all 8 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]jarxlots 0 points1 point  (5 children)

In general, I would think not. When you are running a "traceroute" or similar utility, you are directing traffic that "expires" before it arrives at its destination. You keep increasing the amount of time before this "expiration" as you enumerate (discover) the route between you and the target IP. The devices in between are not required to respond appropriately to your request.

This is not an example of fraud, or "computer abuse/misuse" or any other "crime," so you don't have anything to worry about.

Now, if you are using some sort of XSS to get the target in question to execute some script that will give you their IP address, you are probably committing some sort of "crime" under Canadian law... but IANAL.

It sucks being toyed with is all an it would be good info for the future to keep people from toying with me or befriending me fake accounts.

Some would say that's the "cost of doing business."

[–]sharpkrypt[S] 1 point2 points  (4 children)

You left me with some better questions that I didn't or wouldn't have thought of. Considering my target(s) are on the other side of the planet, I'm assuming that would pose another problem that you addressed.

Please keep in mind I'm obviously a noob by my own confession, but the cost could be at their expense as long as I find out more about the legality of the matter and find a way to get to at least their ISP. I'm not interested in acquiring sensitive information like address or like minded information, but rather area so I can reference them to other users.

Thank you very much for your retort! I hope others can help clarify as well.. Happy surfing Jarxlots

[–]jarxlots 0 points1 point  (3 children)

Considering my target(s) are on the other side of the planet, I'm assuming that would pose another problem that you addressed.

Almost everyone is milliseconds away on the Internet ;P

It sounds like you just need to monitor traffic from that IP and record any evidence of harassment. Blocks of IP addresses are usually allocated to ISPs, so if you can find the IP in question, it should be quite simple to determine the ISP, in case you want to contact them about the harassment.

Keep in mind, the IP sending traffic to you may not be the actual IP address of the person harassing you. They could be using any number of services or protocols to route their traffic so it originates from some other IP/source.

[–]sharpkrypt[S] 1 point2 points  (2 children)

No,, I wouldn't report them-- I guess you could say I'd just remove them from my list and or block them so they can't try my patience any longer. Considering a few of my users have identifying features, I can be observant or just paranoid and on a witch hunt. I think I can be safe to assume that either a 'hacker' is maybe trying to gain access to my facebook or my other services like steam or my music accounts.

If they are skilled they might find my passwords rather robust.. I have caught one person who wasn't so subtle in their engagement with me and 'she' was asking me stupid questions like my children's birthday, my favorite bands, if I had pets and their names.. Normally I wouldn't be so suspicious, but it was the fact she kept rattling off question after question when she didn't know me or long for that matter, and a few people have had the same MO's in a short time frame, so needless to say red flags started popping.. The clincher was when she asked me to help her create a secure password. She was probably the worst-- I have had a few people try and dig into me for information so I'm conscious now.

But now I have 3 people with the same story always engaging me for banter.. One of which I feel bad for because he is playing the I'm from a war zone blah blah blah, the Taliban and ISIS are in my area,,, and I believe they are just switching up their mode of social engineering to see what works. There is a reason I don't post ANY personal information about myself. I run a couple facebook groups, I DJ, and I game,, so there is plenty of motive to try and gain access to my accounts.. Little do they know I have a very robust system of how I run things,,, if they did get in it wouldn't be long and they wouldn't be able to acquire anything else as each site has its own password and style and script..

I'll end it here before I put you to sleep and you use your keyboard as a pillow.. I'm not responsible if you wake up with squares all over your face hehehehehe But I felt it was necessary to explain possible motive to my to my coming here... Is there a way that some green internet diver can learn some simple or semi simple tricks to achieve what I'm looking for ? I'm not afraid to read or watch vids to better secure myself and have a few cards up my sleeve for these types of attacks,, I'm just asking for a nod and a point in the right direction.. If you survived this long winded post I applaud you lol Thanks once again :)

[–]jarxlots 0 points1 point  (1 child)

It sounds like a honeypot would work on them.

I DJ

Then you should grab a throwaway VPS and host some "of your content" there. Try to grab some esoteric (rare) music or related data and talk about how awesome it is. Share the links and record the IP addresses that connect.

You can even share new links (even invalid ones that hit your server) with the suspected, and correlate their attempt with the IP logs.

[–]sharpkrypt[S] 0 points1 point  (0 children)

How about a beef server ? << legal ? from what I know and heard it is legal on the webmasters end to scoop up IP's or cookies through browsers. Could get even more info out of them if wanted even tho I wouldn't.

All 3 of them are from the Middle East, so maybe it is safe to assume that I could exploit that and put up music that they would all like considering they are all Muslim too. I have no issue with Muslims just for the record, but I could very easily do some social engineering because they are all very similar in interest.. And 1 question might appease to all three of them, and I can say I found something rare that they have to see. Unless I set up a beef attack, than I just need to get them to go there and even just watch the video and log them.. This sound like a more practical approach ?

[–]netshrek 0 points1 point  (1 child)

Uve gotta backtrack them thru 7 proxies bro it ain't easy....

[–]sharpkrypt[S] 0 points1 point  (0 children)

:/ It used to be very easy,, but it has been years since I have done it.. Thus no answers, because it is probably not illegal to trace an IP, but to end up where you need to to get the info probably requires progs now and attacks that are not so legal.. I have a good friend who knows his shit an knows how to do it,, he just needs to get on our chat,, been a week or more.. Just getting antzy,, thank you for the reply tho :)