PDA

View Full Version : Riaa Tracking Your Ip?



balamm
06-30-2003, 07:17 PM
This is a bit advanced for most users but it is possible to "fake" your IP or at least spoof it by changing the MAC address that is built into your ethernet adapter.


Make sure you read it all before trying this and you should have some knowledge of using the command program in NT/XP so you can reset your IP config if anything goes wrong. It's not hard to learn, just take your time and be sure to understand the concepts. I've done this hourly, daily, it doesn't matter how often you change. If anything goes wrong, usually disabling your network adapter, reboot, enable adapter, then another reboot = DHCP should correct things.
Backup your DNS settings, registry, and copy IPCONFIG before you start anyway!


http://www.klcconsulting.net/Change_MAC_w2k.htm
(look at the bottom of the page for other systems)


Before we start: KLC Consulting Security Team has developed a Windows MAC Address Modifying tool, SMAC. SMAC is developed based on this research article, and it has many functionalities. SMAC allows Windows 2000, XP, and 2003 Server users to change MAC address regardless of whether manufacturers allow this option or not. URL of SMAC is http://www.klcconsulting.net/smac.
downloads are just below this >
" SMAC must be used for LEGAL and ETHICAL purposes ONLY. "

lynx
07-01-2003, 12:56 AM
Sorry, but the internet doesn't use your mac address.

Your mac (media access controller) address is only used on your local network.

Your local network uses your mac address to map the ip address to your machine, but outside that network only the ip address is used.

So changing your mac address only affects your local network, and your isp will log the new mapping of mac address to ip address. The rest of the net sees your ip address so you can still be traced just as before.

Edit: ps if you want to be anonymous, use an anonymous proxy server.

balamm
07-01-2003, 01:47 AM
In My case, dynamic IP, cable, the ISP IS the "lan". Change the MAC of the hardware between my computer and the DHCP server and a new IP will be assigned to that MAC, and the old one will be released. It's what you might call a semi-static IP system, three day lease. Rarely, if ever, is your IP changed.
Unless you have a way to replace the harware the IP is assigned to, or change the MAC.

IS RIAA watching your ISP's logs?
No, they see the IP attached to the shared file or in a wide scan. Would it make sense to see that many different IP's from the same user? I'm pretty sure that IP number is assigned to the file before it leaves your system. How much cross checking would this require? I'm assuming they must provide reasonable proof of repeat abuse before they proceed to harrass your ISP.
Incidently, it was my ISP's suggestion that I use alternate adapters to vary my IP rather than pay a fixed fee for multiple IP's assigned to the one adapter. I've done that and I also use this method. Both work.
I doubt massive abuse would go un-noticed indefinately but it does make life harder for those who monitor such things.

http://www.dslreports.com/forum/remark,508...=ukbb~mode=flat (http://www.dslreports.com/forum/remark,5081850~root=ukbb~mode=flat)

MAC Address:
===========================================
Short for Media Access Control address, a hardware address that uniquely identifies each node of a network. In IEEE 802 networks, the Data Link Control (DLC) layer of the OSI Reference Model is divided into two sublayers: the Logical Link Control (LLC) layer and the Media Access Control (MAC) layer. The MAC layer interfaces directly with the network media. Consequently, each different type of network media requires a different MAC layer.
On networks that do not conform to the IEEE 802 standards but do conform to the OSI Reference Model, the node address is called the Data Link Control (DLC) address.
===========================================
The unique serial number burned into Ethernet and Token Ring adapters that identifies that network card from all others. See OUI and MAC layer.
===========================================
Media Access Control address.The physical address of a device connected to a network, expressed as a 48-bit hexadecimal number.
===========================================
Media Access Control address (also hardware or physical address). Every device on the Local Area Network has an unique MAC address. It is used to identify devices and to control access to the network using MAC protocol.
===========================================

lynx
07-01-2003, 02:12 AM
I agree entirely.

But what I meant was that if they decide to go after you, it will be on the amount of (copyrighted) files you are sharing, at which point they will go for your isp's logs and then they've got you.

But I think they will soon realise that their current tactics are futile.

Night Ass
07-01-2003, 02:49 AM
Thanks I have wonted to chang my ip all the time cos i get bannd from online games 4 being a dick but now i can cum back lol Mohahah MOhahah THanks

Night Ass
07-01-2003, 02:59 AM
I have a Problum wen i try to host online gamed and ftp stuff and it is cos of my router is there a way i can fix it so i can host online games and ftp and still have a router?

balamm
07-01-2003, 03:00 AM
lol, Did I forget to mention it doesn't change the downstream proxies? subnets and all that may be enough to keep you banned. (don't forget your IE history 2)


if they decide to go after you, it will be on the amount of (copyrighted) files you are sharing, at which point they will go for your isp's logs and then they've got you.

Which is another good reason not to let them put 255.255.255.0 and 255.255.255.0 together to = YOU (just examples)

I realize they have ways but, it beats "beating" each other about what to share- what not to share- when to share- when not.....

balamm
07-01-2003, 03:03 AM
Originally posted by Night Ass@1 July 2003 - 03:59
I have a Problum wen i try to host online gamed and ftp stuff and it is cos of my router is there a way i can fix it so i can host online games and ftp and still have a router?
Yes, post it in the hardware forum and one of the router experts should be able to help you.

infamousalbo101
07-01-2003, 03:03 AM
so wha are the advantages to this Prog

balamm
07-01-2003, 03:33 AM
A Massive, semi useless RIAA data base if enough people use it often enough.
At the least, a major inconvenience for them. Can you imagine an ISP having to message over half of their IP range/customer accounts each day?

ISP- "You want us to do WHAT? For how much money?"

FTFakes
07-01-2003, 08:24 AM
I don't think this will help.

Here in germany for example most people have ADSL and get a new IP at least every 24 hours. The ISP has to log which IP was given to which user at any time. So all that RIAA has to do is log the time when the IP was used and they will get you!!! I'm sure that's absolutly no problem for them.

balamm
07-01-2003, 09:44 AM
Originally posted by FTFakes@1 July 2003 - 09:24
The ISP has to log which IP was given to which user at any time. So all that RIAA has to do is log the time when the IP was used
To "which user" or to "which piece of hardware"? I believe your ADSL still uses adapters with MAC addresses.
If you changed each hour, that's 23 more IP's that need to be recorded by them, processed, and passed on to your ISP to be researched.
23 times more work!
Sure it's a job for you too, but the object is to create a bit of havoc.
An ISP that's presented with a nice single IP letter to pass on may do so without much thought.
An ISP that's handed hundreds or thousands of IP's is going to be shelving some of those for at least a little while. It's also summer vacation time for a lot of employees don't forget.
It may not amount to much but the learning curve is always worth it anyway.

FTFakes
07-01-2003, 11:22 AM
Originally posted by balamm@1 July 2003 - 11:44
To "which user" or to "which piece of hardware"? I believe your ADSL still uses adapters with MAC addresses.
I have a username and a password to log in to my ISP. I can use this login with every hardware. Even on my friend's computer if he has ADSL. The ISP is authenticating me by this login, not by my MAC address, because the MAC address can change.

And why should RIAA ask for all 24 IP adresses? They have enough data to get your ass if they have caught you once with one IP :ph34r:

It's sad but true...the only way to fool them is to use an anonymous proxy services. And even that is no guarantee. Who knows if they don't log IP's? :(

balamm
07-01-2003, 12:02 PM
That ISP sounds suspiciously similar to A0L ?

The point is, how would they know they had one person and not 24? Unless you left your personalised name or some other signature in the file data.
In the end, that would be up to an ISP to decide, regardless if riaa believes they have you or not.
riaa can only make assumptions based on file similarities and info you give them. Unless of course they actually are getting in to your folders somehow or working from the ISP database and that just wouldn't be acceptable if challenged properly.

Another thought, if challenged to produce the file, could they? Do they have the storage capacity and organisation for all the data to back up their claims or is this all just bits and bytes of files that never are actually shared, "attempted" copyright infringement or "attempted filesharing" you might say.
If I'm accused, I want to fully view the evidence. Not a copy, not a sample, the whole reported share.

"Oh that one , I cancelled that sucker tryin to upload copyrighted material", no share, case closed.

Yes I'm off topic so I'll quit now.

FTFakes
07-01-2003, 01:21 PM
I have a ADSL connection from the biggest german ISP which is NOT AOL.

Do you really think it makes a difference if there are 1 or 24 IP's that has to be checked by the ISP if he is forced to hand out your data by a court? And how much time will it take to check 24 IP's? 3-5 minutes? Maybe even less if they have a good database program.

Don't get me wrong. Your tip might really make it a little bit harder for them (at least if you are use the privacy option of KL too), but I'm pretty sure that they can handle this. If they want your ass they will get it!

ilw
07-01-2003, 01:34 PM
I like the tip & I'm gonna use it for something completely riaa unrelated, but I agree that since quite a lot of people sign in to their isp, that it isn't going to help your anonymity much. It might give u a little bit of plausible deniability in the event of a court case, but...

Switeck
07-01-2003, 07:06 PM
If you're on a router, you could turn off port-forwarding of 1214 (at least of UDP packets) and change your internal LAN to something like 172.x.x.x so you appear to be an AOL user... :P

(There's also a non-routeable ip range in the 172.x.x.x block which is specially designed to do this...)

Daecilius
07-05-2003, 04:28 AM
:lol: The RIAA isn't going to do anything. They are just trying to scare you. THEY'RE GONNAH EAT YAH!!!!! :lol:

Garvin8r
07-05-2003, 05:07 AM
Originally posted by Daecilius@5 July 2003 - 04:28
:lol: The RIAA isn't going to do anything. They are just trying to scare you. THEY'RE GONNAH EAT YAH!!!!! :lol:
This sounds about right :)

sonicbum
07-05-2003, 10:59 PM
i dont know alot about ip adresses or MACs but, i have broadband and i can change my actual ip adress by going to 'run' and typing 'command'. then i type ipconfig/release. i disconnect my modems power source for about 45min andturn off my computer. turn my computer back on, plug the modem back in and go back to command promt and type 'ipconfig/renew'. i always get a brand new ip address, you can make sure you got a new one by typing 'ipconfig/all' and it displays alot of helpful ip info. im using windows XP if that makes a difference. see if this werks for you. by doing this on a regular basis this would prevent your ip address from appearing multiple times if the RIAA is recording (but i doubt they are) a list of ip addresses over a long period of time. this also stops repeated hacker attacks against your computer, since they are using your ip address to get to you. try it out, it works like a charm.