Retrieving a Stolen Laptop By IP Address Alone?
CorporalKlinger writes "My vehicle was recently burglarized while parked in a university parking lot in a midwestern state. My new Dell laptop was stolen from the car, along with several other items. I have no idea who might have done this, and the police say that without any idea of a suspect, the best they can do is enter the serial number from my laptop in a national stolen goods database in case it is ever pawned or recovered in another investigation. I had Thunderbird set up on the laptop, configured to check my Gmail through IMAP. Luckily, Gmail logs and displays the last 6 or 7 IP addresses that have logged into your account. I immediately stopped using that email account, cleared it out, and left the password unchanged — creating my own honeypot in case the criminal loaded Thunderbird on my laptop. Sure enough, last week Gmail reported 4 accesses via IMAP from the same IP address in a state just to the east of mine. I know that this must be the criminal who took my property, since I've disabled IMAP access to the account on all of my own computers. The municipal police say they can't intervene in the case since university police have jurisdiction over crimes that take place on their land. The university police department — about 10 officers and 2 detectives — don't even know what an IP address is. I even contacted the local FBI office and they said they're 'not interested' in the case despite it now crossing state lines. Am I chasing my own tail here? How can I get someone to pay attention to the fact that all the police need to do is file some RIAA-style paperwork to find the name associated with this IP address and knock on the right door to nab a criminal and recover my property? How can I get my laptop back — and more importantly — stop this criminal in his tracks?"
OrgName: Fuse Internet Access
OrgID: FIAI
Address: 209 W. Seventh St.
City: Cincinnati
StateProv: OH
PostalCode: 45202
Country: US
ReferralServer: rwhois://rwhois.fuse.net:4321/
NetRange: 208.102.0.0 - 208.102.255.255
CIDR: 208.102.0.0/16
NetName: FUSE-NET-BLK-8
NetHandle: NET-208-102-0-0-1
Parent: NET-208-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.FUSE.NET
NameServer: NS2.FUSE.NET
Comment:
RegDate: 2006-03-01
Updated: 2006-09-08
RTechHandle: RW855-ARIN
RTechName: Wagner, Rick
RTechPhone: +1-513-397-9796
RTechEmail: wagner@fuse.net
OrgAbuseHandle: FAT-ARIN
OrgAbuseName: Fuse Internet Access Abuse Team
OrgAbusePhone: +1-513-397-6598
OrgAbuseEmail: abuse@fuse.net
OrgNOCHandle: FIA-ORG-ARIN
OrgNOCName: Fuse Internet Access Operations Center
OrgNOCPhone: +1-800-387-3638
OrgNOCEmail: hostmaster@fuse.net
OrgTechHandle: FIA-ORG-ARIN
OrgTechName: Fuse Internet Access Operations Center
OrgTechPhone: +1-800-387-3638
OrgTechEmail: hostmaster@fuse.net
you may wish to contact the abuse e-mail or call the Network Operations Center listed above, both should be faster than snail-mail. if they're unwilling to cooperate filing suit against John Doe as previously mentioned would mean they would likely be forced to cooperate with legal authorities and divulge which subscriber had the IP address at the time.
If the guy's using a public access point (most likely if he's stolen a laptop he wouldn't pay for his own internet service) it's entirely possible that the owner of the (likely) unsecured access point may be held liable. Keep track of this Assclown via your logs to see if he connects via another access provider.
https://ws.arin.net/whois/
should be able to give you information on what ISP each IP belongs to.
If you get lucky you may actually find that the tard is using the stolen laptop on his own internet and then be able to reclaim it through a legal suit, and fistfuck him up the butt with the long arm of the law.
Best of luck
not his personal army.
Here you go:
RTechHandle: RW855-ARIN
RTechName: Wagner, Rick
RTechPhone: +1-513-397-9796
RTechEmail: wagner@fuse.net
OrgAbuseHandle: FAT-ARIN
OrgAbuseName: Fuse Internet Access Abuse Team
OrgAbusePhone: +1-513-397-6598
OrgAbuseEmail: abuse@fuse.net
Some other ocntact addresses, with email, courtesy of ARIN whois database.
Try calling the internet access abuse team, tell them he's illegally accessing your email account as well as having stolen your laptop, that violates their ToS and probably will get them riled up too because now they're helping him do something bad. Failing that, contact the technical guy, he may be more willing to help you, or may even be on here...
Having gone through this before, you can often find someone on the inside of that ISP willing to help you out (even if cops won't) - I've dealt with IRC abuse issues this way, you'd be amazed how fast people scare when you call their phone to tell them to stop fucking with your IRC server.
Sincerely,
Your Friendly Local IRC Operator