You'll only get as far back as the originating ISP and thats assuming
its not gone through an anonymouse remailer.
eh? Certainly Prevx does better than that in the things it traces, as it
often gets postal address - so why shouldn't there be software of more
'unorthodox' origin that gets all the info on IP address? and what about
guys in this and in more specialist groups - I mean, do they have a
directory as to what the numbers in IP addresses precisely signify?
[/QUOTE]
Well, I've never heard of "Prevx", so I'll have to google it
later. In the meantime, the only postal address that you can
hope to get when tracing an ip address is that of the person (or
more likely, organization / business) that is assigned the ip
address block that it's a part of. to get more than that you
would need to contact the isp and have them go through their
logs and find out which of their customers were connected to
that particular dynamic ip address when the post in question was
done. This would probably take a court order or two.
Now if, Like this post for example, the poster is using an
anonymous remailer and a mail2news gateway you should save time
and give up now. their message arrives at the first remailer
and all their identifying info is stripped out, and then the
body is sent on.. this ususally involves a chain of 5 to 8
remailers. each one only knows about the one before it and the
one after. they do not keep logs, and messages are 're-ordered'
so that 'first in, first out' does not apply and there is also a
random delay at each step. the result is then (in the case of
this msg) sent to a mail2news gateway. the gateway verifies
that i have included a valid hashcash token and then passes the
msg on to usenet.
also, because the first hop (from my computer to remailer #1) is
sent via Tor, somebody packet sniffing my traffic wouldn't even
know that i was sending email, never mind to whom or the
content. All they can find out is that encrypted data was
exchanged with a tor server. because this is using ephemeral
keys, the session keys are destroyed after use, so session can
never be decrypted if snooped.