Re: Wireless IP leads to arrest..

I can say that yes to one of your questions: yahoo does add the senders IP address to the email headers. Even if they didn't append it to the headers, they still could keep it in their logs like a lot of MTA programs do.

Geoff

Sent from my BlackBerry wireless handheld.

-----Original Message-----
From: Eric Marden <security@xxxxxxxxxx>

Date: Tue, 9 Oct 2007 20:12:44
To:security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: Wireless IP leads to arrest..


That's the conclusion I was arriving at when reading this short
snippet of txt.

But my only question is: Does Yahoo add the IP of the user's
connection to the mail headers of emails sent from the mail.yahoo site?

Plus the type of investigation was: "Forgery and Identity Theft", so
there may be a lot more to this too.

Eric Marden
xentek: enlightened internet solutions
http://xentek.net/

On Oct 9, 2007, at 5:42 PM, Chinea, Jose L. Jr. (Contractor) wrote:

Classification: UNCLASSIFIED
Caveats: NONE

This one is simple! The media has no idea what it is talking
about! How
many times do we hear on the media terminology that makes no sense at
all!?!?!?! More than likely they tracked IP to an ISP and then
demanded the
ISP to reliquish the MAC address to username being used at that
time (every
ISP has a username and password in order to access their
resources). Also,
if there was a 5 year investigation already going on, they may have
already
known of the hacker's location and narrowed down any monitoring to
a single
subnet on the ISP's network.

just a theory.... but this is probably what happened and the media
didn't
know how to word it


Luis
Computer Systems Analyst II



-----Original Message-----
From: cobrajet [mailto:uby500@xxxxxxxxx]
Sent: Tuesday, October 09, 2007 3:12 PM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: Wireless IP leads to arrest..


Hi Guys,

I am sorry for the delay in getting you more info on this (I was
traveling).
Here's the story as it appears on the web and for the life of me I
can't
fathom what damning electronic evidence they used to arrest this
guy? ..or
for that matter what the crime was (a criminal opinion?)

"Type of Investigation: Forgery and Identity Theft; Date and Time:
3/25/06
at 1:00 pm; Location: V/Fredonia; Subject(s): xxxxxxxx, of Rock
Hill, SC;
Charges: Forgery 3rd, Identity Theft 3rd; Court: C/Dunkirk; Details
of the
Incident: A five-month investigation concluded in the arrest of above
subject. It is alleged that the above subject opened a yahoo email
address
with the name of the victim. The subject then sent a politically
charged
editorial letter to the Observer in the name of the victim. This
letter was
published. An investigation into the opened yahoo profile and the
sender of
the letter showed internet addresses that came back to the above
subject's
addresses in South Carolina and Fredonia. The subject was issued
appearance
tickets for the above charges and will appear in the C/Dunkirk
Court at a
later date. This incident was investigated by the Chautauqua County
Sheriff's Office by Inv. Lawrence S. Klajbor."


How could they arrest someone using an IP address alone without
siezing or
analyzing anything? How could they determine (from many states
away) who did
what on a wireless PC network without supporting forensics or misc
investiagting evidence?

I was curious as to your comments/clarity nbecause this looks very
odd to
me.






security-35 wrote:

Maybe it was IP + Mac Address of the Wireless NIC?

Where's the full story (link)?


Eric Marden
xentek: enlightened internet solutions http://xentek.net/

On Oct 6, 2007, at 11:03 AM, cobrajet wrote:


How can this be possibile?

A man in WNY was arrested and sentenced to a year in jail over an
email with the sole piece of evidence being an IP address? (- and a
wirless IP address at that?! -) How can they determine from an IP
address who in the house or on a network is actually on the
computer?

Can anyone explain this to me?8-O
--
View this message in context: http://www.nabble.com/Wireless-IP-
leads-to-arrest..-tf4580165.html#a13074514
Sent from the Security Basics mailing list archive at Nabble.com.





--
View this message in context:
http://www.nabble.com/Wireless-IP-leads-to-arrest..-
tf4580165.html#a13124923
Sent from the Security Basics mailing list archive at Nabble.com.
Classification: UNCLASSIFIED
Caveats: NONE

Relevant Pages

  • Re: Wireless IP leads to arrest..
    ... Does Yahoo add the IP of the user's connection to the mail headers of emails sent from the mail.yahoo site? ... Wireless IP leads to arrest.. ... Charges: Forgery 3rd, Identity Theft 3rd; Court: C/Dunkirk; Details of the ... Sent from the Security Basics mailing list archive at Nabble.com. ...
    (Security-Basics)
  • RE: [Full-disclosure] Zotob Worm Remover
    ... You stated that wireless is the main reason that the worm got into ... > Employees of Yahoo Inc have been taking pictures of cars ... > full display on an intended public Flickr account. ...
    (Full-Disclosure)
  • TelecomDirect News Daily Update - August 17, 2006
    ... Bidding for U.S. Advanced Services Wireless Licences Tops US$10 ... Yahoo!, go2 Forge Mobile Search Pact ...
    (comp.dcom.telecom)
  • I found it
    ... I found the post that had the headers I was referring to. ... were members of that Yahoo Group and seems it must have included ... Yahoo Groups where I used Ruada@xxxxxxxxx I only used lart to post to ... address I have never used anywhere but on usenet I figured that was ...
    (alt.support.chronic-pain)
  • Re: Cant Log on: multiple XP security and/or virus issues
    ... | log-on or got kicked off Yahoo IM and MSN Messenger - told me I was already ... Was also locked out of my own credit card account on ... Changed all email & bank passwords a couple of times over the next ... | that my wireless connection would very often disconnect and reconnect itself - ...
    (microsoft.public.security.virus)