Like many people I have read Leo Traynors latest blogpost in which he tells about how online trolling lead to actual death threats made against him and his family IRL (In Real Life) as well as shocking and insulting artefacts being left on his doorstep. It makes for frightening reading and first right in to the ongoing debate about trolling. The story has gone viral and is picked up by the international media. What’s more it has generated a spin-off debate on the method used by Leo to locate the troll in question. He did this be having a friend use the IP addresses associated with offensive comments on his blog and tracing these IP addresses. A lot of ignorant comments are being made how this would not be possible without access to ISP records which can only be accessed with a warrant.
This is far from true.
An IP address, for those unfamiliar with it, is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing. This means that every device contacted to the Internet, and hence used to troll people, has an assigned IP address. It used to be that almost all IP address assigned by IPS’s were done so on a dynamic basis. This meant that a user was assigned a new IP address every time they connected to the Internet. This was done because an IPS’s network assets could not handle all users at the same time so they had to rotate IP addressed between users. However ISP’s have increased their assets and most people have been assigned semi-permanent IP addressed by their provider. This means that in the majority of cases an IP address will point to an individual or a specific location. This information is used in lots of ways by popular web services. Take for instance Foursquare, this geo-location service will determine your location even if you use it on a device without built-in GPS. It does simply by using your IP address and related information. Some websites also use your IP address to provide you with location specific information. Just think of the various online shops such as Amazon who determine your location solely by your IP address. But your IP address can be used to find out a lot more detailed information about you.
Let me explain by using an example; It is very easy to retrieve IP addresses. Every comment left on a blog is tagged with the originating IP address. This can only be seen by the blog administrator. See the below image for an example.
The above image shows you a number of comments on my blog, there is a range of information but for now we’re only going to take the IP address. Once you have this you can go to one of the many online IP tracker services such as “IPTrackerOnline.com”, type in the IP address in question and hit ENTER. Within seconds you will have a wealth of information. It will show you the users Internet Provider, a fairly exact location, the map coordinates and a satellite view of their location. Plug the location into Google Streetview and it will give you the actual address. You can then put the address into Google to find out more details. (NOTE: this does not work in all cases but even a general location is a piece in the puzzle when tracking a troll).
The above method will give you a specific address or a “general area” of the person harassing you. Of course it is not foolproof and can be circumvented but as Leo Traynors example showed not everyone is devious enough to do so. In fact the majority of Internet trolls are either too stupid or arrogant to completely hide their identity or location. Another method is looking for IP addresses connected with discussion forum postings. A lot of forums will include the posters IP address in their message so with a bit of luck you will be able to find out more about the trolls online habits. In the past I have come across people posting trolling/harassment spam from the same IP address that they used when engaging in professional discussions online.
Every bit if information gathered using the above method can then be cross-referenced with other databases leading to a wealth of information and quite often a very detailed profile of someone including personal & professional information as well as relevant locations.
So by taking this simple set of numbers which follows people online like a trail of breadcrumbs you can not only find out their location but you can also trace their name as well as find a lot of personal details. Enough to give you some tools to work with when trying to shut a troll up. And all of this is public information that can be legally obtained and which does *not* require any warrants.
Note: I am not an IT security professional, blackhat hacker or anything like that. I do however have about 17 years of IT/networking experience and have on quite a few occasions helped people track down someone who was harassing them or someone close to them online. The above method is not 100% watertight but it works in most cases and is perfectly legal.
UPDATE: In response to numerous request received I have put up a guide to “Safer Surfing”.