All my systems have some form of dial home, remote ware so I can track and gain access to them once more. However, if the criminal in this case was smart; he would have reinstalled the operating system of that notebook before using it for anything personal. Also one should also check for other (hint hint) tracking methods on hardware such as pc’s and notebooks. Software installed to the system isn’t the only way to gain remote access to a stolen machine.

Posted at 12:17 pm on Oct 1st, 2008 by jermsmit

Thank God for stupid criminals. I would had disconnected the internet but added it to the local LAN. Activate the remote sharing of the entire “C:” or other drives and copied away. Once done, return it to the company as found for possible reward or recognition. @jermsmit suggestion is even simpler but how many thieves have a pirate copy of Windows laying around.

Posted at 12:43 pm on Oct 1st, 2008 by Kaos

What remote software would you use to do this? I have VNC on my computer, but it requires knowing the IP address of the computer in order to log in.

Posted at 12:59 pm on Oct 1st, 2008 by mt_maui

maybe the attacker clicked on terminal service or vnc to connect to the last known pc. When victim saw a request to allow access, went to the commandline to view all remote connections revealing the IP. This assuming the laptop was directly connected to the internet with victims saved profile. Maybe the attacker placed the laptop into his router’s demilitary zone thinking he was smart or doing something.

Posted at 1:14 pm on Oct 1st, 2008 by Kaos

A.k.a. Note to thieves, fencing without use is less risky.

Posted at 1:29 pm on Oct 1st, 2008 by cde

This story’s all over teh internets, but nowhere does it say how he got hold of the IP address of the thief… all it says is that the owner used some sort of ‘remote access’, but for that to work he’d have to have an address to access to. Prob. had some sort of curl/wget script running on the machine?

Posted at 3:08 pm on Oct 1st, 2008 by klokop

If u have some type of DDNS service such as TZO.com, you can install their client and have it start up as a service. No matter where you are at it will report on your WAN IP address every x minutes, depending on how you set it up. If you ping xx.tzo.com it will return the current IP address.

Posted at 3:09 pm on Oct 1st, 2008 by MS

In before poison ivy.

Posted at 4:48 pm on Oct 1st, 2008 by byohazrd

that’s why people like me own u and ur project.

Posted at 7:12 pm on Oct 1st, 2008 by Kaos

those high profile people you seek are smoking pot right now. They are also more worried abuout their shares than you. Under $15,000, kiss my as$

Posted at 7:24 pm on Oct 1st, 2008 by Kaos

Pffft, boot it in a Faraday cage with external mouse/KB screen. No hardware tracking.

The only real reason to steal a laptop if you are a petty criminal is to fence it or use it.

PS real information thieves can pull the HDD and clone it, and replace it. Or just pull the HDD. With today’s “laptops” (hah, the average size of a laptop screen is 150% that of the average color TV in 1985) you really don’t want to be seen smuggling it, so pull the HDD and leave the laptop.

Now what would be neat is hardware that runs on a separate processor and uploads a small log of IP addresses stripped from the network hardware.

Posted at 10:22 pm on Oct 1st, 2008 by nubie

That guy had his stolen and actually chatted with the guy who bought it, knowing it was stolen. Happened to be a 14 year old kid

>requires registration.

Posted at 11:54 pm on Oct 1st, 2008 by Cheesetoast

http://dubberz.com/forum/index.php?topic=18096.0

That guy had his stolen and actually chatted with the guy who bought it, knowing it was stolen. Happened to be a 14 year old kid

>requires registration.

Posted at 11:55 pm on Oct 1st, 2008 by Cheesetoast

Now people that install rootkits or trojans can claim they were helping people with security by making their system remotely accessible, or even sell their trojans as security programs.

Posted at 5:08 am on Oct 2nd, 2008 by Wwhat

Why no using google to pinpoint the location of machine. Iphone and itouch does this without need of gps tracking. Mechanism is related to location of found wireless networks in neigbourhood.

Posted at 7:44 am on Oct 2nd, 2008 by googlehood

Well, even with the IP address of the thief you would most likely be out of luck. This person is still likely behind a router, *without* ports forwarded, so it wouldn’t be as simple as connecting to their IP.

The easiest way to implement this is with an automatic VPN connection back home, preferably in the background. In that case, from home, you can just connect to the IP showing up in your VPN connections. Alternatively you can use Hamachi VPN for even more simplification.

If you weren’t planning on using a VPN, you would have to schedule outbound connections via SSH or VNC to a set IP or dynamic DNS service. Again, knowing the IP of the thief is very little help besides general location and/or getting info from an ISP.

tl;dr Scheduled connections out, or auto VPN to access your computer when it is stolen.

Posted at 8:41 am on Oct 2nd, 2008 by k0usi

Even though you’d only get a router’s IP in most cases and the ports would obviously not be forwarded, the router will typically not be protected in any way. Easy enough to log in with defaults, forward ports, and be on your merry way.

Assuming, of course, that the router can forward ports… though I’m not aware of many that can’t.

Posted at 9:17 am on Oct 2nd, 2008 by Strofcon

If he had Teamviewer installed and set up on the pc to start with windows. All he would need is the ID that is assigned to the laptop and the password. I have used it for over a year and the ID number has never changed. It works through firewalls, proxy, and routers with no problem. Best of all, it is free to use in a non-commercial application.

Posted at 9:18 am on Oct 2nd, 2008 by The Poolshark

I format all my stolen laptops before i use them.

Posted at 10:09 am on Oct 2nd, 2008 by Lupin

The tool used was probably something like go to my pc or something very similar.

These programs call to the home server often to identify IP address and are also firewall friendly because they all run through port 80.

Posted at 10:39 am on Oct 2nd, 2008 by m2oore

@ Strofcon – Most routers don’t allow login from the WAN for security reasons, you would be hitting the deaf end of the router.

Posted at 10:39 am on Oct 2nd, 2008 by k0usi

i use logmein.com to keep track of all my computers, it has a web based interface so you can login anywhere. The best part is that it will work through just about any firewall.

Posted at 2:34 pm on Oct 2nd, 2008 by kt

Some of you are just stupid, a NAT router does not typically disallow “outgoing” connections.

In this case, the user could have setup a daemon/service that connected back to his home system.

Also, UPnP, people dumb enough to use a SOHO router typically leave it enabled.

BTW, NOT A HACK!!
EOF

Posted at 6:16 pm on Oct 2nd, 2008 by Hax0r

logmein wont work as well for accessing your stolen laptop, it pops up a message saying that the computer is being remote controlled when you access it.

Posted at 5:17 am on Oct 4th, 2008 by paul

Hello Everyone.
The one thing I did first is to close the message saying “this computer is being access remotely.”

Posted at 4:28 pm on Oct 4th, 2008 by Jose

I used LogMeIn.

Posted at 4:31 pm on Oct 4th, 2008 by Jose

Lovely story. I did not realize that you could track a laptop that way.

Posted at 7:18 pm on Mar 19th, 2009 by Woody

Tracking laptop activity is pretty interesting but what will happen if the thief didn’t use the laptop to do anything personal?

Posted at 8:34 pm on Aug 24th, 2009 by nisa