IP Address Tracing is Not As Easy as Dan Brown Makes Out

By Ian Sutherland | Hacking

May 27

Today, I’ve been reading Dan Brown’s latest thriller, Inferno. In the early part of the book the bad guys, trying to track down the hero whom they know is hiding somewhere in Florence, spot that he has just remotely accessed his email account based in the USA. They obtain the IP address of the computer used by the hero and somehow they magically work out the physical location where the computer is in Florence within seconds. No technical information is provided by Mr Brown as to how this is done. He makes the process of tracing real world locations from IP addresses appear very commonplace and incredibly easy.

IP address tracing

Dan Brown’s Inferno

I recently wrote a similar scene in my own novel, Invasion of Privacy, which has a computer hacker as one of the main protagonists. I’ve deliberately attempted to portray computer hacking as authentically as possible, ensuring that the events in the novel stay within the bounds of realism, while hopefully maintaining the dramatic impact that every author aims for.

And, of course, in the real world tracing physical locations from IP addresses is not easy, or in many cases possible at all.

When you use a computer, it accesses the Internet via a router. In your home, this may be your wireless broadband router. To communicate on the internet, you need a unique address. This is the IP address, and it is allocated to your router by the Internet Service Provider you use, from a pool controlled by the ISP. In many cases, the IP address assigned to your router changes dynamically form time to time. Businesses on the other hand tend to have a static IP addresses so that they can easily maintain servers and remote connections. Every bit of connected kit behind the router, home or business, will have a private IP address, but it’s the public one that the router uses when making that internet connection that leaves an online footprint.

So, when someone has the public IP address of your router, at best they can determine the name of the ISP and the general location, e.g. London. I repeat, at best. Even with an unmasked IP address (we’ll explore that later), depending on your ISP or the Starbucks coffee shop or your company’s network, this could be completely wrong. One of the geo-lcation services companies on the internet that offers free IP address tracing capabilities states their own limitations, “For IP addresses in the United States, it is 90% accurate on the state level, and 81% accurate within a 25 mile radius. World-wide users indicate 55% accurate within 25km.”

ISP’s are legally obliged to log which customer has been given which IP address. So there is definitely a trail all the way back to the public address on the router. So, assuming you can determine the correct ISP for the public IP address you are trying to trace, you’re only port of call is to contact the ISP and ask for the information. However, there is no way the ISP will provide this information unless it is a request by a law enforcement agency under a court order.

Dan Brown’s bad guys would need to have had real-time access to every Italian ISP customer database in order to pull of the feat they did. Not very likely!

To be fair to Mr Brown, he did at least have one of his villainous characters exclaim in surprise that an unmasked IP address had been used by their target to access his remote email. Which leads me to the point that if someone doesn’t want to be traced via their IP address (even by the police with a court order and a subservient ISP) it is very easy to mask yourself.

Proxy servers are designed to re-route traffic and obscure the source as well as the destination. And many proxy servers are anonymous, not logged and are located in parts of the world where the local law enforcement agencies have little control, such as some of the Eastern block countries.

“Connections through a series of anonymous proxies are transient and change rapidly,” said Rolf von Roessing, international vice president of the Information Systems Audit and Control Association (ISACA). “They are not logged, and any user can operate a TOR server or relay and take it off the network at any time.”

For the plot to maintain pace, Dan Brown needed his villain to rapidly identify the physical location of the hero so that he could set up the next suspenseful conflict scene between them. He simply prioritised the needs of drama over reality to achieve this. Unfortunately for Mr Brown, this has the side effect of forcing his thriller to cross the line into the realms of science fiction.

And as for my own novel? Well, you’ll have to wait for it to be published in 2014 to find out how my protagonist overcomes this tricky obstacle. But let me assure you, he does and does so in a realistic way!

What about you? Do you find it frustrating when you spot the author trying to cheat the reader? Or should the reader suspend belief simply because it’s fiction?

Have you ever had success trying to trace an IP address? Yours or someone else’s!

Comment below.

Tweetables

Tracing IP addresses is a lot harder than Dan Brown makes out in his new novel, Inferno. Click to tweet.

Unlike in fiction and the movies, tracing physical locations from IP addresses is not easy. Click to tweet.

Learn what it takes to be able to trace a physical location from a computer’s IP address. Click to tweet.

Follow

About the Author

Ian Sutherland is a British crime thriller author. Leveraging his career in the IT industry, Ian’s thrillers shine light on the threats we face from cybercrime as it becomes all too prevalent in our day-to-day lives. Ian lives near London with his wife and two daughters.

(1) comment

Add Your Reply

Get SOCIAL ENGINEER for FREE! | Sign up to download.

x