Loading ...
Sorry, an error occurred while loading the content.

Re: [infoguys-list] mail tracing

Expand Messages
  • RMRI, Inc.
    ... There are better ways.. If I want to be anonymous, I just telnet to a Unix Shell Account, and then send or browse from there.. Usually I will send the mail
    Message 1 of 12 , Jan 30, 2004
    • 0 Attachment
      On Fri, 2004-01-30 at 09:37, Shawn Richardson wrote:

      > >AND IF I USE AN ANONYMOUS EMAIL >SENDER....
      >
      > Such as?
      >
      > If you are referring to hotmail, yahoo, etc. I still have a 70%
      > success rate. E-mail tracing is not always successful, but I have
      > learned from the best and have experienced a high rate of success. I
      > am always up front with clients about the possibility of success and
      > have many times worked countless hours trying to nail someone, only to
      > finally realize this one got away. When this happens, I generally
      > charge for the initial few hours and eat the rest.


      There are better ways.. If I want to be anonymous, I just telnet to a
      Unix Shell Account, and then send or browse from there.. Usually I will
      send the mail from the Unix Shell Account, because alot of the Unix
      Shell Accounts have their finger service running.. But I know that I can
      only be caught with finger if I am actually inside the server, if I log
      back out I won't show up when the server is fingered.. Someone that
      REALLY knows what they are doing won't be traced... Let's add on another
      layer here... What if I were to telnet to a Unix Shell Account, and then
      go on the internet from there, and then log on to an anonymous account
      like boxfrog.com and then send an email from that account? Then you have
      an email being sent from an anonymous account, that was accessed from
      another server (the Unix Shell Account) that was accessed via telnet
      from my machine. How would you trace that email?

      My point is that email tracing is fine for catching the "Internet
      Novice", but it takes more than the tracing techniques that most P.I.s
      know to find someone who is really "in the know" about what they are
      doing, and then it is only a "50/50 shot" at finding the right person.

      >
      >
      > The hardest thing I have dealt with regarding e-mail tracing is
      > getting judges to understand there is no surefire way to prove,
      > without forensics, that a certain person was the one actually sitting
      > in front of a computer and sending the e-mail.


      And then you still can't really prove it, right? What if the person was
      smart and dedicated enough to use a machine for just this, and they used
      a Binary Overwrite with Gutman standards to erase the data with? This is
      why judges are leary of allowing people to "point the finger" at one
      person.. There is too many "other possibilities".

      >
      > I totally nailed a woman who was stalking this family a while back
      > only to have the judge say he wasn't convinced she was the only person
      > who could have done this. Although, client's attorney proved she had
      > the passwords to access the account sending the e-mail and that no one
      > else had the passwords. Some judges just don't get it yet.


      I think that judges may be erring on the side of caution.. Look up a
      program called "Cain and Able" at www.oxid.it When you get a chance,
      download it and then find the tab that reads "Dump LSA Secrets" or "LSA
      Secrets". Look at all for the passwords it dumps off of your
      computer..... If I had your computer for 15 minutes, and you were on a
      highspeed connection, I could get most of your passwords... "Local
      Hacking" is actually pretty easy... Remote "hacking" is not so easy...
      Some people running Linux are not aware of the fact that now most Linux
      "flavors" come with "Tight VNC", and if one is not careful, I can take
      over their Linux box from my Linux Box with "Tight VNC".. Further, I
      could initiate a download for a program very similar to "Cain and Able"
      and get most of their passwords.. So, just because I have passwords,
      does not make me the culprit... I just had a case that I worked where a
      lady hired me to look at her system to see if her husband was going to
      "adult sites", and I asked her to drop her firewall for 3 minutes, and I
      was in... And within 15 minutes, I had her husband's adult site
      password... Too many "possibilities" still to get a smart judge to go
      with an email trace, or even forensics for pinpointing who was at the
      machine... But I do think forensics is great for getting evidence off of
      the machine that can be used to either prove a person guilty or innocent
      in court in certain situations..

      >
      >
      > That particular case, though, was a phone testimony. Very difficult
      > to prove your case over the phone.
      >
      >
      > I will say, the quicker I am contacted after receiving the e-mail, the
      > better. Also, it is best not to respond before contacting me.
      >
      > Just some FYI on e-mail tracing.


      My point here is this.. A large percentage of the people on the net are
      just "novices", and then you have a smaller percentage that are "net
      savvy", and then you have a very small percentage that REALLY know what
      they are doing on the net.. And that small percentage of people are the
      ones that most Private Investigators never run up against..

      >
      >
      >
      >
      >
      > Shawn Richardson
      > Investigator/Forensic Data Recovery/E-mail Tracing & Internet
      > Profiling
      > Professional Investigative Consultants
      > 500 Chestnut Suite 1637
      > Abilene, TX 79602
      > Shawn@...
      > ----- Original Message -----
      > From: brettnbold@...
      > To: infoguys-list@yahoogroups.com
      > Sent: Thursday, January 29, 2004 8:44 PM
      > Subject: Re: [infoguys-list] mail tracing
      >
      >
      >
      > Brett de'Rothschild
      > NUTS2U2 LEGAL SERVICES
      > SAN DIEGO, CA
      > 619-264-2660
      >
      >
      > [Non-text portions of this message have been removed]
      >
      >
      >
      >
      > <p><hr></p>
      > To subscribe, send an empty message to <a
      > href="mailto:infoguys-list-subscribe@yahoogroups.com">infoguys-list-subscribe@yahoogroups.com</a><br/>
      > To unsubscribe, send a message to <a
      > href="mailto:infoguys-list-unsubscribe@yahoogroups.com">infoguys-list-unsubscribe@yahoogroups.com</a><br/>
      > <p><hr></p>
      >
      >
      > Yahoo! Groups Sponsor
      > ADVERTISEMENT
      >
      >
      >
      >
      >
      > ------------------------------------------------------------------------------
      > Yahoo! Groups Links
      >
      > a.. To visit your group on the web, go to:
      > http://groups.yahoo.com/group/infoguys-list/
      >
      > b.. To unsubscribe from this group, send an email to:
      > infoguys-list-unsubscribe@yahoogroups.com
      >
      > c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms of
      > Service.
      >
      >
      >
      >
      > [Non-text portions of this message have been removed]
      >
      >
      >
      >
      > <p><hr></p>
      > To subscribe, send an empty message to <a
      > href="mailto:infoguys-list-subscribe@yahoogroups.com">infoguys-list-subscribe@yahoogroups.com</a><br/>
      > To unsubscribe, send a message to <a
      > href="mailto:infoguys-list-unsubscribe@yahoogroups.com">infoguys-list-unsubscribe@yahoogroups.com</a><br/>
      > <p><hr></p>
      >
      >
      > Yahoo! Groups Sponsor
      > ADVERTISEMENT
      > click here
      >
      >
      > ______________________________________________________________________
      > Yahoo! Groups Links
      > * To visit your group on the web, go to:
      > http://groups.yahoo.com/group/infoguys-list/
      >
      > * To unsubscribe from this group, send an email to:
      > infoguys-list-unsubscribe@yahoogroups.com
      >
      > * Your use of Yahoo! Groups is subject to the Yahoo! Terms of
      > Service.

      Risk Management Research & Investments, Inc.

      Director Of Operations: Rick Gurley
      Licensed Private Investigator

      Office Address: 1005 Cherry St. Suite 203 Columbia, MO. 65201
      Mailing Address: 2101 W. Broadway PMB 326 Columbia, MO. 65203

      Office Email: RMRI-Inc@...
      Home Email: RMRI-Inc@...
      Webpage: http://rmri.net

      Office Tel. 1: (573) 256-6240
      Office Tel. 2: (573) 256-6241
      Office Fax: (573) 256-4746

      Home Tel: (636) 410-0251
      Home Fax: (636) 410-0257

      EMERGENCY PHONE: (866) 878-7099


      [Non-text portions of this message have been removed]
    Your message has been successfully submitted and would be delivered to recipients shortly.