Slashdot Mirror

← Back to Stories (view on slashdot.org)

Retrieving a Stolen Laptop By IP Address Alone?

Posted by kdawson on from the schooling-the-law dept.

CorporalKlinger writes "My vehicle was recently burglarized while parked in a university parking lot in a midwestern state. My new Dell laptop was stolen from the car, along with several other items. I have no idea who might have done this, and the police say that without any idea of a suspect, the best they can do is enter the serial number from my laptop in a national stolen goods database in case it is ever pawned or recovered in another investigation. I had Thunderbird set up on the laptop, configured to check my Gmail through IMAP. Luckily, Gmail logs and displays the last 6 or 7 IP addresses that have logged into your account. I immediately stopped using that email account, cleared it out, and left the password unchanged — creating my own honeypot in case the criminal loaded Thunderbird on my laptop. Sure enough, last week Gmail reported 4 accesses via IMAP from the same IP address in a state just to the east of mine. I know that this must be the criminal who took my property, since I've disabled IMAP access to the account on all of my own computers. The municipal police say they can't intervene in the case since university police have jurisdiction over crimes that take place on their land. The university police department — about 10 officers and 2 detectives — don't even know what an IP address is. I even contacted the local FBI office and they said they're 'not interested' in the case despite it now crossing state lines. Am I chasing my own tail here? How can I get someone to pay attention to the fact that all the police need to do is file some RIAA-style paperwork to find the name associated with this IP address and knock on the right door to nab a criminal and recover my property? How can I get my laptop back — and more importantly — stop this criminal in his tracks?"

3 of 765 comments (clear)

  1. Re:If you do most of the work... by CorporalKlinger · · Score: 5, Interesting

    I got the IP tracked down to Fuse Network on Cincinnati Bell's home internet service. I'm not going to post the IP address here since that probably violates the TOS of Slashdot or something. I will try calling Cincinnati's police tomorrow, but with the size of the city - and the fact the crime took place in Indiana - i doubt I'll get anywhere.

  2. Re:Report it to the Univeristy's judicial board... by pyronordicman · · Score: 5, Interesting

    I have a friend who was in a similar situation a while ago. Luckily, he had sshd running and the thief wasn't behind NAT, so we had ssh access to the machine once we found its IP address. The local police didn't know about IP addresses, so we were unsuccessful in motivating them to subpoena the ISP. However, we were able to remotely install Undercover, which used nearby SSIDs to give an approximate location of the laptop. Based on our work with Kismet and a directional wifi antenna, we were able to localize the thief to a single apartment building. With this information, the thief's name (gleaned from monitoring the thief's visits to myspace), and a multitude of webcam photos of the thief, the police managed to just walk in to the front office, get an apartment number, and retrieve the laptop. Unfortunately, none of this will help if you don't have remote access...

  3. Re:Report it to the Univeristy's judicial board... by julesh · · Score: 5, Interesting

    Just call the RIAA and tell them that IP downloaded a song. They seem to be able to do all the John Doe stuff through the courts to find out who it was...

    Actually, you can do that stuff yourself. File a claim with the courts for recovery of your possession, send a subpoena to the ISP, get the address, then either serve papers to continue the possession claim or hand the address to the state police.