HACKER's IP Address

[usmcrangel]

I have an IP (74.227.106.194) from the person that hacked into my bank account. It was provided by my bank in what is called a "SESSION LOG". The IP: 74.227.106.194 (WhatIsMyIPAddress) is showing that Bellsouth.net is the Internet Provider and that the person lives in Cary, NC.

My question: How can I obtain a physical address? I have the log file from the bank that was provided via a subpoena. What I cannot get is the actual mailing address of the person from Bellsouth (Internet Provider).

Can anyone help me or provide me documentation that I might be able to use in a court of law.

[Chrispcritters]

You would need to subpoena the ISP for the customer that was assigned that IP address for the specific date/time of the account access.

[lorena]

Hi, go to google earth, then enter the longitude and latitude of the IP adress ( it is under the IP check) in your case, 35.7821, -78.8177 and you'll see an address. May it helps you further or the police. Good luck

[Chrispcritters]

No, in most cases IP geolocation will NOT get you the specific physical address. You should think of it more as a general location, accurate usually to the city.

[lorena]

But perhaps limitable???

[blackraven]

Generally maybe, but not particularly reliable as the IP could be even in a different country

If you believe some of the stats these geo websites put out - 99% correct country, 92% correct city...

So not to the point where you could use it as evidence in a case IMO. I found a link about geolocation and law

http://epublications.bond.edu.au/law_pubs/254/

[iastaff]

Geolocation, latitude, and longitude only reveal where an ip block is registered. It NEVER traces back to a users home address.

[StefanL]

I have an IP (74.227.106.194) from the person that hacked into my bank account. It was provided by my bank in what is called a "SESSION LOG". The IP: 74.227.106.194 (WhatIsMyIPAddress) is showing that Bellsouth.net is the Internet Provider and that the person lives in Cary, NC.

My question: How can I obtain a physical address? I have the log file from the bank that was provided via a subpoena. What I cannot get is the actual mailing address of the person from Bellsouth (Internet Provider).

Can anyone help me or provide me documentation that I might be able to use in a court of law.

Hi,
I stumbled over this when I was searching for something else. First, let me point out that I’m absolutely no guru on this, but I have some experience thought.

Your bank’s log is null, void, nada; well you name it, in a court of law. Why, you may ask? It’s very simple; I can personally spoof an IP address when I want to. So how did your bank get this IP? You are saying that they have a “session log”. If they are using the “average” software they actually don’t know the real IP.

If you lose some money here, if I were you, I had sued the bank. First, they should have installed a Java applet (don’t confuse this with JavaScript) on their end. With a correct applet they would found out the real IP, it doesn’t matter how many high anonymous proxies that were involved, they will still get the correct IP.

Second, if the user refuses Java applets in the browser, they should never let the person in.

If your bank has taken all precautions to this, then of course your BANK, not YOU should sue Bellsouth. On the other hand, I live in Sweden, so what would I know?

Just my two cents.

[myitdepart]

usmcrangel,
Chrispcritters is correct in that you would need the ISP to give you the customer that was using that address at that time. It would be an almost impossible task, timely and expensive as they would fight you tooth and nail. Additionally I can't image what kind of judge would find in your favor being that an IP address means nothing. Assuming that you could prove that the IP address is legit you (which you could not). There are a thousand reasons why the traffic could be coming from that address and it not be someone that lives there. A short list of reasons:
Wireless network hacked
Running a proxy
Computer at the location has a trojan or has been hacked (most likely)
Tor exit node

you get the point. Since in America criminal cases must prove that a person committed a crime did it beyond any doubt and from what I said above there is no way you can so that. The only option I can see would be to attempt a civil suit against the person who had the IP for negligance. It is their responsablitly to secure their network and prevent viruses on their computer. The problem is of course that you will have a tough time proving the IP was not spoofed. Additionally the precedent set by the RIAA over music theft is not a good one.

Second you say your account was "hacked". Now that could mean a few things. Did they use legitimate credentials or have access to some of your accounts and where able to reset your credentials or did they hack through a weakness in the bank and get your money? If someone with the correct credentials got to your account it is not the banks problem. Although any bank that can be accessed with a simple password and email address is not one I would personally use.

Finally check with your homeowners insurance if the sum of money was high enough. Depending on your policy you might be able to get back if not some then all of your money. Technically you were robbed and some policies cover theft.

Please keep in mind I am not a lawyer and any law stuff you do need a lawyer.

Good Luck
http://www.myitdepart.com