Man
Professional
- Messages
- 3,070
- Reaction score
- 606
- Points
- 113
The Internet is not anonymous. Wherever you go, you leave behind data about who you really are. Some are larger than others, but the largest is your IP address. Armed with this, law enforcement can easily discover your identity.
There are also two categories of IP addresses. Private IP addresses are used to identify machines on a closed network.
For example, your home Wi-Fi network is a private IP address. So that your computer can communicate with your gaming console, the router assigns each device a unique identifier.
IP addresses are used throughout the Internet for the same purpose. Your Internet Service Provider (ISP) assigns you an address, and it takes one of two forms: static or dynamic.
Static IP addresses are fixed. Think of them like your phone number. Unless you consciously decide to get a new one, it will stay the same. This is because they are typically used by things like servers, where you want to have an address that never changes.
Dynamic IP addresses are most often used in residential or commercial settings. Unlike static addresses, they change. The Internet provider reassigns a new IP address to the network every day.
Now, let’s say a site like Facebook or Dropbox is being used to commit a crime. Someone has created a fake account to post content that violates local laws.
Law enforcement can find out who that person is by subpoenaing the service provider to obtain the IP address associated with that activity. A subpoena is a legal tool used to compel individuals or companies to testify, usually under threat of a fine for failure to comply.
Once they have the IP address, they still need more information to find out the person’s identity. Again, IP addresses identify computers, not people. To overcome this hurdle, investigators must first determine which ISP owns that IP address.
However, this is much easier than you might think. ISPs typically own “blocks” or “pools” of IP addresses. They are also registered in publicly accessible databases run by the RIR (Regional Internet Registry). There are five registries, each responsible for administering IP addresses in its region. So, finding an ISP is just a matter of entering the IP address in the right database.
If you do a Google search for “IP Lookup,” you’ll find dozens of websites that will happily do the job for you. You can also use whois from the command line and get the same results.
Law enforcement has access to the name and address, allowing them to continue their investigation.
But what if your ISP uses dynamic addresses? It doesn’t matter because ISPs, like websites, keep logs. By reviewing their records, they can easily determine which subscriber was associated with that IP address at a given time.
But that doesn’t necessarily mean the perpetrator will be found. For example, if they used public Wi-Fi to commit a crime, authorities can only trace the activity back to that public hotspot. However, they can do things like review CCTV footage to see who visited that establishment or used that car at a certain time.
It’s worth noting that law enforcement isn’t the only organization interested in attaching names to IP addresses. Often, lawyers or agencies working for entertainment companies will collect IP addresses used to download pirated content. They will then issue subpoenas to ISPs for contact details of these customers.
Of course, anyone can surf the internet anonymously using Tor or a VPN. Many VPNs even claim that they do not keep usage logs, although it is often difficult to independently verify whether this is true.
VPN chaining (the real version of “rerouting” your signal around the world) makes this even more difficult. Authorities can only trace the IP address of the VPN company, which they would have to force to reveal the real IP address from logs that may not even exist. If a criminal connects to that VPN from another, law enforcement would have to go through several companies to find out the details.
Tracing IP addresses is not the only way to catch criminals online. For example, Ross Ulbricht, who ran the dark web marketplace Silk Road, was caught after revealing his real name on an online message board.
What are IP addresses?
Let's define what an IP address actually is. In short, it's a number that identifies a computer on a network. There are two types of addressing systems in use today: IPv4 and IPv6.There are also two categories of IP addresses. Private IP addresses are used to identify machines on a closed network.
For example, your home Wi-Fi network is a private IP address. So that your computer can communicate with your gaming console, the router assigns each device a unique identifier.
IP addresses are used throughout the Internet for the same purpose. Your Internet Service Provider (ISP) assigns you an address, and it takes one of two forms: static or dynamic.
Static IP addresses are fixed. Think of them like your phone number. Unless you consciously decide to get a new one, it will stay the same. This is because they are typically used by things like servers, where you want to have an address that never changes.
Dynamic IP addresses are most often used in residential or commercial settings. Unlike static addresses, they change. The Internet provider reassigns a new IP address to the network every day.
Sites keep logs
Most websites keep detailed logs of their visitors, and for good reason. If you know how to read them, you can find out how your site is being used by external third parties.Now, let’s say a site like Facebook or Dropbox is being used to commit a crime. Someone has created a fake account to post content that violates local laws.
Law enforcement can find out who that person is by subpoenaing the service provider to obtain the IP address associated with that activity. A subpoena is a legal tool used to compel individuals or companies to testify, usually under threat of a fine for failure to comply.
Once they have the IP address, they still need more information to find out the person’s identity. Again, IP addresses identify computers, not people. To overcome this hurdle, investigators must first determine which ISP owns that IP address.
However, this is much easier than you might think. ISPs typically own “blocks” or “pools” of IP addresses. They are also registered in publicly accessible databases run by the RIR (Regional Internet Registry). There are five registries, each responsible for administering IP addresses in its region. So, finding an ISP is just a matter of entering the IP address in the right database.
If you do a Google search for “IP Lookup,” you’ll find dozens of websites that will happily do the job for you. You can also use whois from the command line and get the same results.
Internet providers keep logs too
Once the ISP is identified, it’s a simple matter of sending out another subpoena. As we mentioned earlier, they force people or businesses to provide evidence. Failure to do so can result in a fine or jail time.Law enforcement has access to the name and address, allowing them to continue their investigation.
But what if your ISP uses dynamic addresses? It doesn’t matter because ISPs, like websites, keep logs. By reviewing their records, they can easily determine which subscriber was associated with that IP address at a given time.
But that doesn’t necessarily mean the perpetrator will be found. For example, if they used public Wi-Fi to commit a crime, authorities can only trace the activity back to that public hotspot. However, they can do things like review CCTV footage to see who visited that establishment or used that car at a certain time.
It’s worth noting that law enforcement isn’t the only organization interested in attaching names to IP addresses. Often, lawyers or agencies working for entertainment companies will collect IP addresses used to download pirated content. They will then issue subpoenas to ISPs for contact details of these customers.
Of course, anyone can surf the internet anonymously using Tor or a VPN. Many VPNs even claim that they do not keep usage logs, although it is often difficult to independently verify whether this is true.
VPN chaining (the real version of “rerouting” your signal around the world) makes this even more difficult. Authorities can only trace the IP address of the VPN company, which they would have to force to reveal the real IP address from logs that may not even exist. If a criminal connects to that VPN from another, law enforcement would have to go through several companies to find out the details.
Tracing IP addresses is not the only way to catch criminals online. For example, Ross Ulbricht, who ran the dark web marketplace Silk Road, was caught after revealing his real name on an online message board.
