Tracing a Computer to an IP Address
Dear Experts:
Someone at my company is using their work computer to anonymously post blog comments from a ghost web-based (free) e-mail address to an another outside website. I heard that the hosts of that website brought this to my company's attention because they were able to determine that the comment(s) came from one of my company's IP addresses (we have ten addresses).
My question is this: If the website hosts provided the IP address to my company (which, I have no idea if they have or not), could the company then trace the comments back to the specific computer it came from? Or, are there too many variables involved to make a definite determination?
Thanks.
Software/Hardware used:
Internet Explorer
Software/Hardware used:
Internet Explorer
ASKED:
September 3, 2009 2:31 AM
UPDATED:
September 16, 2009 2:46 PM
Answer Wiki:
It all depends on how much logging your company is doing on the network.
Odds are the public IP address that is captured by the blog host would be the router's public IP. All users network traffic probably comes from this IP address. For the company to track this they'd need to track all network traffic through the router as well as what computers are issued which internal IP address, as well as what user was logged onto that computer at that time.
It is possible to track, if everything was setup in advance to make it happen.
___________________-
It is possible.
To see all answers submitted to the Answer Wiki: View Answer History.
You really need to have logging and monitoring systems setup in advance to be able to respond to this type of situation. This might be a good time to consider a Web content filtering product/service from Webroot, Barracuda, St. Bernard, etc.
Your corporate firewall may be logging this traffic, but you would need to know the time it occurs, and you would have to delve into it before the logs are overwritten.