216.194.23.130

Discussion in '35mm Cameras' started by Dallas 1, Nov 19, 2003.

  1. Dallas 1

    Dallas 1 Guest

    This IP is one of three who have viewed the contact details page of my
    website over the past three weeks.

    This is the only place where the idiot pretending to be me could have come
    across that information.

    If there is anyone here who can assist in tracking down this fiend, there
    is a reward in the offering.
     
    Dallas 1, Nov 19, 2003
    #1
    1. Advertisements

  2. Dallas 1

    Dallas 1 Guest

    I should add, the other two IP's were mine.
     
    Dallas 1, Nov 19, 2003
    #2
    1. Advertisements

  3. nslookup :
    Name: as5300-9.216-194-23-130.nyc.ny.metconnect.net
    Address: 216.194.23.130

    result from www.whois.net :


    metconnect.net Back-order this name

    Registrant:
    MetTel (METCONNECT-DOM)
    44 Wall Street, 14th Floor
    New York, NY 10005
    US

    Domain Name: METCONNECT.NET

    Administrative Contact, Technical Contact:
    NY, NY 10004 (MT3751-ORG)
    212-248-1012

    Record expires on 10-May-2012.
    Record created on 10-May-1999.
    Database last updated on 19-Nov-2003 14:41:27 EST.

    Domain servers in listed order:

    NS1.METCONNECT.NET 216.194.28.33
    NS2.METCONNECT.NET 216.194.28.69
    ----------------------------------------------------------
    Judging by the output from nslookup, the IP address belongs to a Cisco
    Access Server (dial-in box).
    This means that the IP address of the actual PC accessing your website
    is NOT the IP you're talking about.

    Best bet to find out any more is to contact the Administrative Contact
    and have him look in his logs from the Access Server at the same time
    as the IP address accessed your website.

    Regards,

    Niels
     
    Niels J. Larsen, Nov 19, 2003
    #3
  4. Dallas 1

    Gordon Moat Guest

    If you are sure of the IP, then here is the information:

    <http://ws.arin.net/cgi-bin/whois.pl?queryinput=216.194.23.130>

    However, I suspect the wanker has a copy cat, or just another masturbating
    pen pal. Anyway, I have a few official complaints sent out, and I am waiting
    for reply.

    By the way, I will offer up a copy of any image from my site, as a printed,
    matted, and signed original, to anyone who toasts these juveniles. Any method
    is valid, and proof should be easy to verify.

    Oh . . . and if the little wankers are reading this, don't look here, the
    joke is in your hand.
     
    Gordon Moat, Nov 19, 2003
    #4
  5. Dallas 1

    AJ Guest

    The problem is; Netconnect is the largest ISP in the region. Getting someone
    there to actually take notice is not going to be easy.
    AJ
     
    AJ, Nov 19, 2003
    #5
  6. Dallas 1

    AJ Guest

    The prick is spoofing addresses.
    The IP you detected is in US. Earlier he used one from Zurich
    Complaining to ISPs is a waste of time. He has clearly committed fraud by
    impersonating another person. I don't know about the US but in Australia
    this is a Federal offence. It wouldn't hurt to notify the FBI. His
    activities cross state lines which to me means he as committed fraud in the
    USA. I believe they will action an investigation.
    AJ
     
    AJ, Nov 19, 2003
    #6
  7. [[email protected] wtallman]$ whois 216.194.23.130

    OrgName: MetTel, Inc.
    OrgID: MTTL
    Address: 44 Wall Street, 14th Floor
    City: New York
    StateProv: NY
    PostalCode: 10005
    Country: US

    NetRange: 216.194.0.0 - 216.194.47.255
    CIDR: 216.194.0.0/19, 216.194.32.0/20
    NetName: METCONNECT-BLK-1
    NetHandle: NET-216-194-0-0-1
    Parent: NET-216-0-0-0-0
    NetType: Direct Allocation
    NameServer: NS1.METCONNECT.NET
    NameServer: NS2.METCONNECT.NET
    Comment:
    RegDate: 2001-01-24
    Updated: 2002-06-13

    TechHandle: ZM116-ARIN
    TechName: Metconnect
    TechPhone: +1-212-607-2000
    TechEmail:

    # ARIN WHOIS database, last updated 2003-11-18 19:15
    # Enter ? for additional hints on searching ARIN's WHOIS database.
    [[email protected] wtallman]$

    HTH

    Bill Tallman
     
    William D. Tallman, Nov 20, 2003
    #7
  8. Dallas 1

    Gordon Moat Guest

    Actually, it was Dallas who looked at his web logs, and found that IP. The one
    I saw on the last few messages points to Switzerland.
    Sad, but true. Even threatening spamhaus ISPs rarely does much. However, it is
    with a clear consciounce that other actions can be taken, after official
    actions have failed. Just peace of mind.
    I think you brought up an important point about that. Obviously ignoring the
    kid is not solving anything, and may be encouraging worse behaviour. How long
    before this juvenile really physically hurts someone . . . . . .

    Ciao!

    Gordon
     
    Gordon Moat, Nov 20, 2003
    #8
  9. Dallas 1

    Jim Phelps Guest

    If this is the same prick that I tracked to a login name earlier this summer
    (with a bread-crumb program), none of this is going to help. If one ISP
    revokes his access (about the most anyone will do), he'll get it from
    somewhere else. It was amazing how quite he got after I ID'd him to the ISP
    last summer. Almost lasted three weeks!

    The best we could do is shut him down for a couple days/weeks. But he'll
    come back and if the last round of posts are any indication, he'll be more
    venomous when he does. Let's face it, misrepresenting yourself on the
    Usenet is not uncommon (Am I really Jim Phelps? The answer is of course -
    No!). Muchless, it's not a crime. Handles have been used in open public
    communications since 'Breaker-19' was a popular phrase. I do this to
    protect my privacy. I'm far from the only one. Right now, I can only think
    of four people who regularly visit the USENET that could associate my handle
    with my real name. Four is a short list. I'm willing to bet a pocket full
    of change that no LEA will be interested in our little problem. LEAs are
    busy mopping up after a crime has occurred, not being proactive...except
    with radar guns.

    Dallas, I'm not sure he got your personal info off your web page, but if he
    did, you put it there (sorry). It's easy to get someone's address and other
    personal info. If you have a listed phone number, you're wide open. If I
    know your city, state and name (and a check of your message header will give
    me a good part of the location), it isn't too difficult to come up with your
    address and telephone number if you're listed. If you have a rather unique
    last name (and mine is), it's even easier. A quick nation wide (US) search
    on Lycos (same on Yahoo) ended up with 4 returns on my name, 3 of which I
    can attest to former addresses! I haven't lived in the US for over 10
    years! One address was the former address of my parents and I moved out of
    there 26 years ago! Scary?

    No, ignoring him is not going to make him go away in the short run. As long
    as no one gives him his jollies, he will eventually get bored and move on.
    Imagine the hate a person would need to harbor to continue the level of
    aggravation this puke has - ad infinitum. That's why I believe he'll
    eventually move on if ignored. Someone with that much hate (and other
    problems) is sure to wind up on a marble slab, somewhere, with a sobbing
    family wondering why it all ended this way and why no one would help him.
    Some people's kids...

    Jim
     
    Jim Phelps, Nov 20, 2003
    #9
  10. Dallas 1

    Dallas 1 Guest

    Jim, read my reply to Gordon Moat. A crime has been committed and action
    is being taken.

    Sure, it is not a crime to read contact information off a public internet
    site, but when you use that information to impersonate the person who owns
    the information and then deliberately sabotage the persons electronic
    communications, sorry, you've done a big no-no in any 1st world country.
     
    Dallas 1, Nov 20, 2003
    #10
  11. Dallas 1

    Dallas 1 Guest

    My sentiments echoed.

    I have managed to filter out 99% of the crap that the person who hates the
    Shoot In has posted since it began, but every once in a while more bile
    comes through. Yesterday my mailbox was bombed by that Microsoft patch
    virus and this is as a direct result of the moron who posted those
    messages containing my email address.

    Fortunately I am able to change my email accounts myself so the one used
    in the post has been been disabled. However, this is where things get
    interesting:

    The troll has now officially crossed the line between being a nuisance and
    a felon because he has forced me to close a business address which as you
    are probably aware has financial implications. I use a dial up connection
    to the internet, so downloading hundreds of large-ish messages is not an
    option for me.

    If people visiting my website cannot contact me with that address, I can't
    obtain business. All my business cards (which cost me a lot to print)
    contain that address. More financial loss.

    So, what we are dealing with is no longer a nuisance, but an individual
    who has broken the law in this country. It amounts to sabotage and that,
    I'm happy to say, will result in a jail sentence.

    I have reported the matter to the SAPS and the forensic investigation
    department advise that once they have confirmed the nature of the crime, a
    further investigation will be launched and referred to Interpol. Our
    little friend will be extradited to South Africa and will stand trial
    HERE. If found guilty he will serve a sentence in a South African jail,
    loaded with thousands of HIV+ inmates, who I am certain will be eager to
    spread a little loving towards their new cellmate.

    He can run but sooner or later he will be caught. He picked the wrong
    person to **** with this time.
     
    Dallas 1, Nov 20, 2003
    #11
  12. Dallas 1

    Jeremy Guest


    While your high level of frustration is certainly understandable . . .

    You don't really believe that anyone is going to jail for having
    impersonated another, do you?

    His "crime" was reposting a few addresses and telephone numbers that were
    already available from public sources, as I understand it.

    I remember a case in the US this past summer where authorities were
    attempting to shut down an anti-abortion web site that posted the names,
    addresses and photos of doctors that performed abortions. It also posted
    information about those doctors' CHILDREN--their names, ages and where they
    attended school. The Court ruled that the site was not liable in the event
    that someone harmed the doctors or their families. As far as I know, that
    site is still up.

    If they can't shut that site down, what chance do you have in obtaining an
    arrest, much less a conviction?

    This is not the sort of thing that law enforcement authorities will consider
    high-priority, especially if coordination between different jurisdictions is
    involved.

    Best to just let it go, rather than get yourself all worked up over it.
     
    Jeremy, Nov 20, 2003
    #12
  13. Dallas 1

    Gordon Moat Guest

    I am lucky to have excellent blocking options at the server, so after the initial
    step of set-up, I do not see these at all. In fact, most of them are set to
    immediately bounce back, and a few fun ones include a rude message.
    That sucks. I had thought of the e-mail address changing at one point, but that
    could be a constant thing, and would make any business over e-mail tougher. If the
    authorities and ISPs do not clamp down more on this, people will start giving up on
    e-mail for business communications.
    Awesome stuff. I cannot think of a better place for the law breaker to go than a
    South African jail. Definitely a better option than a Swiss or American jail. Too
    bad he couldn't be extradited to Brazil, or Egypt, or maybe Mexico.

    Best of luck with this. If you want to contact me off group for this, feel free to
    e-mail me.

    Ciao!

    Gordon
     
    Gordon Moat, Nov 20, 2003
    #13
  14. Dallas 1

    Tony Spadaro Guest

    You're not Mr. Phelps??? That must explain why you haven't been accepting
    the missions lately.
     
    Tony Spadaro, Nov 20, 2003
    #14
  15. Please contact me off list.

    Martin
     
    Martin Djernæs, Nov 21, 2003
    #15
  16. Dallas 1

    Jim Phelps Guest

    It's really because Barney and I had a major falling out. Seems he wanted a
    bigger budget for more toys, and well, he was getting more popular on the
    show than I was... And darn it all, every Impossible Mission we took, we
    made - Possible. Just didn't made sense anymore :::~)))
     
    Jim Phelps, Nov 21, 2003
    #16
  17. Dallas 1

    Jim Phelps Guest

    Dallas,

    I did. Sorry to hear about your problems. Can you quantify the loss or
    damage to your business? I wouldn't go for criminal prosecution. Hit him
    where it hurts and go Civil. Imagine what it would be like if 50% of
    everything he earned for the rest of his life belonged to you!

    Jim
     
    Jim Phelps, Nov 21, 2003
    #17
  18. Dallas 1

    Lionel Guest

    It's not anywhere near as easy to do that as people think. (Well, not if
    you want to get any data back from the other end of the pipe, at
    least...) There are a couple of standard methods that experts use to
    hide their tracks when looking at websites, but our troll is a complete
    amateur. (And not very bright, either.)

    We already know our troll is based in NY, & a couple of basic checks on
    that IP address reveals that it terminates at a Cisco 5300 access server
    belonging to MetConnect in NY, so I'd give good odds that that is indeed
    the address he was at, at the time he accessed the website, (most likely
    from his usual dialup connection). MetTel should be able to pull CID
    records from the Cisco/Radius logs, which will nail down the phone
    number he connected from, as well as the account he used. (I'm assuming
    that he's not stupid enough to use his own account, although that may be
    overgenerous of me.)

    As mentioned earlier in this thread, that IP address is controlled by
    MetConnect:
    ---------
    OrgName: MetTel, Inc.
    Address: 44 Wall Street, 14th Floor
    City: New York
    StateProv: NY
    PostalCode: 10005
    Country: US

    TechPhone: +1-212-607-2000
    TechEmail:
    ----------

    So I'd recommend that Dallas save a copy of his web-server access logs &
    contact MetTel at that phone number.
    Dallas: Make sure that you include the time-zone that your webserver is
    set to, so that they can correctly match your log entries to theirs.

    It's a shame my day job's keeping me so busy at the moment. I estimate
    that it wouldn't take me more than two or three days of solid network
    hacking to ID the idiot well enough to be able to prove it in court.

    Best of luck, Dallas. Please feel free to ask for more technical help,
    if you need it.
     
    Lionel, Nov 21, 2003
    #18
  19. Dallas 1

    T P Guest


    Dallas doesn't have a business, except in his dreams. He is a low-end
    hired hack working in the IT industry, and any idea that he has (or
    had) a business is in the realms of fantasy (his own).
     
    T P, Nov 21, 2003
    #19
  20. Dallas 1

    Dallas 1 Guest

    Your email bounced.
     
    Dallas 1, Nov 24, 2003
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.