?
Solved

Stolen Computer Recovery

Posted on 2014-03-17
5
Medium Priority
?
159 Views
Last Modified: 2014-08-16
I'm attempting to help a client recover a stolen computer. It's a Macbook Pro running OSX 10.8

I've managed to get the IP address of the thief (gmail logged in when launching the browser.) This information has been given to the local police department for them to request information from the ISP.

70.63.49.177
*Please do not do anything that might alert the thief or cause legal issues*

I would like to gather as much information as possible to provide the police (i.e. physical address, name, phone number)

A ping shows that the computer is still online, but a scan for open ports shows none open. The user hasn't launched Chrome, otherwise I could track his browser activity.

What are some ways I can gather more information?
0
Comment
Question by:MrComputerIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39936086
The *nix way would be to just ssh into it, but I don't know if it's active and configured into that laptop.

HTH,
Dan
0
 

Author Comment

by:MrComputerIT
ID: 39936092
Port 22 shows closed. Though all ports show closed, so I imagine its a router firewall or something?
0
 
LVL 35

Expert Comment

by:Dan Craciun
ID: 39936096
Probably. If it's in a household somewhere, the router will block all ports by default.
0
 

Author Comment

by:MrComputerIT
ID: 39936124
Is there a way I can "listen" to any of the network activity? Might be able to gather something useful from Facebook URL or something.
0
 
LVL 35

Accepted Solution

by:
Dan Craciun earned 2000 total points
ID: 39936154
The police can request from the ISP that owns that IP (Time Warner, from the ip location search) the address for the customer that had that IP at that particular time.

They can also request from Facebook (or Google, or Yahoo etc) the accounts that were accessed using that IP, but I don't know if those companies are forced to respond.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
In this article, we’ll look at how to deploy ProxySQL.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question