible.

Our enterprise would be grateful, if anyone can provide sources that can help us LEGALLY pinpoint this person outside of seeking a legal remedy. Thank you for your prompt and expert response in this urgent matter and have an excellent day!

Very Respectfully
SOPS07

0
SOPS07
Asked:
SOPS07
2 Solutions
 
kfullartonCommented:
You could start by entering the IP address in the WHOIS database.  It mightlead you to some useful information.

http://ws.arin.net/whois
0
 
zephyr_hex (Megan)DeveloperCommented:
if you have the IP address, then you have the identity of the computer/internet account from which the posting came.

you can do a lookup to see what company owns the IP.  http://www.samspade.org has this capability.  use the WhoIS function.  the results will probably also give you a way to contact the internet service provider (ISP)
you would need to contact the ISP and see if they can tell you the information you are looking for.

in many cases, the ISP will refuse.  i know the RIAA had to sue ISP's in order to get the identities of people who were using peer to peer services for downloading music.
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
fnbgpplCommented:
Contact the ISP and Myspace lodge a formal complaint these companies.  They may be able to take actions of their own to eliminate this problem.
0
 
Tim HolmanCommented:
There's nothing you can do.  The sender is most likely to be using a SPAM relay to send these emails, and as such, the sending IP will only take you to an insecure mail server that the sender happens to be abusing.  
The police are unlikely to help either, unless the email is relating to illegal content (terrorism, child porn, drug trafficking), but it's more than likely they would already know about this, as they monitor most of the major internet trunks in the world for stuff like this all the time.
I learnt to accept offensive emails a long time ago - it's either that, or no emails at all...
If you're keen on finding out more about tracing email headers, look at www.spamcop.net.  This will let you cut and paste the entire mail into a website, and will give you the IP address of the insecure relay.  But where do you go then?  You're stuck...
0
 
MalleusMaleficarumCommented:
Regarding the Myspace.com page.

CAVEAT: This is a lot of information, and it really all hinges on if the attacker's myspace page has some customization on it, rather than the drab default page.  This is all information I've collected for use in a seminar I'm putting together for high-school and junior high students.  All in the hopes of educating them on how to protect themselves in the digital age, however I thought a deeper technical look might assist you in this instance.

You stated this person has a page on Myspace?  Depending on how much this individual has customized their webpage, you might be able to gather additional information from items placed on the page.

Myspace doesn't allow you to host any files on their server (except for the items under the "pics" section), so in order for you to have the fancy background images, you need to host them somewhere else.  These images are usually hosted at a free image hosting site like photobucket.com.  You MIGHT get lucky in that this person got cocky and is hosting the images on their personal server or on a server belonging to their company (which would give you another avenue of investigation).

You can try to open the top level of the directory where the images are hosted to see if they have accidentally allowed the public to view the files, you might get super lucky and find pictures of your possible offender, or at least images that might assist you in narrowing down your list of suspects.

For example, if the picture of their background is hosted at photobucket, and the url for it is http://www.photobucket.com/album/a123/badguyusername/fancybackground.gif you can try entering just the http://www.photobucket.com/album/a123/badguyusername/ into your browser and see if there are more pictures available for public viewing.

Additionally, If there are images posted that are of the JPG standard, you might be able to open them in an advanced image viewer and read the EXIF information within the picture.  EXIF is basically extra info that digital cameras put into a picture, and it can sometimes give you a timestamp of when the image was taken, what model of camera was used, and the settings on the camera on the time the picture was taken.

Why is the EXIF information important?  Well, if the user has password protected the photobucket album, you can't see any of the images UNLESS YOU KNOW THE FILENAME.  Therefore, if the images follow the standard naming convention of the digital camera manufacturer, you can use yet another program to auto-download images based on the possible combinations on the filename.

P.S. As you had stated, these are all completly legal methods, and simply involve a more intimate knowledge of the technologies involved.

__Mal
0
 
MalleusMaleficarumCommented:
Have you had any success with any of the methods posted thus far?
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now