I2P uses address books to store site addresses for Eepsites. There are several options for this including local addressbook, router addressbook and private addressbook.
I am curious about this for the purposes of forensics as a novice to I2P, where are these different address books stored?
Related
I change my device, my public dynamic IP address, account, username, password, email, browser, app, cookies and everything and again Instagram knows it's me, and my question was do you know that can IG spot public dynamic IPs are coming from the same person or they know me another way?
what was strange was that I used fresh new device and changed all things mentioned above with no success (while on a new dynamic IP) but when using a VPN or Proxy it works so my guess was they exactly know all dynamic IPs are coming from the same person! does any body know how they can do that?
PS:
Based on exact suggestions tailored for me I am sure they know it's me each time.
I am using a WIFI dynamic IP not mobile data. (can latter be a different experience?)
I know of device fingerprinting but because I change everything I don't think it's the case.
this case only affects me not people in my region so it's not related to geolocation which is rough and not exact.
what Instagram does is illegal in this case, considering tracking this way without knowledge of the user.
using email analysis we can find senders IP address through some tools only if they are from different domains like senders sends from yahoo mail to gmail user.
How to find senders IP if they are from same domain?
example:
from: abcd#gmail.com
to : wxyz#gmail.com
while in email analysis iam getting senders IP as google servers IP
What you can actually achive with any tools depends very much on whose IP address you want to find out:
If you want to get the address of the client, on which a user probabply typed the email and from which it was transferred to its provider's Mail User Agent (MUA), forget it. As long as you are not a government with the appropriate court decision or very good friends with the server operator, the latter one will not give you even slightly sensitive information about its clients, also not the IP address.
If you want the IP address of the MUA of the client's mail service provider, you have much better chances. Assuming that the from field is correct, then just check out which addresses this provider uses. Gmail has probably a lot of various server machines and I think you might not find the exakt IP of the server the sender's client connected to. If the from field is manipulated (junk mail), Gmail's Mail Transfer Agent (MTA) will probably reject the mail, so that it will never arrive in your inbox anyway.
The sender and the recipient may use different mail service providers, in that case your provider's admin could have a look into the server's log files to find out from which IP address the recipient's provider's MTA was connected. However, usually this is absolutely irrelevant, as long we are dealing with two respectable organizations. Also you explicitly mentioned that in this scenario, it is one and the same provider.
Finally, you can find out the address of your own MUA, but I think that has nothing to do with the author of the email.
So, in conclusion: technically you can't. The only really interesting information is the address of the client used by the author of the email. Google is a respectable enough company to never ever give this information to you, except if the sender's mail client explicitly wrote it into the mail header, which it probably never will.
If you want the IP address because of criminal activity or any kind of abuse by the sender, just contact Gmail. If that does not help, file a lawsuit. The latter one may actually take a long breath until you (may!) be successful, so be sure if your situation is really that bad.
However, if you have a lot of criminal energy you could use the more general metadata from the header to create a profile of the sender's client, like which client software of which version he*she uses and more. But I think this is going to be very, very much work until you get more relevant information (and it should be).
It would actually be very helpful to have a few more information on your scenario, e.g. what you need the address for, if you really mean the client's address or the mail provider's server address, how much work you are willing to invest and also which kind of mail service provider we are talking about. If you run your own mail server, you suddenly gain access to a lot of interesting information...
Feel free to clarify your needs, so maybe someone can help you better. Also, I hope I didn't hit you with too many words, I am new and excited about stackoverflow ;)
I have an old dating site and I'm having some real problems lately with fake members signing up. The problem is these are NOT bots, they are real people (but scammers) browsing throughout the site, signing up and trying to contact our real members, which is a real pain.
Here is what I have implemented:
reCaptcha
IP logging - Banning IPs
Email Verification
User is required to fill out entire profile
I can see based from IP addresses that many of these fake members are usually from various countries in Africa (Nigeria, Ghana, etc), but they will state in their profiles that they are from America. Or there will be a US profile that says they are from Arizona, but their IP will show New York. These members are easy to find and block. (Yet after all the work they have to do to get a profile set up on my site and have it banned, they keep coming back)
PROBLEM:
Some members are really experienced scammers and their IP addresses match their user profile US-based location exactly. In some cases, I know they are fake members, but in other cases I'm not so sure. The only other tool I have is to manually search for their profile descriptions line-by-line on Google to find their profiles on other sites, to see if there is anything suspicious.
Sometimes this works, but sometimes their profiles are the same on other sites and nothing seems "off", and sometimes their profiles are completely unique to my site and cannot be found anywhere else. Yet their profile and photo seems "off" (super model photo?), they'll still attempt to contact other members immediately...
Any advice on what to do about combating these type of advanced fake members? Help is greatly appreciated.
It is common for their IP location to not match their address. These people maybe behind VPNs. This means they are somewhat savvy and do spend money.
You can try requiring a phone number. This helps contacting them and gage trust.
How I see the problem, your time is better spent servicing these new members. Incorporate features like a helpdesk and use a customer centric strategy. Bad behavior can be discourage with expiring bans and holding back site features.
I read about website tracking cookies at "http://www.newfangled.com/unlimited_vs_limited_web_tracking" and am wondering how they are implemented.
On page 2 of the article, the author writes, "third-party trackers using beacon technology can match the data they collect about you in real time with other databases containing geolocation, financial, and medical information in order to expand your profile to predict your age, gender, zip code, income, marital status, parenthood, home ownership, as well as unique interests."
I've thought of a few ways trackers could be implemented and am hoping answers to the following questions will help me get some clarity about how trackers work.
When you visit a website, do all of your cookies become available to the website? E.g., if I visited StackO.com , would the site be able to access my facebook/google/other cookies?
To track your visits from site to site, do various websites share information in a database, i.e. when you visit FB, google, CNN...do they log your activity in a shared database that's accessible by companies in the group?
When you visit a website, do all of your cookies become available to the website?
Yes
To track your visits from site to site, do various websites share information in a database, ie when you visit FB, google, CNN...do they log your activity in a shared database that's accessible by companies in the group?
Yes
In general, yes. If you look at cookies set by CNN.com for example, there's cookies set for scorecardresearch.com domain:
http://webcookies.info/cookies/cnn.com/11993/
Then there's some JavaScript code or 1x1 image that actually creates a request to the scorecardresearch.com servers. This way Scorecard Research can track you as you move from CNN to other websites. And they will definitely aggregate the information from various websites using their technology.
Profiling is just making use of this aggregated behavioral data.
We run a website that has a number of public content makers that represent the public faces of our project.
One of the people has a previous online stalker who has found her at our site and has immediately started commenting on her posts and content.
Aside from tracking and blocking his IP what sort of technical solutions can I be implementing to help alleviate the situation?
There's not much you can do besides restricting access to information (eg: name, phone-number, email, etc.).
For example, your site could just not display anything but firstName lastInitial and the email (if necessary) to unregistered users, or registered users with insufficient permissions. Permission levels and information displayed could be tweaked according to your needs.
But ultimately it's up to the person posting content online to be careful with what they show/publicize on your site and elsewhere on the net. It would be useless for you to restrict access to information, but then she has her email and if you Google the email (or look her up on facebook) and her information is there.
Honestly I am a bit surprised by the way people feel free to post their email, real name, phone number, address, etc. online nowadays. I come from days where people liked to be anonymous online; and up until now a Google search for my personal email still comes up empty.