# Beware: Police are pinging users of this site



## floppy123 (Mar 14, 2008)

Beware.


----------



## POTUS (Mar 14, 2008)

The IP's for the users of this site are not public.

The server is in Holland.

The only way to ping someone is to know their IP address.

Ping:
Packet Internet Groper. A utility that forwards data packets to check the quality of a link or verify the connection of a machine to the Internet.

Packet Internet Groper is an Internet utility used to determine whether a particular IP address is online. It is used to test and debug a network by sending out a packet and waiting for a response. 

Ping is a basic Internet program that lets you verify that a particular Internet address exists and can accept requests. The verb ping means the act of using the ping utility or command. 

Ping is used diagnostically to ensure that a host computer you are trying to reach is actually operating.

Ping is a basic network program used diagnostically to check the status of a network host or device. 

Ping can be used to see if a particular network address (IP address or host name) is occupied or not, or if the host at that address is responding normally. 

Ping can be run from e.g. the Windows Command prompt or the command line in Unix.

IP address
The Internet Protocol address is a network level (level 3 of the OSI networking reference model) address assigned to each system in a TCP/IP network. It is 4 bytes long.

IP host address
An IP host address is a part of the 4-byte IP address. The IP address can be divided into two logical parts: an IP network address and a local host address. The IP host address is unique for every node on a single network.

IP network address
An IP network address is a part of the 4-byte IP address. The IP address can be divided into two logical parts: an IP network address and a local host address. The IP network address is the same for every node on a single network. 

The IP network address facilitates routing between Internet networks.

a ping doesn't show anything about users. It only shows if a server is online.

When a ping is performed, it does absolutely NOTHING but tell you if that IP address is functional or not. That's it. Nothing else.



Even if you had my IP address, it wouldn't tell you anything except if I'm online or not.

Your IP address doesn't contain your member name here or your user name at your IP host. It's a worthless piece of information unless you have a MEMBER name to go with it.

Also, as pointed out, it can't be used against you without proper legal procedure.


----------



## HippyInEngland (Mar 14, 2008)

This explains what a ping is and how it works

hxxp://kb.iu.edu/data/aopu.html

change the xx to tt


----------



## floppy123 (Mar 14, 2008)

hxxp://www.stand.org.uk/privacy/isp1.html



> First up, the default. Your ISP can't give personal info about you to anyone else without your permission. That's what the Data Protection Act says.
> 
> There's at least three big exceptions to this, though: detecting or stopping crime, apprehending offenders, and collecting taxes. Anyone engaged in these worthy pursuits can go to your ISP, and ask them for any personal data they have on you.
> 
> Of course, your ISP doesn't have to give them this info. All the DPA says is that your ISP won't be breaking the law if it does give out what it knows.





> To avoid this, the police and the ISPs (and indeed the phone companies and post office) use a form called a S29(3). Here is an example form (it's called a 28(3) there. Long, dull story.).
> 
> The S29(3) is one of those documents that you'll find either incredibly disturbing, or strangely reassuring.



Im trying to find information on how anyone that visits here from another site gave their ip to that last site and I do believe they can even trace what site to left for... Anyway i'm sure you're as safe as you're gonna get when you come here.


----------



## umbra (Mar 14, 2008)

I'm glad everyone was on top of this. Potus thank you for the IP tutorial. No one mentioned when using DHCP that your IP address changes everytime you long on to your ISP, or that Ping function usually requires more info like subnet mask. But it is clear that we are not in danger. Cookies are as much of a concern, and that's not a problem either.


----------



## Nova (Mar 14, 2008)

Actually, just clarify dont know if its already been said. 

People can find your almost exact location, within miles, by doing a traceroute. 

This tells the person performing the traceroute what switch that IP is coming off of, whether you are online or not, they can still find where that IP originates from....

Nothing to be scared of though....it brings them within a 1-15mile radius of you....its not exact! 

I doubt they monitor this site.....


----------



## POTUS (Mar 14, 2008)

The closest anyone can come to anyone is the place that is thier ISP.

If their ISP is 250 miles from them, then that's who knows the person that IP address belongs to.

It takes a warrent to get that information.


----------



## snuggles (Mar 15, 2008)

And to make this scenario even more interesting...I log on to a neighbors wireless connection....LOL. Or perhaps I post from a non grow house. Even if they could get your info it would not be something any judge would give a warrant for....too much of a risk 

I'm a network engineer, we ping when there is communication problems, that's all we use it for.

EDIT:
...it's not the IP address it's how you choose to surf that's the danger.

Everyone who gets worried by this owes themselves a little trip to some security threads, or just do some research online. You need to use your screen name on MJ sites and only MJ sites use a different username for the legal stuff....google is probably our worst enemy....jusy my 2 cents guys.

PS I am a network engineer and I find no danger in being here. Also the computer is used against us after we are busted not to bust us....there is the danger.



Just wanted to prove that IPs are nothing it's how we surf.


----------



## POTUS (Mar 15, 2008)

snuggles said:
			
		

> The computer is used against us after we are busted not to bust us....there is the danger.


 
Thank you for your wise advice and information.

Yes indeed, IF a person is busted, AND their PC is considered evidence in a crime, THEN the police can, will and DO send it to a computer lab to be analysed. They WILL find anything and EVERYTHING that you have on that PC. This includes a great many "deleted" files.

Files are NOT deleted in actuality. They are over-written. Until they are thoroughly over-written, they are still there and still readable.

If you are ever in fear of being busted, take your entire PC to someone else's house and the cops can't use it because they won't find it.

Again, Snuggles, thank you for your input! Way too many people worrying about things they don't need to and most not worrying about the things they SHOULD worry about, (like their screen names).

BRAVO, BRAVO,  to Snuggles!!!!


----------



## Thorn (Mar 15, 2008)

Agree on that one. A while back there was a thread about posting pictures of our critters or pets and I was going to post one all about my rats but my net was being a bit slow and wouldn't allow me to upload pics. I never posted it in the end because I realised there are so many people who know my rats and other pets and have seen them, played with them. There are also pictures of them on places like myspace so that really wouldn't have been a good idea.

All it would have taken was one person to recognise a picture of one of my pets and it could have all gone 'to pot'!

I know a lot of us take big risks placing grow journals and the likes on this site, but the positives must outweigh the risks because we are all still here 

On my Lowryder journal, I can still not decide whether to put pictures on here of the plants that will be growing outside guerilla style in the worry that the area may be recognised. But even if I don't I'll still have indoor plants to keep everyone interested and then can just do harvest pictures once they are taken down and away from the guerilla area.


----------



## Nova (Mar 15, 2008)

Every neighborhood has a switch, whether your on a dsl or cable line. The point of the switch is to prevent the electrical charge, the information being sent, from degrading, these are called packets. So switches are needed to receive the information, and send it out in another packet. If you stretched a solid line for 250 miles you would have massive data degradation, this is how electrical charges work, and even fiber-optic lines need for the signal to be re-boosted, just not as frequent as the standard electrical lines.

This is also why the MarP server seems slower and faster to others. For instance...
Im in the western united states, data must travel through switches all the way across the USA and then over to the server, this takes awhile. While say, someone in the UK is just a skip from the server, and the data is received much faster, because it goes through less switches.

The whole purpose of a switch is to receive the information and then send it out again. Switches can be traced down to neighborhoods, the more urban areas are gonna have more switches because of the population than say rural areas where the population is less dense! With the use of RDNS, it is quite easy to tell the city and state of an IP as thats how most ISP's classify them these days. 



Nova

Here is a traceroute from a server to myself.....my IP has been bleeped out. 

HOST    LOSS    RCVD    SENT    BEST    AVG    WORST
ge1-1-0-18-10g.core-01.easynews.com    0%    10    10    0.46    3.93    18.20
e-2-11-1000m.core-03.phx1.puregig.net    0%    10    10    0.34    0.77    1.79
ve5-10G.core-04.phx2.puregig.net    0%    10    10    0.31    6.38    55.18
69.16.128.137    0%    10    10    0.42    1.13    2.43
te-4-3.car2.Phoenix1.Level3.net    0%    10    10    0.76    6.52    52.30
ae-4-4.ebr2.LosAngeles1.Level3.net    0%    10    10    9.70    15.10    21.00
ae-62-62.csw1.LosAngeles1.Level3.net    0%    10    10    10.05    21.06    58.26
ae-13-69.car3.LosAngeles1.Level3.net    0%    10    10    10.03    14.94    42.20
sbc-level3-10ge.LosAngeles1.Level3.net    0%    10    10    11.05    19.94    84.66
* (MyIP block)    0%    10    10    25.96    35.89    98.51
*(MyIP block)     0%    10    10    25.87    33.56    63.91
*(MyIP block).sbcglobal.net    0%    10    10    25.77    26.87    30.57
???    100%    0    10    0.00    0.00    0.00

As you can see, you are able to see each switch the information is sent, how long it took, and how much loss of data packets.

You dont need a warrant for it, anyone can do it....

Try it yourself, and test your data loss, traceroute.org allows you to test your connection to ISPs in several countries....

We as customers cannot fake/hide/manipulate our own ip addresses, it is public info wherever you go. Everytime you connect to yahoo, this site, it logs your IP, its like a fingerprint. We can get software that prevents unknown connections from happening (_port-snooping_), connections we havent initialized ourselves. Only the server responsible for your DNS Authority can alter/assign a new ip address. For the record, most IPs are dyanimc and change everytime you flip that cable/dsl modem on and off! 


If you have a STATIC IP it is set in stone and is a permanent IP that will never change, no matter how many times you cycle your modem or router! MAC Addy's can also be cloned, there is plenty of software out there that enables you to change the MAC Address of your hardware. 

This site is 100% perfectly safe. Even if they did give the LEO your IP, so? They would still have to cross international lines to obtain any information, by which they would have to talk to MarP to get his permission to copy the information, and he doesnt have to say yes since its legal in the country where the server is being operated!

Smoke on!!!!!

Nova


----------



## headband (Mar 15, 2008)

and someone could post up a link, and when that link is followed to another site, whham, they have your ip. Watch out for sketchy links.


----------



## AlienBait (Mar 27, 2008)

Does it really matter if you are being pinged?  My cheapo Netgear router is set to not respond to pings (by default), so even if they ping my IP Address, they will get no answer.  Even the Built-In Windows XP firewall has that feature.


----------



## Hick (Mar 28, 2008)

I'll be working on this periodically. "Stickied" it for now, but will attempt to organize it into an informative format for a security post/sticky/announcement. I'll leave it open for awhile, to allow for any omitted or new information to be added. 
Any of you programers or security nuts that can add "good" information, please do it now. Hopefully once compiled and posted, there will be no need for follow up posts.

THANKS POTUS, Nova, snuggles, floppy and all involved


----------



## md.apothecary (Mar 28, 2008)

Having my CSIT degree, let me make this super simple for those not too technologically inclined to understand.

A dynamic IP address changes each and every time you reboot the computer. This makes it more difficult, however, IF they obtain your ip address regardless of it being static (nonchanging) or dynamic (changing), they can obtain records from your internet service provider (ISP) who now, in America are required by law to obtain and release records upon request. Anyone using SBCGlobal/SBC/ATT/YAHOO and MANY other ISPs are pretty much screwed if they get busted and the computer comes into question. Regardless of the SERVER location, the ISPs record ALL information sent through them in log files, including each of your posts you've ever made through your internet. It's like a huge keystroke recorder. 

Also, to clarify, IF you get busted, and a computer is not found, but part of the evidence that lead them to you was related to a computer, you can bet your bOOtY they'll locate it. The person holding it for you will then be committing themselves a felony for consealing evidence and/or making themselves an accessory to the fact. 

As far as removing your "deleted" files. if you use a PC, you're screwed, you'd have to WIPE your drive using an overwrite program like BCWipe or whatever. This overwrites the drive with 1's and 0's, simply formatting the drive does not work, and any computer forensics professional (or person with a CSIT understanding) will know how to recover said drive. 

If you use a MAC, it's much harder to recover because MAC's automatically write over portions of the file fragments, in most cases enough to totally destroy the evidence, but again, if it comes to the INTERNET, you're screwed, it's already recorded once you hit the enter key.

I've said this before in other posts, if you're going to commit to it... COMMIT to it! You're already screwed if you're in the US. 

EDIT:
They flag certain websites for information anyway, this is not unlike checking out a book on say, nuclear weapons, from your libraries. Certain books are flagged for FBI lists, and yes, that is NOT a myth. However, it is supposedly inadmissible in court, it's still giving them a heads up. I do NOT discourage you to use sites like this by any means, simply be careful with what you "search" for on sites like yahoo, and also be careful with what information you DO post, such as location, as this is what tips off most online investigations to begin with.


----------



## HippyInEngland (Mar 28, 2008)

Worth a read if your worried

hxxp://resources.zdnet.co.uk/benchmark/

I use this as aid hxxp://anonymizer.com/


----------



## md.apothecary (Mar 28, 2008)

IP address hiders and masks do NOT necessarily work the way most people think they do. 

Your ISP still logs your individual activity. The IP masks and anonymizers only mask your IP address to individual sites. However, software like this forum software (vBulletin) isn't necessarily phased by that. Being an admin on a VB board, it is capable of telling me every IP address a user has logged in under in the database. But again... it doesn't matter since it comes down to your Internet Service Provider's records. Each time you make a connection and data is sent it starts recording activity instantly.


----------



## allgrownup (Mar 29, 2008)

> Even the Built-In Windows XP firewall has that feature.



how about explaining to us non-computer savvy people how to do this?


----------



## AlienBait (Mar 29, 2008)

allgrownup said:
			
		

> how about explaining to us non-computer savvy people how to do this?


 
Well, if your computer is connected directly to the internet, via DSL, Cable, Dialup, or whatever, then you should have some form of Firewall installed on your computer.  Windows XP has a built in version which works fine for most purposes.  If you want even more protection, you can get a Third Party software package like Trend-Micro, or Zone Alarm.

Anyway, for the bare minumum, Make sure your Windows Firewall is turned on:

Click on START and Right-click on "My Netowrk Places"
Select "Properties"
Right-Click on "Local Area Connection" and select "Properties"
Click on the "Advanced" Tab
Under "Windows Firewall" click on "Settings"
Make sure there is a dot in the "On (recommended)" circle and click a check in  "Don't allow exceptions"

Now, if you don't have some kind of firewall running on your computer, it is probably already crawling with viruses and spyware.

Also, don't subscribe to any music/file sharing services either.  They are bad news.  Just my opinion.


----------



## md.apothecary (Mar 29, 2008)

It's also highly recommended if you don't already have a router, to get one.

A linksys comes with built in hardware firewall, and NAT (network address translation), which is a handy feature to have if you're worried about being secured.

Again, this is for protection of YOUR computer, and will do nothing for you being caught looking at illegals online. Firewalls protect you from 3rd party access.


----------



## md.apothecary (Mar 30, 2008)

trillions of atoms said:
			
		

> its not illegal to look at mj....just to posess it.



True, but as soon as you discuss online your growing it, it becomes part of your online "record", and this site along with all of your other MJ sites and seed banks are all URL logged.  So, yes, looking at it is legal, growing in some areas is not.


----------



## md.apothecary (Mar 31, 2008)

There is always 2 sides to everything. Some are naive enough to believe in "freedom of speech" and some know the truth. 

Don't use personal info in public forums, etc. Don't GIVE the LEO a reason to investigate further. Remember, if you're in the states, it's not your LOCAL leo to worry about, it's federal peeps. They HAVE done online stings before. 

OG went down for something similar, and they were located in Canada. Tommy Chong was busted for a similar situation and that was for selling paraphenalia. 

So don't be fooled, everything's recorded and whether or not it's safe is up to YOU.


----------



## Nova (Mar 31, 2008)

md.apothecary said:
			
		

> There is always 2 sides to everything. Some are naive enough to believe in "freedom of speech" and some know the truth.
> 
> Don't use personal info in public forums, etc. Don't GIVE the LEO a reason to investigate further. Remember, if you're in the states, it's not your LOCAL leo to worry about, it's federal peeps. They HAVE done online stings before.
> 
> ...



Like i said, your IP is like your cyber fingerprint, it goes where you go.

You can always surf the web through encrypted means, but this requires both you and the server to have an active and secure SSL setup. Most new computers support SSL browsing, so its determined by the person who runs the server!

Nova


----------



## MiracleDro (Mar 31, 2008)

Heres the thing. Even if "they" could go on here and get everyones info. Who do you think they are going after first. I would say this is the order.
Big Grows in states with no decriminalization laws
Small Grows in states with no decriminalization laws
Big Grows in "legal" states
Small Grows in "legal" states 
I mean if you are growing for personal and not selling and not on here saying you have 250 plants I think you'd be alright.
Do you know what it costs to bust someone with 5 plants. A lot more then what those 5 plants would be worth on the street. 

That's just my .02 and my opinion.
Are there any cases of it happening to someone on this site?


----------



## mattmandude (Apr 1, 2008)

To one of the above posters who suggested hiding your PC at a friends house, there's a much better/faster salution to the problem if you think you're going to get nailed for something on your PC.

Just grab a magnet off your fridge, and rub it up and down your hard-drive a few times :hubba:

-Cheers


----------



## Hick (Apr 2, 2008)

md.apothecary said:
			
		

> There is always 2 sides to everything. Some are naive enough to believe in "freedom of speech" and some know the truth.
> 
> Don't use personal info in public forums, etc. Don't GIVE the LEO a reason to investigate further. Remember, if you're in the states, it's not your LOCAL leo to worry about, it's federal peeps. They HAVE done online stings before.
> 
> ...



  There was  LOT more involved in overgrows demise. Gold bars, cocaine, motorcycles, high end sports cars, large quantiy of cash and seeds. Members going directly to leo websites and tauting them. Ignorance in it's highest form.. "IMHO"..
  Even though, servers were confiscted, servers containing every members ip, email, and registration information, I don't recall a single incident/bust, that was ever tied to the OG bust. ...but it sure did make a lotta' folks run for cover.

  Ultimately, "your safety" is your responsbility. We try to provide the safest, most secure environment as is plausible. But, quite honestly, there is little you or I can do to prevent LEO from determining your precise location, "IF" the truely desire.
   The best advice that I can give, is 'don't give them a reason, the _desire_'... don't post or brag about big operations, sales, ect. .. keep it small, 'personal use'.. 'medical'... use an ip masker or proxy, if it makes you more comfortable(though IMO, some proxy sites could be inherantly more dangerous than you ip being logged here). 
  Routers and firewalls are also 'beneficial', but as stated, aren't foolproof. 
  Use "smart" surfing tactics. As was illustrated above, a simple google of your user name, can reveal incriminating and personal information posted on other sites. I've even seen folks post their "Myspace" page on here, which gave a name, address, age, pictures,ect. 
  Read the security links listed/posted above, and make your own descision.


----------

