Hey guys,

I don't know too much about IPs and tracing them but would like to know one thing because I had a discussion with my father.

If I have a website and people regularly log into it, I'll be able to see the IP they've logged in from, right?
If the person does a router reset (with a dynamic IP) and logs in again, will I be able to say it's the person who logged in before?

Example:
I assume PayPal can check the IPs which were used to log into a certain account and tell if a bank account has been hacked, right? How is this done? Can they only see that one IP usually logs in from a X radius of Y location and if that's not the case they assume it's been a hack or can they really trace it back to a certain router without the help of the police and provider?

I'm from Germany if that makes a difference.

Hope I've made everything clear..kinda sleepy


Thanks to anyone who can answer my question

If they log in to the website with the same name u can trace them, And as far is i know evry pc got a pc number or somting that they can trace with, So if u use another Pc number the account should be hacked if the router ip issent the same.

I'm just going to post a screenshot of this, because it's probably the easiest way to explain it.

http://i.imgur.com/qnUIZc3.png

As you can see, this website will track every IP that you've posted from. I'm not sure if it'll track every single IP you've logged in from, though.

I would assume PayPal has a system that is somewhat similar, but I don't think anyone outside PayPal would be able to explain what exactly it is they do.

Yea, but my IP apparently changes every time I post. How can you ban someone who uses a dynamic IP permanently then? Or can you only ban their user account and not their IP?

I'd just like to know if there's a way for a PayPal employee to determine whether it was the "usual" computer the person who did the transaction logged in from, or if it was an unknown computer/IP which never showed up in their logs before..

This could help in case I go to court with the PayPal scam. Gave the case to a lawyer mate and this would surely be good to know.

Yea, but my IP apparently changes every time I post. How can you ban someone who uses a dynamic IP permanently then? Or can you only ban their user account and not their IP?

I'd just like to know if there's a way for a PayPal employee to determine whether it was the "usual" computer the person who did the transaction logged in from, or if it was an unknown computer/IP which never showed up in their logs before..

This could help in case I go to court with the PayPal scam. Gave the case to a lawyer mate and this would surely be good to know.

still it is easy to "hide" your own ip adres, so it is possible to just use a proxy and login to your paypal(you will have a different ip) and claim that you got hacked, IF they check ip's they will see that someone logged in with a different ip

i personally dont think paypal uses this system because it can be abused very easy with a proxy or vps etc.

dnno if it helped anything but just wanted to explain y

IP-adresses are regularly not stating much. The IP-adress is only the "location" of your internet, however it does not proove anything since there could be anyone inside your WI-FI or even with a VPN (I guess could work) to your network to "appear" like you.

Via IP-adresses they can't determine if it's your computer, could be anyone's computer snitching your wifi from the street.

/Stusse

EDIT: If they take it to court it could mean your ISP are guilty to provide further information than Paypal can acces (however usually they don't unless it's the State vs. Person, and not Person vs. Person). Not sure what further information the ISP sits on, perhaps someone more knowledged could answer that. :)

/Stusse

There's no way to prove the same person is using an account, for all you know there could be another guy in the same house with the same connection using the account.

If you were to have a log of IPs of people that logged into that account, you would notice that most ISPs have an IP pool to assign to its users. The first 2 octets will most likely remain the same... and the last 2 will be the ones that change the most. So you can tell if the guy's using the same ISP if the 2 first octets remain the same, not to mention you can also make a whois of the address. If the account show similar address then its most likely that they are the same user although it could be a a neighbor with the same ISP. Hard to say specially with big ISPs because they have a big pool of IPs and a lot of users. If the IP is totally different it can still be the same person, because he could have log from another place (school, cafe, etc) or he could be using a proxy.

I would assume that the ISP has a log of which IPs are being assigned to their users so the information is there but you would need the court to issue a warrant I suppose. I doubt they'll do that though... its highly unlikely because it still doesn't prove that the same person is using the same connection. For an instance, what if the user logs from a cyber cafe? or he's using the internet of a frat? or a LAN party?