Tracking IP addresses and Usenet posts?

[RayLopez99]

This is more a privacy question but I could not figure out a forum for
it.

Given that one can track IP addresses of people that visit a website,
and given that IP addresses of all mail, including Usenet posts, is in
the header, is there an automated way of checking all Usenet posts by
IP address? To see if a particular poster who visited a particular
website also posted certain messages on Usenet or elsewhere? This
would be done by the webmaster of the website visited. Is there a
program to do this? Not manually, which anybody can do, but a
software program.

I recall years ago some stock forensic accounting firm working with
the US SEC developed some kind of software--or was it off the shelf?
that's my question--that allowed you to tell, by comparing IP
addresses as well as sentence syntax (sentence syntax is difficult, so
it was probably a custom program) who (by IP address) posted what on
various penny stock bulletin boards and chat rooms. Then they were
able to subpoena the internet provider to find out the real world
identity of the particular person who had that IP address assigned to
them on a particular day of a certain posting (assuming it was not a
permanent static address).

RL

 

[Snit]

RayLopez99 stated in post
(e-mail address removed) on 1/3/11
9:00 AM:

This is more a privacy question but I could not figure out a forum for
it.

Given that one can track IP addresses of people that visit a website,
and given that IP addresses of all mail, including Usenet posts, is in
the header, is there an automated way of checking all Usenet posts by
IP address? To see if a particular poster who visited a particular
website also posted certain messages on Usenet or elsewhere? This
would be done by the webmaster of the website visited. Is there a
program to do this? Not manually, which anybody can do, but a
software program.

I have, in my logs, the names of some of the folks in COLA/CSMA labeled.
For example, Steve Carroll used to claim to never visit my site - so I
labeled his IP address. His name pops up in my logs... and he visits often.
I also get visits from others in his area (the IP address can show where
someone is from). He likely goes to neighbors and the library or wherever
to view my site.

 

[Lusotec]

This is more a privacy question but I could not figure out a forum for
it.

Security groups may be what you are looking for.

Given that one can track IP addresses of people that visit a website,
and given that IP addresses of all mail, including Usenet posts, is in
the header, is there an automated way of checking all Usenet posts by
IP address?
To see if a particular poster who visited a particular
website also posted certain messages on Usenet or elsewhere? This
would be done by the webmaster of the website visited. Is there a
program to do this? Not manually, which anybody can do, but a
software program.

No. Many posts don't have the IP of the poster, and even those that have may
not be reliable, as not being the IP of the poster but of some proxy.

I use a anonymizing proxy to post in Usenet, so even if some header has a IP
it will be the proxy's IP and not the system's IP I'm posting from.

Regards.

 

[Claude V. Lucas]

Path: news.sonic.net!nnrp0.nntp.sonic.net!199.245.68.22.MISMATCH!spool2.nntp.sonic.net!news-xfer.nntp.sonic.net!news.glorb.com!news2.glorb.com!news.glorb.com!postnews.google.com!p8g2000vbs.googlegroups.com!not-for-mail
From: RayLopez99 <[email protected]>
Newsgroups: alt.comp.hardware.pc-homebuilt,alt.comp.anti-virus,alt.computer.security,comp.os.linux.setup,comp.os.linux.advocacy
Subject: Tracking IP addresses and Usenet posts?
Date: Mon, 3 Jan 2011 08:00:40 -0800 (PST)
Organization: http://groups.google.com
Lines: 24
Message-ID: <[email protected]>
NNTP-Posting-Host: 94.71.18.120
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
X-Trace: posting.google.com 1294070440 29908 127.0.0.1 (3 Jan 2011 16:00:40 GMT)
X-Complaints-To: (e-mail address removed)
NNTP-Posting-Date: Mon, 3 Jan 2011 16:00:40 +0000 (UTC)
Complaints-To: (e-mail address removed)
Injection-Info: p8g2000vbs.googlegroups.com; posting-host=94.71.18.120; posting-account=fRZa_AkAAACE3nlFA9zM1Eq00OKq1Ycq
User-Agent: G2/1.0
X-HTTP-UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US)
AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10,gzip(gfe)
Xref: news.sonic.net alt.comp.hardware.pc-homebuilt:528884 alt.comp.anti-virus:38839 alt.computer.security:77845 comp.os.linux.setup:534874 comp.os.linux.advocacy:1857523

This is more a privacy question but I could not figure out a forum for
it.

Given that one can track IP addresses of people that visit a website,
and given that IP addresses of all mail, including Usenet posts, is in
the header, is there an automated way of checking all Usenet posts by
IP address? To see if a particular poster who visited a particular
website also posted certain messages on Usenet or elsewhere? This
would be done by the webmaster of the website visited. Is there a
program to do this? Not manually, which anybody can do, but a
software program.

I recall years ago some stock forensic accounting firm working with
the US SEC developed some kind of software--or was it off the shelf?
that's my question--that allowed you to tell, by comparing IP
addresses as well as sentence syntax (sentence syntax is difficult, so
it was probably a custom program) who (by IP address) posted what on
various penny stock bulletin boards and chat rooms. Then they were
able to subpoena the internet provider to find out the real world
identity of the particular person who had that IP address assigned to
them on a particular day of a certain posting (assuming it was not a
permanent static address).

RL

*Some* servers include the IP address of the poster in the header

Your post's header had this line in it

NNTP-Posting-Host: 94.71.18.120

which, unless it was spoofed, should be your address...

Not all servers implement this feature so some postings are less traceable.

 

[Snit]

Hadron stated in post [email protected] on 1/3/11 9:32
AM:

Easily spoofed of course.

Yes... mine has been spoofed on a number of occasions by trolls masquerading
as me. For a while Carroll and crew were posting under different names with
my IP address... and then claiming to be my wife and the like. Utterly
repulsive behavior.

 

[Lusotec]

*Some* servers include the IP address of the poster in the header

Your post's header had this line in it

NNTP-Posting-Host: 94.71.18.120

which, unless it was spoofed, should be your address...

Unless he is using a proxy. In that case it is the proxy's IP that the nntp
server will see and put in the header.

Not all servers implement this feature so some postings are less
traceable.

Regards.

 

[Juan]

Sounds like the kind of thing HPT gets up to too.

Yea.
HPT is always slithering around stalking people.

 

[Snit]

Juan stated in post (e-mail address removed) on 1/3/11
10:26 AM:

Yea.
HPT is always slithering around stalking people.

Look at the list of quotes he has *about* me... scavenged over many years
and many are out and out forged (from Carroll socks and the like). He does
that because he *knows* he cannot show me doing as he accuses.

It is reprehensible on his part.

Then again, the fact he and his cohorts target me to such an extent is proof
they know I am right ... or at least mostly so ... in what I write and that
I support my views well. There is no other reason for them to obsess about
me so much.

 

[RayLopez99]

I have, in my logs, the names of some of the folks in COLA/CSMA labeled.
For example, Steve Carroll used to claim to never visit my site - so I
labeled his IP address.  His name pops up in my logs... and he visits often.
I also get visits from others in his area (the IP address can show where
someone is from).  He likely goes to neighbors and the library or wherever
to view my site.

Just visited your site. So I see now why you're against Linux.
Indeed, it would give people without any medical problems a heart
attack, anxiety attack or worse (like epileptic fits trying to install
it). Makes sense.

RL

 

[RayLopez99]

Easily spoofed of course.

Yes apparently easily spoofed--and Peter Kohlmann for one thinks I'm
not posting from Greece. But tell me, how is it easily spoofed?
Using what program or platform? Unix? Microsoft? I've always heard
that it's easy to spoof but never looked into the mechanics of it.

RL

 

[Ari Silverstein]

This is more a privacy question but I could not figure out a forum for
it.

Oh, lessee, let me think, hmmmmmmmmmmm

*ALT.PRIVACY?????*

Nooooo, you don't want to go there and get your rectum reamed for the
umpteenth time. LOL

Given that one can track IP addresses of people that visit a website,
and given that IP addresses of all mail, including Usenet posts, is in
the header,

Show mine.

Can't?

Stick to thumping your meat.

is there an automated way of checking all Usenet posts by
IP address? To see if a particular poster who visited a particular
website also posted certain messages on Usenet or elsewhere? This
would be done by the webmaster of the website visited. Is there a
program to do this? Not manually, which anybody can do, but a
software program.
Yes.

I recall years ago some stock forensic accounting firm working with
the US SEC developed some kind of software--or was it off the shelf?
that's my question--that allowed you to tell, by comparing IP
addresses as well as sentence syntax (sentence syntax is difficult, so
it was probably a custom program) who (by IP address) posted what on
various penny stock bulletin boards and chat rooms. Then they were
able to subpoena the internet provider to find out the real world
identity of the particular person who had that IP address assigned to
them on a particular day of a certain posting (assuming it was not a
permanent static address).

RL

Jesus, what a blathering idiot you are.

Here, have some more Astrolube, TallyWhacker. lol

 

[Ari Silverstein]

Juan stated in post (e-mail address removed) on 1/3/11
10:26 AM:


Look at the list of quotes he has *about* me... scavenged over many years
and many are out and out forged (from Carroll socks and the like). He does
that because he *knows* he cannot show me doing as he accuses.

It is reprehensible on his part.

Then again, the fact he and his cohorts target me to such an extent is proof
they know I am right ... or at least mostly so ... in what I write and that
I support my views well. There is no other reason for them to obsess about
me so much.

Who the hell let open the kindergarten door?

 

[RayLopez99]

Oh, lessee, let me think, hmmmmmmmmmmm

*ALT.PRIVACY?????*

Nooooo, you don't want to go there and get your rectum reamed for the
umpteenth time. LOL


Show mine.

Can't?

Reply-To: (e-mail address removed)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net w9HMm7wkTdd3/M4CtGeavghg4l6mAyEpZVrZ/
4fCpCWZnxai7s
Cancel-Lock: sha1:mgXf7mHmsbGgIPyQCnp0NkiIHHQ=

Stick to thumping your meat.

<http://groups.google.com/group/rec.running/browse_frm/thread/dfc30edb...>

You behave Ari Silverstein, or I'll stick that Balkan Curse back on
you. (For the rest of you reading this thread, I threatened Ari with
a voodoo curse unless he replied to a certain post, and he dutifully
replied, showing that he was afraid of the curse. LOL Ari believes in
black magic, as do many people).

RL

 

[Snit]

Ari Silverstein stated in post (e-mail address removed) on 1/3/11
11:46 AM:

Who the hell let open the kindergarten door?

Welcome to COLA discussions.

 

[Snit]

RayLopez99 stated in post
(e-mail address removed) on 1/3/11
11:28 AM:

Just visited your site. So I see now why you're against Linux.

To be clear: I am *not* against Linux. I use it and suggest it to others.
I think it is great... but I also realize it has a *lot* of room for
improvement.

 

[Ari Silverstein]

Reply-To: (e-mail address removed)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net w9HMm7wkTdd3/M4CtGeavghg4l6mAyEpZVrZ/
4fCpCWZnxai7s
Cancel-Lock: sha1:mgXf7mHmsbGgIPyQCnp0NkiIHHQ=

So where's th IP?

You are one of the more insufferably stoPidD imbeciles on Usenet, you
are aware of that?

You behave Ari Silverstein, or I'll stick that Balkan Curse back on
you. (For the rest of you reading this thread, I threatened Ari with
a voodoo curse unless he replied to a certain post, and he dutifully
replied, showing that he was afraid of the curse. LOL Ari believes in
black magic, as do many people).

RL

On top of being a fukksnort, you're a pathetic troll too.So back to
your dick you go. *LOL*

<http://groups.google.com/group/rec....4c0c2?tvc=1&q=RayLopez99+nut#d8ec9b08cc94c0c2>

 

[Ari Silverstein]

So where's the IP?

You are one of the more insufferably stoPidD imbeciles on Usenet, you
are aware of that?

Well, Meat Thumper, where is my IP address?

Stick to thumping your meat.

<http://groups.google.com/group/rec....4c0c2?tvc=1&q=RayLopez99+nut#d8ec9b08cc94c0c2>

 

[Ari Silverstein]

Ari Silverstein stated in post (e-mail address removed) on 1/3/11
11:46 AM:


Welcome to COLA discussions.

Is Meat Thumper RayLopez99 one of yours over there on COLA? If so,
would you mind packing him back into his Jack-In-The-Box, fer
chrissakes? lol

 

[FromTheRafters]

This is more a privacy question but I could not figure out a forum for
it.

Some privacy newsgroups have the word "privacy" in their names.

I don't know the program you are talking about, but if you find it I
would be interested in the "posting style" aspect of identification. It
is my belief that *that* method is more powerful than just an IP address
or even a range of IP addresses. With all of the different ways users
can access the internet and usenet, IP numbers change too often to be of
any use outside of the authority's ability to match the IP and the time
to the client account and contactable person's name and street address.

Usenet posts can be completely untraceable if the right system is used,
but posting style can be a dead giveaway good enough for non-authorities.

 

[FromTheRafters]

Yes apparently easily spoofed--and Peter Kohlmann for one thinks I'm
not posting from Greece. But tell me, how is it easily spoofed?
Using what program or platform? Unix? Microsoft? I've always heard
that it's easy to spoof but never looked into the mechanics of it.

It is text based, see the NNTP RFC's.