Backtracking an IP address?

[Rickysa]

In this day and age, how difficult would it be for law enforcement to do so?

I have zero knowledge in this field, but it would seem if the FBI was alerted by a youtube host regarding an alarming post (fla shooter), could they not dig into the data and find the address?

[KFC911]

Naw....it ain't CSI

Once in a while I actually know about stuff...

[MBAtarga]

I believe they would serve a warrant to the ISP and get the address of the IP address in question.

The FBI had already questioned the suspect per news reports this AM.

[Rickysa]

Quote:

The FBI had already questioned the suspect per news reports this AM.

Actually it was the host of the youtube account they interviewed...hence, my question.

If someone posted a threatening message regarding the prez, couldn't the Secret Service suss something out?

[KFC911]

Quote:

Originally Posted by MBAtarga

I believe they would serve a warrant to the ISP and get the address of the IP address in question.

....

And then, it just depends...the trail can be long and convoluted. Don't know where I'm posting from today....DC or Miami

[HardDrive]

Depends on how sophisticated the person at the other end it. You can use internet proxy servers to mask your location.

[sc_rufctr]

It can be done but it does take some time and that means they'll probably be too late to stop anything.
YouTube doesn't review it's videos before they are posted. To do so would mean they'd need thousands of people watching the thousands of new videos uploaded daily.

Just guessing but...
So someone has to watch and then report the video to the authorities. Then the authorities need to watch the video and make a determination. Do they do something or not?
And then they being the process of tracking the person using any info YouTube may or may not have. All of this takes valuable time. Time they don't have.

I'm expecting some sort of fall out after this. YouTube have been demonetizing a lot of videos and they've changed the rules.

This needs to be fixed now. Someone has to step up and do something.

I'm not talking about introducing new gun laws that restrict your rights but it should be *really difficult for the mentally ill to get their hands on guns. (*impossible isn't possible)

* Compulsory gun safes would be a good start. Do you want to own & use guns? Then you need an approved gun case and actually use it.
* How about compulsory safety training? Imagine the opportunities here for providing accredited training to the masses.

Are you guys open to any new laws that restrict guns in any way?

[flipper35]

Quote:

Originally Posted by KC911

And then, it just depends...the trail can be long and convoluted. Don't know where I'm posting from today....DC or Miami

The forum software knows unless you are using some convoluted method of connecting. They can also connect your machine to other sites even if you are using public IP such as Starbucks, McD's or wherever and move around constantly.

[John Rogers]

Yes, the NSA or the FBI can track you down and actually see what is on your screen at that time. They can get screen snap shots, have them witnessed and used for court evidence! This was used by one of my previous students who works for the FBI and was sent to Japan to help break up a very large child porn ring. Over there it was a bit stricter but the same result occurred, over 40 people were sent to jail!

Several years ago it was even easier as there were Cisco router copies (very good ones) made in China that had a back door that even the LAN admins did not know about until one in San Francisco did a printout of the assembler code the main router OS was written in. He (like me) was an old guy and found some things that allowed for a second admin login? The others in the IT part of the company laughed at him until the FBI took his info and finally busted the ring of bad guys! No one else in the company even knew what assembler was since it is not taught in school now days.

[Rickysa]

Quote:

So someone has to watch and then report the video to the authorities. Then the authorities need to watch the video and make a determination. Do they do something or not?
And then they being the process of tracking the person using any info YouTube may or may not have. All of this takes valuable time. Time they don't have.

In this case, the vblogger (host of the video) saw the post "I'm going to be a professional school shooter" posted by screen-name: Nikolas Cruz. This was last September and the host contacted the FBI and was interviewed by them immediately.

[KFC911]

Quote:

Originally Posted by flipper35

The forum software knows unless you are using some convoluted method of connecting. They can also connect your machine to other sites even if you are using public IP such as Starbucks, McD's or wherever and move around constantly.

There's a ton of info carried in the HTTP protocols, IP logs, traces, etc. but it all just depends...If logs and traces are in place, there "might" be a trail, or pattern...it ain't easy and takes time...

[stomachmonkey]

It's as easy, or as difficult as the person operating the PC wants to make it.

[flipper35]

Quote:

Originally Posted by KC911

There's a ton of info carried in the HTTP protocols, IP logs, traces, etc. but it all just depends...If logs and traces are in place, there "might" be a trail, or pattern...it ain't easy and takes time...

Your browser has enough unique identifiers that they can know which machine is which outside of HTTP or IP.

[stealthn]

Easy to get the IP, harder to get the warrant for the ISP

[RKDinOKC]

Mine is even easier. I have static IP addresses and am not a part of an ISPs DHCP pool.

My servers log the IP and machine/browaer/etc. of those accessing them. If you have autofill on your browser, can collect and log that information as well.

If you use google's search engine all that logging is in their database along with the searches, sites, and content you visit. it is used to target you with advertising to match what you have been searching. It is in their privacy statement as is the right to view all your incoming and outgoing emails if you have a gmail account.

There are VPNs you can use that mask your IP address origination. Some claim they do not keep logs. Have not personally heard of one of them being challenged to give up a subscriber...yet.

[LakeCleElum]

While our former POTUS was still in office, wife's brother-in-law posted on FB that he would like someone to "Shoot the Pres".........He had the Secret Service knock on his door a few days later..............

[KFC911]

Just to clarify...there are lots of ways to skin a dawg, many ways to hack, track, and gather info etc. It's complicated,, and my response was to the original premise...can the FBI be shown a video, and track down the user based upon IP address. Technically yes....in reality...no. They can only ask someone like me to do it for them....still VERY difficult and time consuming...it ain't TV . I was a communications systems programmer (370 Assembler) and networking guru with high end advanced communications devices (500k+), protocols, etc. debugging, traces and figuring stuff out was my career. Started my career in IBM's Advanced Communications Products Division....microcode dvelopment at RTP....fun times for sure....now part of Cisco.

[KFC911]

Quote:

Originally Posted by stomachmonkey

It's as easy, or as difficult as the person operating the PC wants to make it.

You have a better chance than the average FBI agent and more skilz too...even if the end user posting the video is a novice...

Not in the real world...way too many false alarm nutcases every day....and that's just on PARF

[reachme]

IP is not the best way to do it. Smart person would post to a throwaway account verified with a throwaway email address from a coffee shop parking log with free wifi.
Like others have said you or the FBI (if they were inclined to investigate) would most likely look at the video file itself for clues like others have said.
Some photo/video formats include GPS location embedded in it as a string but it might be stripped out when posting. That's easy to find, just video yourself, save in that format and look for your GPS location string where it was recorded. Then look in that same spot in their file to see if they left one. Let's assume not.

The file itself usually has equipment, aperture, version info embedded (again depending on format). Where is defined by the format but usually the header so look there with a hex editor and it should be somewhat readable. Again if you know what version you are running (ver. 3.xx.xx) then save in that format and look for where it stores it for you or read up on that format. Let's assume that does not work either.

Look for their license # encoded using steganography. This is MUCH harder to find but not impossible especially with a known string-yours. Look for embedded equipment/version info and see if you can use that same equip to create a few videos. Then diff tool to highlight file differences between them. Armed with list of identifiers for (you), look at least significant bits of those areas with differences. Assume time will be recorded, license #. There could also be parity/crc checks encoded in areas to prevent fuzzing these to something useful.

That is about as deep as you can go. If you have their license # then the vendor can track down credit card or any other info they provided when signing up for the license.

With that info you could get creative, call the vendor, make up a story about how you don't think your license xxxx is properly registered to you (but could be one of several companies you acquired), then ask them which of your companies it is registered to so you can contact them to change it so you can renew your licenses. If there is money for them they will be *very* helpful. I might have once had all the leads being emailed to a scammer redirected this way.
In the past people knew computers were meant to be explored, the plumbing is still the most interesting part.

[flipper35]

If they use the same browser it is easy to track where they travel. If you can track where they travel you can see a pattern and where there is a pattern there is a user. It isn't rocket science here. You are fooling yourself if you think Google/YouTube doesn't track all that.