> Disagree, if it was USA, it is easily possible to enforce a warrant and maybe you're lucky it's residential.
parent mentioned "owned machine" (as in, "hacked" not "ownership"), which means you might be able to find the source if you can seize the computer and analyze it in time. If the attacker wiped all traces from the computer then at best the trail ends there and at worst an innocent person gets blamed for it.
>If it was an VPN, you know it's a more competent person, org, and most VPN's also, keep logs.
"no log" is a commonly sought after feature in VPNs, and if you're planning to do shady stuff I doubt you'll go with a logged vpn.
>"no log" is a commonly sought after feature in VPNs, and if you're planning to do shady stuff I doubt you'll go with a logged vpn.
It's marketing puffery, they all log and they all keep it and will comply. Many VPN say no log, and then logs leak. You don't have control over that system/service, you can not fully verify and there is much mistrust around it for nefarious deeds.
>parent mentioned "owned machine" (as in, "hacked" not "ownership"), which means you might be able to find the source if you can seize the computer and analyze it in time. If the attacker wiped all traces from the computer then at best the trail ends there and at worst an innocent person gets blamed for it.
So, yes, and no. The IP address will determine location and possible people of interest. It could also lead to a chain or more documentation/possible past interest/threat.
The wiping/forensics imo are hard to ensure for chain of custody, but if an IP address is honed to residental, it's easy to grab a DNS log from that ISP and see what requests they amde and if it makes sense it was targeted, random shodan or possible hijacked/RAT machine.
More info never hurts, but "tracing" an IP address is the first step.
Sounds like no logs, probably showed up on shodan and someone wanted to have fun/many people did.