Are you being tracked? A lesson in basic networking...

12 posts / 0 new
Last post
#1 Fri, Aug 5, 2011 - 9:08am
Joined: Jun 16, 2011

Are you being tracked? A lesson in basic networking...

Some guy wrote this:

"The opposition can track your IP and use geolocation to ID where you are writing."

He sounded pretty cool writing it too! But reality is a a bit more boring than you might think. I'll keep this simple so I don't sound like a twat trying to talk people down (like that guy was at the beginning of his post).

MAC Address

On a network you are represented, at the lowest level by what known as a MAC address. It's a globally unique ID set in your network card by the manufacturer. To check you MAC address, open a command prompt Start >> Run cmd.exe.

Then type ipconfig /all

Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) 82567LM Gigabit Network Connection Physical Address. . . . . . . . . : 00-27-70-AA-46-5A (not my real one) Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : Subnet Mask . . . . . . . . . . . : Default Gateway . . . . . . . . . : DHCP Server . . . . . . . . . . . : DNS Servers . . . . . . . . . . . : Lease Obtained. . . . . . . . . . : Friday, 5 August 2011 9:41:04 PM Lease Expires . . . . . . . . . . : Friday, 5 August 2011 10:41:04 PM

IP Address

The next layer in the network you need to know about is the IP layer. This is how most networks operate. The protocol called TCP\IP uses an address called the IP address to allow machines over the network to communicate. You can see my ip address in my home network above. Your 'public address' however is supplied by your ISP, and is used on the oher side of your router. To find out what it is go here:

These two addresses are the main way you are tracked on the internet, via the network layer. To hide your ip address, use a free proxy (google free proxy) or try this:

Now check the whatismyip site again through hidemyass. Different IP right? There are better ways, but thats a basic way to get started. You are now IP cloaked.

So what about that 'geolocation thing'. Garbage! The best someone can do is tracert you (in that command prompt type tracert Trace Route shows the network path between you and someone else. If you have a detailed enough network map, you can at best work out which local telco exchange you are connected to. Since you are usually a few km from the exchange, this isn't exactly accurate or even useful unless they have your real name (to do a local telephone listing search perhaps.). I'll even tell you my old ADSL exchange... Petersham, Sydney. There are about 50,000 people within range of that exchange. You are sill anonymous.

If you want a new Ip address and your router doesn't allow releases, simply turn it off when you don't need it. Each time you leave it of for long enough, like when you are at work or away on a weekend, chances are the DHCP lease will expire and when you power the router backup up it'll get a new address.

Changing the mac address. Many network cards allow you to set you own mac address directly from the device properties(my dell laptop can), but here is something someone has already written:

The importance of the mac address is that if someone can resolve you mac from the network cloud, they know it's you, even if you change ISP's, or change country. The good news is, on the internet, getting a mac address is pretty hard, as you are likely layered behind a firewall. Most firewalls can change mac addresses as well. Poke around and play with it. I would not bother changing my mac unless I thought someone was out to get me... or my machine had been compromised.


This is one of the use most prevalent tracking systems in use. When you visit certain websites they store unique ID's in your browsers cookie cache. Each time you visit the site, they know it's you. Piecing together the cookies in your directory allows someone to know information about you, but only if they have your history to go along with it. So, if you want to be paranoid, use something like Google Chrome in 'Igcognito' mode (as I do half the time), or perhaps a dedicated secure browser.

Dial home code

This is an app that you can inadvertently install on your machine that will connect back to someone else on the internet, and report on whatever its designed to do. This usually fals in to the 'malware' category. If someone is coming after you, you'll get a special version just for you. No AV or Anti-malware will ever pick this up. For the truely paranoid (and moderatly technically competent) look in to ZoneAlarm or BlackICE. Zine or blackIce are software that keep track of what you consider safe and normal on your machine. If you DO ever get extra software on your machine, they will detect and question if thats what you want when that app starts, or when it tries to dial home over the network.

Dismiss all the rubbish by supposed experts on how 'they were tracked!'. If they were, and they really are technically competent, it's actually quite simple to stay safe and secure enough to make yourself a hard target. -not- an impossible, but fairly hard.

Still paranoid or want better security?

  • Turn off your Wifi entirely. (Unless you just turn it on to use a neighbors connection)
  • Use a layered firewall. I have an old Apple airport, hidden behind an old PIX, thats behind the ISP supplied firewall in my cable modem.
  • Use truecrypt to store your documents. Make sure you backup the truecrypt file. Name it something like Video Hits 1997 - maybe corrupt.avi.old or something that 'should be' about a gig. Hiding in plain sight.
  • Use a different username and password for each and every site.
  • Turn off every service on your machine not needed(Services.msc). Then get used to your process list (task manager). You can spot most rogue programs once you are used to your process list.
  • Consider not using windows unless you really know you need to. Ubuntu or OSX are alternatives that give you a lower chance of being exploited, as simply most tools and internet machines are running windows. They are not 'that much' better, but statistically, if you are not in windows, most 'pseudo hackers' will not bother you.

Who am I? I've been a programmer since I was 9, that's 30 years now, and professionally have worked in the infrastructure engineering side of banking for the past 20 years. For a while I've worked as a security consultant(mostly for DMZ builds, but also for a bit of tiger work) and have spent many an evening wearing the black hat as well for fun. I've been around in this space since 2600 releases on BBS's were the only hacker community. What I will say, is that 98% ish of the 'hackers' are just posers using 'hacker' apps they didn't even write themselves. It's sad, and nothing something to worry about and I don' even consider myself a hacker in the slightest.

Edited by: asymptote on Nov 8, 2014 - 5:24am
Fri, Aug 5, 2011 - 2:09pm
The Sweet Sunny South
Joined: Jun 14, 2011

great basics intro

hat tip

"When plunder becomes a way of life for a group of men in a society, over the course of time they create for themselves a legal system that authorizes it and a moral code that glorifies it." - Frederic Bastiat
Sat, Aug 6, 2011 - 2:42am
Code The Plumber
NoVa, VA
Joined: Jul 8, 2011

Not quite

I have absolutely seen people get "looked up" with tools only available at the tracker's place of work.

It's great to give people safety tips, especially when you have investment sites (and god knows what else) scraping for hotmail and yahoo cookies, but everyone should also know:

China stole piles of info from our gov't by pouring fake chips in routers and selling them below market price. A hardware listener, that doesn't report its own transmission. Brilliant. Who made your router? If it wasn't you, you should assume nothing.

The authors of the most common Unix/Linux IP stack allege they were paid by NSA to code back doors that probably still exist in most implementations today. Who wrote yours? If it wasn't you, you should assume nothing.

Your ISP doesn't let you connect to shit until it identifies your hardware. Anyone with say congressional approval to peek into your ISP's record of you (thank you, Patriot Act) can get to you. Your access point's mac address gives them the street address with a quick knock on your ISP's virtual door.

Are hackers that get caught just dumbasses that forget to spoof their true mac address? What about terrorists? Do they not understand this either? OBL just forgot to set up NAT. Or does someone else have a bird's eye view of everything? What do you reckon the volume of your outbound traffic is? Throw up a monitor and check. You think Microsoft can offer you Gb's of storage for free to store email, but nobody can viably keep your piddly outbound traffic when provided the world's biggest defense budget and congressionally authorized always-on hooks into the major hubs?

Good luck being anonymous.

Also, regarding dial home code, lots of software out there allows you to configure what applications are allowed to generate outbound messages. I'm frustrated that this stuff isn't built-in and enforced at the OS level by now. When I install software, the first thing I should be doing is specifying whether the software sis global or just for my user, what executable permissions I wish to grant the app, and whether to install services that are part of the install package.

Sat, Aug 6, 2011 - 3:07am Code The Plumber
Joined: Jun 22, 2011

@Code and Crop Circles.

. Project Camelot. Hey man just take a tour. Library full of info. Best and Thank You.

Sat, Aug 6, 2011 - 6:56pm
Prize Fighter
Joined: Jun 14, 2011

Now I know how my family

Now I know how my family feels when I talk economics. Think I'll just have to remain visible with the other hundreds of millions. Seems to me if you are one of the few who thinks they are hiding you'll probably just end up separating yourself out from the herd to be tracked by those back door ghouls.

Mon, Aug 22, 2011 - 3:14pm
Chico, CA
Joined: Jun 14, 2011

post pictures of your silver! not

Good stuff on security. I like to say you can never be too paranoid. (not sarcasm)

One more thing I wanted to add in there is exif data, the embedded info that is inside your images. If you use a gps enabled device like a smartphone, every picture you take has your exact location.

The old blogspot site scrubbed all that data automagically, but the new site here lets users upload anything they want.

here is a free site you can use to see what extra data is in your image before you upload or share it:

A little knowlege in this department I think will go a long way.

hey if you want to post pictures of your stash or let your location be known go right ahead, I just want to make sure no one does so accidentally.

Also, the mac address info is good to take into consideration as stated above. Your computers mac address is like a fingerprint, and in theory a very effective way to find you provided the manufacturer of your computer is willing to give out the sales data that correlates to your physical machine.

turds macbook is a good example, say you had his macbooks mac address and you subpoenaed apple for the correlating credit card used to buy it /etc. Just joking around so don't flame me but you get the idea.

Mon, Aug 22, 2011 - 3:19pm silverbleve
Joined: Sep 23, 2018

silverbleve wrote:The old

silverbleve wrote:

The old blogspot site scrubbed all that data automagically, but the new site here lets users upload anything they want.

Just to clarify, this is not true. The issue is when users link to images they have saved on third-party sites like Flickr. Nothing we can do to prevent people from uploading images with extra data on other websites.

Mon, Aug 22, 2011 - 3:32pm
Joined: Sep 23, 2018

No worries, silverbleve, no

No worries, silverbleve, no offense was taken. Just wanted to make sure to clarify so others have the right information. Thanks for your support.

Mon, Aug 22, 2011 - 3:32pm TF Metals Admin
Chico, CA
Joined: Jun 14, 2011

its ok

I'm not knockin you admin. Yes I know users can post images that are hosted on other sites. I would much rather have images I post uploaded through the nifty interface and hosted on the turd server, that way we know they will never 404. But my upload limit has been reached:)

I just wanted to put the word out how it works so users can make their own informed decisions. No blame was ever directed at you or your web team, you guys are cool. Good job on turds site!

Sun, Aug 28, 2011 - 10:46am
The Universe
Joined: Aug 5, 2011

If or when...

the government confiscates least they will know where to find you!!!...

Bag Of Gold

Sun, Aug 28, 2011 - 11:30am
Joined: Jun 14, 2011

As a programmer as well (not

As a programmer as well (not as long as asymptote) and knowing some lesser hats.. I can honestly say that if a real, tried and true, cracker wants your shit... he's going to get it. The game is "layering to make it un-profitable". That's all most of us who don't actively defend against attacks as a primary life roll can do. Good info none-the-less.

Sun, Aug 28, 2011 - 6:18pm
Joined: Jun 14, 2011

Awesome post

thanks for the great info