Finding the real id of someone who posted something.

Discussion in 'Computer Support' started by Jim Tiberio, Apr 23, 2004.

  1. Jim Tiberio

    Jim Tiberio Guest

    I saw a votenader.org post show on a newsgroup I frequent along with about
    ten other newsgroups. The problem with this one was that it showed up as
    being posted by myself. Is there anyway to find out who posted it?
     
    Jim Tiberio, Apr 23, 2004
    #1
    1. Advertisements

  2. Jim Tiberio

    Unk Guest

    View the headers. It will give SOME information about the poster.

    For example, YOUR headers have:
    Message-ID: <c6a08h$9rirk$-berlin.de>
    NNTP-Posting-Host: ool-4357494c.dyn.optonline.net (67.87.73.76)
    X-Trace: news.uni-berlin.de 1082688593 10341236 I 67.87.73.76 ([162059])
    X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
    X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165

    A lookup gets:
    ISP/Who = Optimum Online
    TARGET: 67.87.73.76 (ool-4357494c.dyn.optonline.net)
    IP Location: United States - Connecticut - Stratford - Optimum Online
    (cablevision Systems)

    Not enough to come visit you....
     
    Unk, Apr 23, 2004
    #2
    1. Advertisements

  3. Jim Tiberio

    Jim Tiberio Guest


    Thanks, I have no idea how you gleaned that info but what does this tell
    you?

    Path:
    uni-berlin.de!fu-berlin.de!snewsf0.syd.ops.aspac.uu.net!news1.optus.net.au!o
    ptus!newsfeeder.syd.optusnet.com.au!news.optusnet.com.au!not-for-mail
    From: Jim Tiberio <>
    Message-ID: <>
    Newsgroups:
    rec.sport.baseball.fantasy,free.sports.soccer.man-united,alt.hh.ii.pp.cc.rr.
    ii.mm.ee.autos.sport.info,alt.sports.baseball.kc-royals,clari.sports.local.s
    outhwest.california
    Subject: March your way into the weekend!
    Date: Thu, 22 Apr 2004 22:45:00 GMT
    Approved: Jim Tiberio <>
    Organization: Nader for President 2004 - P.O. Box 18002, Washington, DC
    20036 - (202) 265-4000
    Reply-To: Jim Tiberio <>
    X-Newsreader: Microsoft Outlook Express 5.00.0810.800
    X-NNTP-Posting-Host: host-69-48-73-244.roc.choiceone.net
    X-Original-Trace: 5430878035 211.28.199.222 05868
    host-69-48-73-244.roc.choiceone.net (22 Apr 2004 22:45:00 GMT)
    Followup-To: Poster
    Lines: 80
    NNTP-Posting-Host: 211.28.199.222
    X-Trace: 1082675810 16964 211.28.199.222
    Xref: uni-berlin.de rec.sport.baseball.fantasy:138260
    alt.sports.baseball.kc-royals:20203
     
    Jim Tiberio, Apr 23, 2004
    #3
  4. Jim Tiberio

    Unk Guest

    Target: 211.28.199.222
    ISP/Who = Optus Internet
    City = Burwood East
    State = Victoria
    Country = Australia (au)



     
    Unk, Apr 23, 2004
    #4
  5. Jim Tiberio

    Boomer Guest

    Go to Samspade.org and do a 'whois' search for 211.28.199.222

    Here's more info
    http://home.att.net/~marjie1/usenet.htm
     
    Boomer, Apr 23, 2004
    #5
  6. The chances of running down this person are virtually nonexistent. The buzz
    in the spam-fighting groups is that this is the work of Hipcrime, a
    well-known and notorious cracker group(?). The posts are all done through
    computers whose owners, through either sloppiness or lack of knowledge,
    have left them open as relay points ("open proxies" in techspeak). The
    originating computers are all hijacked Windows boxes whose owners, again,
    are unaware their machines are being used for nefarious activities. ALL of
    the "From" addresses are forgeries. This spam forgery is so widespread and
    obvious that an ISP that tried to cut you off for spreading it should be
    sued for terminal stupidity; I wouldn't worry about your ISP giving you
    flak over this.
     
    Gary G. Taylor, Apr 23, 2004
    #6
  7. Jim Tiberio

    trout Guest

    Jim Tiberio wrote:
    As mentioned; the line to look at is the "NNTP-Posting-Host:
    211.28.199.222". You can go to any number of sites to do a Whois lookup
    when you have that number. I usually use http://www.dnsstuff.com/.
    Impersonation can be a problem in Usenet; there's not all that much
    you can do about it. If however, that is *your valid address* that was
    used; it makes it a case of forgery, rather than impersonation. This
    would likely be enough to terminate that person's account.
    Again, that address is .
     
    trout, Apr 23, 2004
    #7
  8. Jim Tiberio

    John Guest

    Unfortunately (and unrelated to this particular problem)
    stupidity does not seem to be terminal.
     
    John, Apr 26, 2004
    #8
  9. Jim Tiberio

    Guest Guest


    You haven't heard of the Darwin Award? Try http://www.darwinawards.com/
     
    Guest, Apr 26, 2004
    #9
  10. Jim Tiberio

    Demolitio Guest

    the last person who explained to me that people occassionally do stupid
    things...... walked into a stop sign while saying it.
     
    Demolitio, Apr 26, 2004
    #10
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.