How to find the IP address of a hacker, according to CSI: Cyber

Raymond Chen

Raymond

The episode of the television documentary CSI: Cyber which aired on CBS last Wednesday demonstrated an elite trick to obtaining a hacker’s IP address: Extract it from the email header.

Here’s a screen shot from time code 14:35 that demonstrates the technique.

<meta id=”viewport content=”” name=”viewport></m <link href=”y/images/favicon.ico rel=”shortcut ic <link href=”y/styles.css?s=1382384360 type=”text/ <link href=”y/mail.css?s=1382384360 type=”text/cs <hidden: ip: 951.27.9.840 > < echo;off;>           <!–if lte IE 8><link rel=”stylesheet” type=”text/ <!–if lte IE 7><link rel=”stylesheet” type=”text/ <link href=”plugins/jqueryui/themes/larry/jquery-u <link href=”plugins/jqueryui/themes/larry/ui.js?s=

This technique is so awesome I had to share it.

<!–

I think the it would have been better if the bad guy’s IP address were 127.x.x.x or (less obviously) 192.168.x.x or (even less obviously) 203.0.113.x. Then the script kiddies watching the show would go nuts trying to DoS that guy.

–>

Raymond Chen
Raymond Chen

Follow Raymond