Tracing computers via AOL?

From: Don Kelloway (dkelloway_at_commodon.com)
Date: 11/27/03 

Date: Thu, 27 Nov 2003 13:51:33 GMT

It's early and I haven't had my coffee yet, but I though this would be
an interesting subject I'd like to discuss.

The other day I read about a theft of a laptop from Wells Fargo that
contained sensitive information. This morning I read a follow-up that
stated the individual involved was arrested after investigators were
able to locate the computer after the individual signed onto AOL. Now
here's the paragraph that caused me to stop and think. How?

"Investigators traced the computer to Krastof when he logged onto his
own America Online account at home through one of the stolen computers,
White said. That enabled authorities to connect the computer's Internet
Protocol address, a number that identifies a computer on the Internet,
to Krastof's home address through his AOL account, White said."

Hmmm? Is there something missing from that paragraph? Yes. We know IP
addresses are unique and yes we know ISP records will allocation, etc.
But how did investigators know to look for this specific computer
amongst the tens of millions that sign onto AOL every day? And even
then what was so identifiable about this specific computer once it
established an connection to AOL? The only methods that come to mind
(note: still drinking first cup) of identifying the computer amongst any
other would be if:

A. There was some sort of 'phone home' utility installed, or

B. The individual tried to sign on with the user account of the owner of
the laptop, thus identifying himself to AOL.

Any other ideas? 

--
Best regards,
Don Kelloway
Commodon Communications
Visit http://www.commodon.com to learn about the "Threats to Your
Security on the Internet".

Relevant Pages

  • Re: Tracing computers via AOL?
    ... > able to locate the computer after the individual signed onto AOL. ... > "Investigators traced the computer to Krastof when he logged onto his ... > own America Online account at home through one of the stolen computers, ... There are also other apps that could be running and alert the owner and ...
    (alt.computer.security)
  • tcpd with dynamic ip addresses
    ... internet account, so they can make a connection from anywhere in the world. ... This is an AOL account. ...
    (comp.os.linux.security)
  • some user accounts not connecting to internet
    ... accounts stopped connecting to the internet, but all connect to AOL (no ... to the internet through internet explorer (whether alone or via AOL.) ... i tried creating a brand new account, but that didn't connect, either. ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Sharing internet Accounts
    ... Do you mean 5 windows accounts or 5 AOL accounts. ... Whn you say go to the internet do you mean the web pages or email. ... DSL means you are typically always on. ... But when i install DSl i use my account. ...
    (microsoft.public.windowsxp.general)
  • Re: RED Xs everywhere!
    ... Pictures are not displayed in Internet Explorer ... Many of these programs block Javascript, which is often used to pop up login windows and create rollover graphics. ... AOL Users with different versions: ... Click Delete Files under Temporary Internet Files and then press OK button to delete all items in the Temporary Internet Files folder. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)