As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

Can an IP address be faked?

WalterWalter Registered User regular
edited April 2007 in Help / Advice Forum
Apparently someone logged into a kids student account at the university and dropped all of his classes. The university is blaming my buddy, saying that it occured from his IP address. He has a receipt from a gas station far from his home that proves it couldn't have been him but the administration is saying that doesn't matter. As a result he is suspended and the administration is saying his appeal is unlikely to succeed.

I don't know if he is withholding information or not, since its pretty weird that the university could get his IP address. My only thought is that they record the IP address whenever students log into the university and his matched. Any thoughts as to whether or not this could have been faked by someone out to get two people?

He has posted this up on a pre-med forum if you care to look but all the advice he has recieved so far is "get a lawyer" I am hoping for more technical info on how the university could be wrong in this matter. DO NOT MENTION EXACTLY HOW TO DO IT, that is probably a no no.
http://forums.studentdoctor.net/showthread.php?t=394582

Walter on

Posts

  • DrFrylockDrFrylock Registered User regular
    edited April 2007
    Real IP spoofing is fairly difficult. It's not extremely hard to change the source address on an IP packet so it looks like it comes from somewhere else, especially if that somewhere else is on the same subnet. However, since all response packets will go to the spoofed address, you will only really be able to send packets one-way.

    I think it's more likely, if the request did indeed come from his computer, that his computer was hacked (through a trojan, perhaps, or an unpatched security hole, or he's running an out-of-date proxy server like Wingate or something that has a vulnerability). Or, if he's using a wireless router, that could be the issue as well.

    DrFrylock on
  • ProtoProto Registered User regular
    edited April 2007
    If it's his IP they have, chances are good that someone was using his computer to do it. And yeah, they probably record the IP of the person logging into the account, it's pretty standard.

    Where is he located? In a house with a shared connection? The IP would appear to be the same for every computer on the network.

    If his IP is dynamic, there is the possibility that his IP was reused by someone else after he used it.

    Does he know the other guy at all? If not, it should be a simple matter of pointing that out to the administration...

    Proto on
    and her knees up on the glove compartment
    took out her barrettes and her hair spilled out like rootbeer
  • WalterWalter Registered User regular
    edited April 2007
    He is in a house with a secured wireless network, but he has friends over all the time who use his comp. Sounds like hes pretty screwed because no one is going to confess. He knows the other guy.

    Walter on
  • Vindicta_Vindicta_ Registered User regular
    edited April 2007
    How's your buddy getting his internet? Is it from the school?

    I know with my school we had to give the IT department our MAC addresses for our computers so that they statically set the leases for each computer that they were giving the addresses out to. I'd like to know how they specifically knew it was him if they weren't the ones providing him the internet.

    Also as Frylock said if he was using an unsecured wireless router, that'd be pretty easy for someone to use, as the IP address is leased to the router and not the computer, and the router hands out non-routable addresses to the clients on it's network.

    Vindicta_ on
  • WalterWalter Registered User regular
    edited April 2007
    Internet is from a third party. Like I said, they probably got his IP from when he logs on to check his grades/email and stuff with his student ID. What Ithink happened is that someone did it using his computer. I guess he has a number of friends who come over and use it all the time. Since the administration doesn't care that he can prove he wasn't there at the time, sounds like he's screwed unless one of his buddies fesses up. (They actually told him he could have called his house and had someone drop the classes, WTF???)

    Walter on
  • ProtoProto Registered User regular
    edited April 2007
    So the other guy is in his circle of friends? Or is he not a friend?

    If he is, why can't he get him to vouch for him to the administation ...something like: "he wouldn't have done this to me, it must have been someone else using his computer"


    Here is what happened though, I'm almost positive:
    One of the people in his house learned this other guys password and then used your friend's computer to drop the courses. No IP spoofing or hacking at all.


    If he can get a friend who is not in university to confess (real or not), that would probably get him off the hook.

    Proto on
    and her knees up on the glove compartment
    took out her barrettes and her hair spilled out like rootbeer
  • Vindicta_Vindicta_ Registered User regular
    edited April 2007
    This is probably a long shot, but is the IP address his own, and not some public one? I'm talking like if he logged on at a public library, or something and they assumed that it was his.

    It really just doesn't seem realistic to me that a school could pin something on someone because that person had logged onto their site with that address before.

    Vindicta_ on
  • WalterWalter Registered User regular
    edited April 2007
    Proto wrote: »
    So the other guy is in his circle of friends? Or is he not a friend?

    If he is, why can't he get him to vouch for him to the administation ...something like: "he wouldn't have done this to me, it must have been someone else using his computer"


    Here is what happened though, I'm almost positive:
    One of the people in his house learned this other guys password and then used your friend's computer to drop the courses. No IP spoofing or hacking at all.


    If he can get a friend who is not in university to confess (real or not), that would probably get him off the hook.

    Yea, thats exactly what I think happened. It is his home IP address I am assuming. Although I will get him to ask the university to make sure it isn't some library address they have matched him with. Thanks guys, doesn't seem likely that he was spoofed.

    Walter on
  • rockmonkeyrockmonkey Little RockRegistered User regular
    edited April 2007
    why would he be dumb enough to do it from his own computer? Doesn't make logical sense and he has a receipt that places him elsewhere. "Calling and telling someone else to do it" is some pretty far fetched bullshit. I don't really see how this is at all fair.

    Shit if the receipt isn't good enough he might be on camera at the gas station or any number of other places that puts him elsewhere and not enough time to make it home and do the deed.

    rockmonkey on
    NEWrockzomb80.jpg
  • ProtoProto Registered User regular
    edited April 2007
    I think something is being left out here.

    Would this guy have some reason to believe your friend would do this to him?

    Proto on
    and her knees up on the glove compartment
    took out her barrettes and her hair spilled out like rootbeer
  • ThanatosThanatos Registered User regular
    edited April 2007
    The university is fucking your friend over because they can.

    What he needs to do is stop talking to them, and start talking to a lawyer. He may even want to try the ACLU. A letter from them can get a lot of things done, though they may say it's not a civil rights issue.

    Thanatos on
  • PheezerPheezer Registered User, ClubPA regular
    edited April 2007
    It'd be pretty hard to construe this as a civil rights thing. But yes, tell him to lawyer up, but continue pursuing the official channels until he's completely stonewalled or a lawyer tells him to stop. Judges do not typically care for people who choose to litigate prior to pursuing every other option available.

    Pheezer on
    IT'S GOT ME REACHING IN MY POCKET IT'S GOT ME FORKING OVER CASH
    CUZ THERE'S SOMETHING IN THE MIDDLE AND IT'S GIVING ME A RASH
  • kingmetalkingmetal Registered User regular
    edited April 2007
    your friend needs a lawyer, not an internet forum.

    kingmetal on
  • Marty81Marty81 Registered User regular
    edited April 2007
    Is it possible your friend is dynamically assigned an IP by his provider, and the one that was used (by someone else) on that day was randomly also assigned to him at one point in time, making the college think it was him?

    Marty81 on
  • FeralFeral MEMETICHARIZARD interior crocodile alligator ⇔ ǝɹʇɐǝɥʇ ǝᴉʌoɯ ʇǝloɹʌǝɥɔ ɐ ǝʌᴉɹp ᴉRegistered User regular
    edited April 2007
    Vindicta_ wrote: »
    I know with my school we had to give the IT department our MAC addresses for our computers so that they statically set the leases for each computer that they were giving the addresses out to.

    Yes.
    MAC addresses are very easy to spoof. If the university at all ties IP addresses to MAC addresses (either by reservations as Vindicta describes, or by overly long DHCP lease durations) it's entirely possible that his IP address was assigned temporarily to a different PC in a different physical location entirely.
    Oh, and get a lawyer.

    Feral on
    every person who doesn't like an acquired taste always seems to think everyone who likes it is faking it. it should be an official fallacy.

    the "no true scotch man" fallacy.
  • lordswinglordswing Registered User regular
    edited April 2007
    The university can't just add the classes back again? It seems pretty ridiculous the university wouldn't just add them back again if your friend mentions the word "lawyer"

    lordswing on
    D2:LoD East -> *FlipPaulHewitt
  • Descendant XDescendant X Skyrim is my god now. Outpost 31Registered User regular
    edited April 2007
    I've been reading the thread on the other forum and the OP over there has said that his friends did it from his computer as a prank. No ip spoofing there. Sounds like he has a bunch of douchebags for friends. To top it off, they've also been telling him to take the rap for this as they'd apparently rather see him get fucked by the administration rather than man up and admit to the "prank" themselves.

    Seriously, what kind of numbnuts drops someone from their university classes as a "prank?" Are these people fucking insane?

    Descendant X on
    Garry: I know you gentlemen have been through a lot, but when you find the time I'd rather not spend the rest of the winter TIED TO THIS FUCKING COUCH!
  • MuddBuddMuddBudd Registered User regular
    edited April 2007
    Isn't there some sort of password you have to enter to do this kind of shit?

    If this is a prank, it's a prank gone very wrong. He needs to sit his friends down and explain that if one of them fesses up, he won't file charges or anything. But if nobody admits to what they did, he's bringing in lawyers.

    MuddBudd on
    There's no plan, there's no race to be run
    The harder the rain, honey, the sweeter the sun.
  • DaedalusDaedalus Registered User regular
    edited April 2007
    Thanatos wrote: »
    What he needs to do is stop talking to them, and start talking to a lawyer.

    Daedalus on
  • SzechuanosaurusSzechuanosaurus Registered User, ClubPA regular
    edited April 2007
    Considering hacking is a felony, you're friend really needs to call the police and talk to a lawyer. Firstly because the university are accusing him of breaking the law and secondly because he is accusing his friend of breaking the law twice - once to use his computer without his computer and secondly to hack into another friend's university account while he was at it.

    If the guy that did this refuses to confess, fuck him sideways with the law.

    Szechuanosaurus on
  • ProtoProto Registered User regular
    edited April 2007
    I've been reading the thread on the other forum and the OP over there has said that his friends did it from his computer as a prank. No ip spoofing there. Sounds like he has a bunch of douchebags for friends. To top it off, they've also been telling him to take the rap for this as they'd apparently rather see him get fucked by the administration rather than man up and admit to the "prank" themselves.

    Seriously, what kind of numbnuts drops someone from their university classes as a "prank?" Are these people fucking insane?

    I'm also wiling to bet that the guy they did this to isn't a friend of theirs, otherwise it probably wouldn't be as serious as it is.

    Proto on
    and her knees up on the glove compartment
    took out her barrettes and her hair spilled out like rootbeer
  • EggyToastEggyToast Jersey CityRegistered User regular
    edited April 2007
    So what happened is that this computer of your friends was used to drop another kid from a class. So either your buddy's "friends" were at the guy's house and did it, or your friend did it and then went and bought gas somewhere.

    I get the impression that there's something the buddy isn't mentioning, in an attempt to make people believe he's in the right (and therefore get advice in order to further prove that he's right, regardless of the truth). The university is essentially saying "you're either a complete asshole, or you're an idiot who leaves his computer wide open for your asshole 'friends.' Either way, why shouldn't we punish you for it?"

    If his friends don't confess to it, and he honestly didn't do it, he needs to get new friends. They're obviously not bailing him out and taking the rap for it. If he did do it, he might as well confess as to what he actually did do. But if everything was on the up & up, he would've talked to a lawyer already and realized that getting suspended and expelled is far worse than paying a few hundred bucks for the problem to be fixed.

    EggyToast on
    || Flickr — || PSN: EggyToast
Sign In or Register to comment.