Can a website track down your address and other information by contacting my ISP?
What does my IP address have to do with your ISP?? I don’t think your ISP would know what my IP is.
They don’t need to contact your ISP. The IP address is logged every time you request a file from the server. If you do something nefarious, a website can subpoena (or politely request) the personal information associated with the IP at a certain time.
Sort of. When you visit a website, the web server usually has access to, and can record, your IP address because it has to know where to send the information you’re requesting. The administrator of the website you’ve visited can usually figure out easily from your IP address who your ISP is.
Sometimes your ISP will assign you an IP number that never changes (for example, if you have a cable modem or a DSL line), and sometimes they will assign you a different IP number every time you log on (which I think is normal if you have dial-up access).
So if you go and visit some website and the people who run that site want to know who you are, they are free to contact your ISP and ask them which one of their users had the IP address 128.54.32.67 at 1:49 a.m. on April 31st. But any decent ISP will not answer such a question (unless some kind of network abuse or court order is involved) and I think there are some ISPs that don’t keep that kind of information for very long.
I am not a systems administrator for an ISP, so I might be a little wrong in some of what I’ve said, but you’re worried about this, then you should follow your ISP’s terms of service, stay away from kiddy porn sites, and/or use a web anonymizing service that will conceal your IP address.
An IP address can be linked to a specific ISP because ISPs are assigned blocks of IP addresses they can then assign to users. However, individual users are assigned IP addresses randomly based on when they were online and who already has which addresses. So if I knew your IP address, I could find out where your ISP is (down to the street address, in fact) and possibly do some nasty things to your machine as long as it is turned, online, and using that specific IP address. But an IP address isn’t anywhere near as personal as a cookie, which is a text file resident on your hard drive.
freido:
Does the average ISP keep records on things like who had which address when? It would seem like a tremendous waste of resources.
The sentence:
“So if I knew your IP address, I could find out where your ISP is (down to the street address, in fact) and possibly do some nasty things to your machine as long as it is turned, online, and using that specific IP address.”
should read:
“So if I knew your IP address, I could find out where your ISP is (down to the street address, in fact) and possibly do some nasty things to your machine as long as it is turned on, online, and using that specific IP address.”
Sorry.
(All my titles are intentional, unless I state otherwise.)
I worked at a local ISP for a few years and we kept dialup logs for seven days (we only had about 10,000 dialup users). The logs showed what phone numbers connected to what IP address. So we could later cross-reference the phone numbers with the customer names if we had to. These logs were huge even for only 10,000 users, but came in very handy sometimes, such as troubleshooting a connection or handling a serious complaint.
If someone has a static IP you can try doing a reverse lookup and maybe you’ll get something about the user, such as gpeterson.dialup.verizon.com for example.
OneChance:
How long would a big ISP company like ATT keep their logs? Just wondering.
I’d just like to step in here and remind everyone of a few things: First of all, if you do choose to use an IP anonymizer, don’t use it here. Because they’re so often used by trolls and sockpuppets, when we see an anonymous IP address, we ban first and ask questions later.
Secondly, a big ISP might not ordinarily keep information for very long, but if they suspect something and have a good reason to, they will. If, for instance, someone starts posting kiddy porn to newsgroups, and someone complains, an ISP is likely to log all IPs used to access that newsgroup. If you’re doing something serious enough for the authorities to get involved, you will get caught eventually.
I don’t know about someone as big as ATT, but they most likely have many different servers, so I would guess that each server is keeping logs for at least a few days. I’m sure if you called them they would just tell you how long they kept dialup logs or what kind of information the logs were, uh, logging. It’s not a big secret, at least not with the ISP I worked for.
Also, there are several different logs an ISP can keep; one set of logs for each service, basically. The one I worked for had one set of logs for dialup access, one set for Usenet access, one set for FTP access, etc. And each set went back seven days, so it was easy to match dates and times and IP addresses to see who was doing what, when. It wasn’t easy to compile the information since you can imagine un-gzipping and lessing an archive that’s 200MB in size can be time consuming and put lots of load on a server. But it sure came in handy one time when we had to track down a kiddie porn pervert for the FBI.
A website can easily obtain the following with a simple
script:
your IP address
your ISP’s name
the OS you are using
the Browser you are using
your timezone
This alone is not enough to find who you are, sombody
would need to contact your ISP to have a chance of getting
your address. Most ISP’s will not give out user info, unless
it’s the cops/FBI/etc asking (and with a warrant)
Very few site opperators would use the data unless you
were trying to hack the site.
As I said above, getting the data mentioned is easy (but
getting your home address is not)
some sites have a valid reason for collecting that data
(i once had a ‘comments/guestbook’ page that did just
that…I had a reason for this, and never had to use the
collected data)
Other sites just collect the data to track you