On Wed, Dec 02, 2015 at 06:02:36PM +0000, Ted Lemon wrote:
Without the IP address, I would have had no chance
of figuring out _which_ John Levine to target with my notional swatting
or pizza delivery.
Have you not heard of these things called "search engines"?
I found John's address in seconds (via DuckDuckGo, incidentally).
Those of us who have frequent occasion to track down online miscreants
have a wide variety of methods available to us to find them. Sometimes an
IP address is one of the clues we use, but most often it's not, because
it's obvious on inspection that it belongs to a hijacked system (or it's
a complete forgery) and thus it means nothing. I suggest reading some
of the impressive investigational work done by Ronald F. Guilmette for
detailed examples -- not only has he done the work, but he's written it
up in lucid fashion.
So the assertion here that the IP address is the key clue, or even
an important clue, is wrong.
---rsk
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp