« Web Searches of Late
Some Changes »


Jul

19

Internet Provider Logs, Website Logs and What They Can Reveal

Category: Life |

Recently I posted about some searches that have brought traffic to my website concerning high gas prices and how it’s affecting everyone all over the US. A reader made a comment that prompted me to sit down and write this article. I guess I just assumed that everyone knew these things. I was wrong. After investigating a bit I see that many folks are not aware of the tracks they leave behind when they surf.

So here we go. Let me explain just a little bit about this.

When you sign up for internet access at your home, you’re assigned an account number. No matter the service you use, dialup, cable whatever. You have an account number. That’s your first identifier. Everytime you logon, or even if you’re online all the time, your account number is being stored and logged. You’re assigned a random IP when you connect to the internet (we won’t get into the purchase of static IP’s for businesses etc.). If you’re always connected to the internet you can keep an IP for weeks, then it resets itself assigning you a new IP. The IP’s you are given are assigned to the company you purchase internet access from. If you buy access from Sparky’s Internet, then Sparky has been assigned a block of IP addresses which they in turn re-assign to the users when the users are connected. This block of IP’s that Sparky has access to are the identifiers for Sparky’s Internet. These IP’s and the user account they’re assigned to are logged as well. A new log file is created everytime a user gets a new random IPĀ  assigned.

Whew. Get that? You get an identifier from your internet company, that is logged everytime you connect to the internet. Just so you know these logs are not usually reviewed BUT in some cases they are. The police can get a warrant and force your internet provider to turn over those logs, if they have reason to believe a crime was commited using your computer and internet account. These identifiers can be traced back to your account and from there to your machine. Not to a particular person though, because even if you have a password on your machine, it’s always a possibility, whether probable or not, that it was someone else using your machine and your password. Sometimes that little bit of doubt doesn’t matter much.

It’s happened in some very high profile cases; recall the recent case up north of the young english guy just recently convicted of killing his wife and child. His computer was searched and several searches were found that had to do with committing murder (see this link for more info: http://www.metrowestdailynews.com/state/x1165648058/Searches-about-murder-escort-services-found-on-Entwistles-computer ) That search was simply on his machine, the police could and may have gone much further by getting a warrant for his internet provider.

Read this article for further clarification on what is collected, stored and for how long. It can be shocking to some people who really do not know this is happening. ( http://www.nytimes.com/2006/02/04/technology/04privacy.html?scp=3&sq=hansell%20subpeana&st=cse )
Heres a telling quote from the article: “When it comes to e-mail and Internet service records, “the average citizen would be shocked to find out how adept your average law enforcement officer is at finding information,” said Paul Ohm, who recently left the Justice Department’s computer crime and intellectual property section.” This is a very good article and I really suggest reading it to get a handle on all this.

Alrighty! So we now know that when we’re at home using the internet that we have ‘identifiers’ and those can be traced back to your account and from there to your actual physical machine. Damn.

The same thing can be done at work, with a twist in some cases. Most companies have ‘IT’ people who run the networks. Those networks usually have identifiers that have nothing to do with the internet. Some machines are named and/or numbered so that the IT staff can identify them at a glance. This is so that the network can be monitored and kept up to date, repairs can be made at a faster rate because the machine in question can be pegged by name or number. It is that IT persons job to make sure their network is secure and functioning properly and protecting the company’s interests. So now you have an extra set of identifiers on top of the Internet service providers identifiers. And these identifiers can usually be connected directly to a particular person, unlike the service providers identifiers going back to the machine only. At a job a worker is usually ‘logged onto’ the network and is doing work while logged on, the fact the person was doing their job makes it a positive ID. So if the employee happens to surf the web for porn while working with a company database, it’s reasonable to assume the identity of the porn surfer is the same worker who is logged in to the porn surfing machine. People get fired for this kind of behaviour. Another thing to consider about the work place and the internet is the ‘Acceptable Use Policy’ that most employers have in place. Does your workplace have one? Have you signed one? Did you really really read it? I hope you did.

Now that was brief wasn’t it? Yeah. Ok now on to the websites and the information they gather when you view them.

The main reason a webmaster/owner wants to view this information is so he knows who his target audience is. Who is looking and for what, allows you to cater to your authentic readers. If someone is searching for jokes on your website, you may want to accomodate them to keep them coming back. If they’re searching for local news, you may want to write more articles about local happenings. See what I mean? If the IP address says they’re coming from India and searching for porn on your website, you know it’s most likely a nasty spammer and you can block that IP from posting or hold for approval any posts they make; avoiding possible spam posts that can wind up costing you readers and cold hard cash due to bandwidth usage. If the IP that hits your website is from a local internet provider and they’re searching for news on the local school system you can assume it is a local person. From there you know that at least one local person would like to see some local news on your site.

You can also see what kind of operating system they are using and what browser. This allows you to check your website on those operating systems and browsers to see how well they degrade on other systems (ones you did not use to build your site on). You can tweak your site a bit to accomodate these other OS’s and browsers by having this information. There is more information avaliable and it is all designed to help the webmaster better serve his target audience. In RobesonBlogs case our target audience is mainly the citizens of this county. It’s really not nefarious and every single web host grabs logs with this information and saves them. From cookies to session ID’s to telling what URL you came from and showing searches from search engines.

Most folks just don’t think about all that backend stuff. But it’s there. I should also note there are ways to ’surf anonymously’. Do a quick google search on that and you can read all about it.

  
Mood : contemplative


Recently:


Comments


Name (required)

Email (required)

Website

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Share your wisdom

  • Calendar

    August 2008
    S M T W T F S
    « Jul    
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  

  • Home

      Home is where you can say anything you like cause nobody listens to you anyway. ~Author Unknown