Sign in to follow this  
Followers 0
PFI

stolen itouch, ps3, and laptop :(

13 posts in this topic

hey guys i haven't been back in a while but i need some advice.

i'm dorming at asu and the layout for our dorm is 2 rooms with 2 people in each, parallel to each other and connected by a bathroom. just about 30 minutes ago someone came into our room and stole my suitemate's ps3 and itouch, and my roommate's laptop. everything we have that connects to the internet goes through the wireless university network and everything plugged in goes through their dhcp server. they catch people who torrent so they watch their bandwidth carefully. so do you guys think they would have detailed logs of computer names and ips? or is there anything i can do myself to sniff out any of those devices if they're hooked up through the same network again?

0

Share this post


Link to post
Share on other sites

Not the most technical answer but ever considered going and asking them?

At my college we have to register our MAC address to our dorm, so I'd go and ask them and say something along the lines of:

'Hi there, my room got broken into and alot of our technical wizardy got thieved, do you log physical addresses in any way and what are the chances of you telling me, or campus security, or the police, where the fuck our items are located?'

You may wish to fiddle around with the wording to get the most out of the situation.

0

Share this post


Link to post
Share on other sites

Unplugging devices does not generate network traffic.

0

Share this post


Link to post
Share on other sites
Unplugging devices does not generate network traffic.

I think it's a safe assumption that these devices will be plugged in by whoever stole them, or whoever they were sold to. Being a college campus, they probably didn't go far. Call the police, get the theft on record. Even if they don't do anything about it, get the theft on record. Then call the campus IT people, and explain to them the situation. It's possible they will help.

If you know the MAC address of the laptop and PS3 and the networks aren't encrypted, you can sniff for it yourself. That might help. But if you do find it, don't just barge in and steal it back. Call the police, tell them you know exactly who has it and you've done all their work for them.

0

Share this post


Link to post
Share on other sites

We have a similar MAC addy registration system at UConn. If a laptop gets stolen and someone tries to use it, it will immediately be traced to the network jack or whoever's ID was used to log onto the wireless. Definitely talk to the IT department ASAP.

0

Share this post


Link to post
Share on other sites
Unplugging devices does not generate network traffic.

Ohm thanks for responding to this guy for me. lattera that's like me telling you it's hard to crap standing up.

Unplugging devices does not generate network traffic.

I think it's a safe assumption that these devices will be plugged in by whoever stole them, or whoever they were sold to. Being a college campus, they probably didn't go far. Call the police, get the theft on record. Even if they don't do anything about it, get the theft on record. Then call the campus IT people, and explain to them the situation. It's possible they will help.

If you know the MAC address of the laptop and PS3 and the networks aren't encrypted, you can sniff for it yourself. That might help. But if you do find it, don't just barge in and steal it back. Call the police, tell them you know exactly who has it and you've done all their work for them.

Ohm i remember seeing you when you just joined. nice to see you being a mod. anyway we don't register our mac addresses or anything. and i don't know the mac for any of them because they weren't mine. There's only two IT guys for our campus and this campus is huge, asu is the biggest in the US. i was thinking about looking at the logs they have and deducing which connections were ours. i hear they catch retard fish frog kids torrenting just by watching the bandwidth so i went ahead and emailed them, i couldn't find a number directly to them.

what would you guys recommend for sniffing? i got cain but any others?

0

Share this post


Link to post
Share on other sites

How can they only have two IT guys? My school is big, but not nearly as big as yours and we have an entire team with subdivisions for different areas of IT work. I think your problem is just finding the right people to talk to. Maybe the police can help?

0

Share this post


Link to post
Share on other sites

So it's not possible that the thief is using it on a different network or the thief sold it to someone else outside of campus?

0

Share this post


Link to post
Share on other sites
So it's not possible that the thief is using it on a different network or the thief sold it to someone else outside of campus?

seeing that they stole only his hostmates laptop and his ps3 they were probably looking for something specific so either they had a deal set up before or they went browsing for them selfes. and if your going to steal a ps3 and a cpu why not steal pfi's stuff? probably because they wanted a ps3 and some specifitc laptop and would be "dumbasses" and use it at school.

0

Share this post


Link to post
Share on other sites

I completely agree that getting a crime case number from the police and informing your IT admin about the theft is the right way to go. Make sure that you do everything by the book. Then, and only then, once all is settled, go golf club the knees of the thieves. Nothing reminds a thief of his wrong doing as crutches for life.

I know hacking here is not about theft, damage or violence, but it says nothing about revenge.

Good luck getting your stuff back buddy.

Edited by sshblack
0

Share this post


Link to post
Share on other sites

This is kind of a long shot, but if the laptop had a preferred wireless network with a unique ssid configured you could sniff for probe requests with that ssid.

0

Share this post


Link to post
Share on other sites

offer up some beer, or games to the IT people. they will find them if you say you will buy them a case of beer. lol

but yes they should be able to find them if they reconnect to the college network.

0

Share this post


Link to post
Share on other sites
I completely agree that getting a crime case number from the police and informing your IT admin about the theft is the right way to go.

Aye, here at our University that's the standard policy procedure. First we direct the user to contact the real police rather than the University's and they will have an incident/crime type number for you. At this point the first level tier at our University recordes this information in a ticket system, passes it up to the Policy and Security Office and they take a look at it. If you have a specific IT Admin, consult with him about the issue first for there's a good chance he can relay information and/or pass it to a higher source quicker than you could.

As far as I am aware many Buisness's and University's are REQUIRED to record all network traffic within ~6 Months+, most likley vary's location to location however. Am I wrong?

If they ever plugged into campus after the point of it being reported or stolen they should be able to track it down to the specific VLAN and if not the exact wall jack or WAP. Otherwise you're probley screwed and should be more careful about security with such expensive devices... unless you're one of those people with rich parents than be nice and donate those items and go buy new ones :)

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0