Is It Possible To Trace An Ip Path Completely?

[bolognamare]

Offshore hosting servers are usually located on tax free countries.

They seem to be protected from a long serie of other servers with different routers and firewalls so it's not possible to localize them exactly, it seems an incredible feature for newbies and they seem to be perfectly safe from any kind of check.

Am i wrong?

Edited February 10, 2006 by bolognamare

[GuestHouse]

You are wrong.

The routers can make it difficult, but not impossible for the IP location to be trace. OK, Joe Ordinary is not going to manage it, but the police and security services certainly can.

[bolognamare]

You are wrong.

The routers can make it difficult, but not impossible for the IP location to be trace. OK, Joe Ordinary is not going to manage it, but the police and security services certainly can.

Even if ghost servers with routers and firewalls are located in different countries?

Do you know something better than this url? : http://www.whois.sc

Edited February 11, 2006 by bolognamare

[rio666uk]

A common problem with tracing IP is it will often trace back to its registration point and not the hosting server.... assuming that the hosting company and the hosting server are not "always" in the same location.

you can verify this yourself of course... download a 30 day trial of visualroute... its a very handy piece of software.

[Upcountry]

Anyone planning something nefarious should understand this.

Spamhaus and other fanatical organizations regularly blacklist innocent people in their effort to fight spam. Small companies can be pushed out of business by internet disablement due to blacklisting. People around the world, and in Thailand, are sometimes blocked from Slashdot, etc., because of blacklisting of their ISP’s IP range.

Blacklisting ultimately can be worse than spam, but the fact is that evil doings on the Internet threaten to ruin the whole thing. Look at Mr. Toxin and his greed. The same mentality is behind criminals on the Internet (who think they themselves are innocents with a right to earn a ‘buck’ no matter how) who ruin it for the rest of us.

I’m not suggesting that anyone on this thread has such intentions, but I’m blowing steam as a victim of efforts to fight it.

[rainman]

the average internet surfer won't be able to track it down, but if someone puts enough time into it, they will be able to track it down.

[bolognamare]

the average internet surfer won't be able to track it down, but if someone puts enough time into it, they will be able to track it down.

But he tracks down the hosting server (located in an offshore country), not the website owner?

Edited February 11, 2006 by bolognamare

[rainman]

the average internet surfer won't be able to track it down, but if someone puts enough time into it, they will be able to track it down.

But he tracks down the hosting server (located in an offshore country), not the website owner?

right. but its not impossible either to track down the website owner's IP address and therefor his location. imagine an email sent from the website owner through outlook express or another pc-based email client, it will include the sender's IP address either way, no matter if the website is located in an offshore country.

[bolognamare]

right. but its not impossible either to track down the website owner's IP address and therefor his location. imagine an email sent from the website owner through outlook express or another pc-based email client, it will include the sender's IP address either way, no matter if the website is located in an offshore country.

But the sender is your offshore hosting server (located where you don't live) so what is possible to discover?

If you use an SSL email account and the right software (done and easily available online from the smart guys of Tenebril) you can use outlook too...

Edited February 12, 2006 by bolognamare

[Butterfly]

It's possible in most cases, but it's clearly impossible if someone really wants to hide it.

How do you think hackers get their way through the Pentagon. They can't even be traced by the top expert from the government.

[johnnyk]

As an average internet surfer I used visualroute to check where I am located.

Not bad, it got within 800 miles, as far as the parent company of my ISP.

[bolognamare]

It's possible in most cases, but it's clearly impossible if someone really wants to hide it.

How do you think hackers get their way through the Pentagon. They can't even be traced by the top expert from the government.

I'm not a scammer or an hacker, simply i want to protect my privacy, do you mean that the 128 bit of SSL is not safe?

I think that hackers use backdoors or people that talk too much. Humans usually fall.

I think that my privacy security measures are enough to protect few little online businesses (no scams, no immoral, and hosted abroad) that give me money to spend in Los and live decently everywhere in south east asia.

Am i wrong?

Edited February 12, 2006 by bolognamare

[rishi]

Hacking is usually a log on, hack, log off and disappear thing, while a hosting server - in its very nature - remains connected to the internet by means of a fixed IP.

All you need to cloak yourself completely when hacking, is to have a WiFi laptop and log on to some unprotected WiFi network, connected to the Internet.

Unless there is some conspirency between your and your hosting server's ISP, the IP-track will always end exactly at the WAN IP your hosting server had at the given moment, it initiated the track being investigated. The only way to cloak a hosting server is to - very regularly - move to a different location and a different ISP giving you a different fixed IP (meaning you'll loose your old customers - unless you find out a sneaky way to inform them of your new IP, without informing someone else).

[bolognamare]

Hacking is usually a log on, hack, log off and disappear thing, while a hosting server - in its very nature - remains connected to the internet by means of a fixed IP.

All you need to cloak yourself completely when hacking, is to have a WiFi laptop and log on to some unprotected WiFi network, connected to the Internet.

Unless there is some conspirency between your and your hosting server's ISP, the IP-track will always end exactly at the WAN IP your hosting server had at the given moment, it initiated the track being investigated. The only way to cloak a hosting server is to - very regularly - move to a different location and a different ISP giving you a different fixed IP (meaning you'll loose your old customers - unless you find out a sneaky way to inform them of your new IP, without informing someone else).

Very regularly moving? like daily?

Is it available online a map of unprotected wifi network?

Does the Sierra 775 (2.75 Ghz) aircard works well in BKK (Dtac) and Singapore (Starhub)?

Suggestions?

As an average internet surfer I used visualroute to check where I am located.

Not bad, it got within 800 miles, as far as the parent company of my ISP.

I tried it three times, everytime i result somewhere else

And i tried http://www.geobytes.com/IpLocator.htm too, everytime i result somewhere else

How can be traced the route?

From the first ghost server of the visualroute list? With this server ISP help?

Edited February 12, 2006 by bolognamare

[Crushdepth]

Offshore hosting servers are usually located on tax free countries.

They seem to be protected from a long serie of other servers with different routers and firewalls so it's not possible to localize them exactly, it seems an incredible feature for newbies and they seem to be perfectly safe from any kind of check.

Am i wrong?

Just curious - why do you want to conceal the physical location of the server? And what are you trying to keep private - your email, website, or your own personal details/location? And from *who* ? If you give us a bit more to go on we might be able to give you some more solid solutions.

Edited February 12, 2006 by Crushdepth

[bolognamare]

Just curious - why do you want to conceal the physical location of the server? And what are you trying to keep private - your email, website, or your own personal details/location? And from *who* ? If you give us a bit more to go on we might be able to give you some more solid solutions.

Imagine something like an horses betting website.

Not legal in my country, not legal in Los, but legal somewhere else.

I need privacy from my living country (UK and Los), from countries that dislike that their citizens bet abroad, basically to avoid taxation and loosing time.

What's the right solution?

Edited February 12, 2006 by bolognamare

[LaoPo]

Just curious - why do you want to conceal the physical location of the server? And what are you trying to keep private - your email, website, or your own personal details/location? And from *who* ? If you give us a bit more to go on we might be able to give you some more solid solutions.

Imagine something like an horses betting website.

Not legal in my country, not legal in Los, but legal somewhere else.

I need privacy from my living country (UK and Los), from countries that dislike that their citizen bet abroad, basically to avoid taxation.

What's the right solution?

If someone knows where the gold is....at the bottom of the Rainbow....do you think he would tell you? ...meaning: especially the UK has a very large betting industry with extremely clever people; why not talk to them?

There surely must be some very clever software people on this forum (I'm not) but don't think you will find your solutions here, but I might be wrong.

LaoPo

[Crushdepth]

Ah ok, well in that case trying to conceal the physical location of the server isn't important. So long as you host it in a country/jurisdiction where gambling is legal then it should be ok. Your real problem (lets call it tax minimisation) is a banking / paper trail issue.

International tax law isn't my area, so sorry, but good luck

[bolognamare]

Your real problem (lets call it tax minimisation) is a banking / paper trail issue.

Yet solved!

[bolognamare]

Ah ok, well in that case trying to conceal the physical location of the server isn't important. So long as you host it in a country/jurisdiction where gambling is legal then it should be ok.

The unsolved problem is if one (or more) country wants to avoid that its citizens can bet online on another country website.

Can they link my website to the owner (me) and send a pidgeon to my living country to inform them that i'm collecting offshore incomes abroad?

For ex. paypal can be used if i can avoid players from countries that don't admit gambling/betting, even if it's like avoiding that I go phisically in Macao to bet, nobody can prove that.

Surely internet gives gambling/betting opportunity quite to everyone, so can you help me to solve this problem without loosing 4/5 of my future customers?

Edited February 12, 2006 by bolognamare

[rainman]

its true that you can relay everything through your offshore server, but what if someone gains access to that server? after all, they will have the IP address of it, they just need to find the door.

[lung]

first.. try NEOTRACE PRO

find in limewire...

u can do a lot with this.

second...

when u go over a proxy then you share IP with other poeple ...(ji-net)

thirt? ... i think WLAN (when have...) is the top

[bolognamare]

its true that you can relay everything through your offshore server, but what if someone gains access to that server? after all, they will have the IP address of it, they just need to find the door.

Well it's the last problem, offshore hosting servers are usually well protected, and a good backup service is usually offered for a reasonable price (300$/year).

After passwords changings of course.

The main thing is that your offshore bank account doesn't allow home banking features (don't ask me more about it, please).

If you want be totally sure you can create mirror websites linked to your main domain (each mirror with different IP), so if one is put offline from someone the others (hosted in other countries if you need it and with other hosting companies) leave your website online and members don't notice anything.

A risk can be your coder, it seems that a lot of them steal their golden eggs chickens (that you paid), so first to make your website earn a lot is better to make revise every code line from a certified company that can "assure" you that it's backdoors free (UK has the best ones).

Not a matter if the coder can see reports, the main thing is that he cannot modify the database.

The mirrors are a good way to avoid that your first server can be put offline from an evil coder.

Be careful with posts we are all blade runners and moderators have their finger on the "thread delete" button.

Do you know if the PCMCIA Sierra 775 EDGE 2.75G aircard is a good choice for DTAC in Los?

Edited February 12, 2006 by bolognamare

[bolognamare]

i think WLAN (when have...) is the top

Well http://www.mycyberpoint.com/coveragearea.html seems very interesting, have you tried it in Phuket? What is the middle down/upload rate in Kbps?

Is it alternative to DTAC EDGE or DTAG GPRS?

Does it work only inside structures? if i live near? what's the middle WLAN range?

Please moderators if something is against the forum rules delete single posts not the entire thread .

Edited February 12, 2006 by bolognamare

[bolognamare]

There surely must be some very clever software people on this forum (I'm not) but don't think you will find your solutions here, but I might be wrong.

Thaivisa collects the best minds alive on this earth because Los gains their expectations to the highest level.

I couldn't suppose to reach this knowledge without seeing Thailand with its flowers and without thaivisa posts (thanks Rainman, thanks Olredeyes, thanks Billyparadise, thanks P.), and this forum is absolutely my favourite one.

Edited February 12, 2006 by bolognamare

[autonomous_unit]

I am hesitant to respond, because I don't think I really approve of what you want to do. But, I think a lot of the discussion on this thread is naively optimistic.

As others have hinted, there is nothing that can completely hide a server. A motivated/financed attacker can turn over each link in sequence until he gets what he wants. This is analogous to bank vaults, where you cannot make something impenetrable, but only "unlikely to be penetrated in less than X minutes/hours". The only secure computer is one that is turned off, disconnected, ground into a fine powder, incinerated, and then scattered about. Much like keeping secrets among friends.

Look at spy stories, and all the trouble people go to in an attempt to have "blind drops" to communicate without revealing the communicating partner and without revealing that they are communicating. The main reason they do this is to prevent one compromised link from exposing the next. This is not possible in an IP relay, which must "know" its partner. And, even in the spy novel scenario, blind drops can get exposed through traffic analysis. Eventually, being a blind relay is an act of will, and it only works to the extent that others respect the willful decision not to divulge information.

Make sure you understand what the stakes are, that you can make an informed judgement of the risks, and that you can afford to "self insure" against eventual service compromise. The question is rarely "if" a compromise might happen, but "how often" or "how soon". I have to admit I drive too fast sometimes and risk a traffic fine, but not in areas where it might put me in jail or worse.

[Crushdepth]

As others have hinted, there is nothing that can completely hide a server.

This is absolutely true - particularly since what you actually intend to make the website accessible to the public. If it is publicly accessible, it's findable and hackable.

The unsolved problem is if one (or more) country wants to avoid that its citizens can bet online on another country website. Can they link my website to the owner (me) and send a pidgeon to my living country to inform them that i'm collecting offshore incomes abroad? dry.gif

I think you are mixing up a range of issues here. If a country (like Thailand) wants to stop their citizens accessing a site then they will try to block URLs and IPs. They won't intefere with a server conducting a legitimate activity in another country and they are unlikely to conduct an international manhunt against you (unless you are involved in something else that is seriously criminal).

Unless you are very careful, there *will* be a paper trail that will link you to the site. Since you aren't dealing in cash, it is quite likely that the authorities would be able to get hold of your credit card or bank account details (say through your domain registrar, hosting company, or from Paypal etc). So they can probably find out who you are. But why would they bother? I don't think anyone is going to ask you to explain the gambling site - but they might ask you to explain where all those cash deposits in your account came from.

Places that offer a high degree of 'privacy' in banking generally only want to deal with people that have very large sums of cash (and they will charge you for the privilege).

Frankly I don't think its worth the effort. I think you're better off setting this up as a legitimate, tax-paying business and saving yourself the headache, ie. try to find a place where you can minimise your tax obligations, not avoid them.

Edited February 13, 2006 by Crushdepth

[bolognamare]

first.. try NEOTRACE PRO

Simply AMAZING !!!

I've discovered where the sad scam of paypal fishing come from, and that my coder doesn't live where he says to live (i'm waiting his answer). Well the 1st node identify my surname, is it the same with a WLAN?

Do exist offshore ISP in south east asia that work in international roaming?

[bolognamare]

Unless you are very careful, there *will* be a paper trail that will link you to the site. Since you aren't dealing in cash, it is quite likely that the authorities would be able to get hold of your credit card or bank account details (say through your domain registrar, hosting company, or from Paypal etc). So they can probably find out who you are. But why would they bother? I don't think anyone is going to ask you to explain the gambling site - but they might ask you to explain where all those cash deposits in your account came from.

Places that offer a high degree of 'privacy' in banking generally only want to deal with people that have very large sums of cash (and they will charge you for the privilege).

Well : domain registrar, hosting company, or from Paypal = solved!

Well : where all those cash deposits in your account came from? = solved!

Well : and they will charge you for the privilege = still not today! = solved!

The 1st node is the main problem left, even if i don't need it if the business is completely automatic, but it can happen that i need to make little add-on or checks to the website so a WLAN seems the right choice.

I want to spend a lot of money in Los, is it a crime?

[ace]

Yes WLAN will add extra security, and this is why:

As the IP address is transmitted through the air, it mixes with the gases producing an IP, Oxygen and Nitrogen molecule, or ION. You may have heard of these. These can leave tell-tale traces, giving you away to "the Man".

In most hardware stores you will be able to buy a de-ioniser. Once purchased this device will need to be activated simaltaneousley with any wireless transmission. This will remove the stray IONs from the air so that none will be left floating around to be detected later by the authorities, or their pigeon agents (darn them).

For further information about this please contact me to join my training program and become a Trained Windows Application Technician - although you may very well already be one.

I hope this has been of some use-

Professor Ace - Trained Internet Technology Specialist