[mwhooker]

compelling story, but I'd like to know how he translated an ip address in to a street address.

[rednum]

Perhaps it was something like:

  1. OP finds an IP in [insert-not-so-large-irish-city-name-here].
  2. OP remebers having a friend in [not-so-large-irish-city],
     somehow obtains his IP (which is not a hard thing).
  3. Bingo, adresses match!
  4. OP is confused, but then remembers that his friend has 
     teenage soon, so he calls the friend to ask about the kid.

In other words, if it were some random troll, he wouldn't be able to do this.

[smoyer]

Or maybe Chloe tried to slip through the subnet while Miles traced his physical location by looking at the binary (http://blog.sfgate.com/tgoodman/2006/04/25/this-doesnt-make-...). That last season of 24 made me realize how little I knew about networking.

[columbo]

Here's a possibility: On his blog he has a field to enter in your email address to subscribe to posts. If he's recording IP addresses there's a good chance his friend (not the son) would have put in his email to follow. Once he got the IP address of his Troll he could have just looked in his registration table on an off chance there was a match.

[sliverstorm]

Well, there's a few possibilities. For example, if the ip address was associated with a DN, you could do a reverse-lookup and then do a whois.

[loboman]

Also he might know the friend's ip if the friend sent him an email.

[DanBC]

Knowing the IP is the easy bit.

Taking that IP and finding a street address is the tricky bit.

It can be done with court orders. (In England. I have no idea how Ireland does it.)

[loboman]

If he knows the friend ip, he knows that they both match (friend = troll).

[DanBC]

Ah yes, sorry. I missed that.

[adrianpike]

I'm also curious about this.

One option would be to lure the troll to a site & pull down the location info from his browser - I'm not sure how readily the troll would authorize that, but maybe with some clever social engineering it could be done. His father did mention he was on his mobile a ton, so it's possible he got pretty accurate data, instead of just his local ISP. (Related - I'm on Clear right now, and apparently I'm in Portland. I'm actually up near Canada.)

[uiri]

It could have been something as simple as politely asking the ISP or the police. Given some of the circumstances which transpired and how difficult it may or may not be to get the ISP to give you the street address, I wouldn't be surprised if they went, or at least tried, that route.

Keep in mind he translated three ip addresses into street addresses and two of them turned out to be public hotspots.

[skeletonjelly]

I doubt asking kindly would yield personal information. This kind of social engineering can be used for bad as well and I'd doubt they'd leave the justice and investigative powers in the hands of a citizen.

[skunkworks]

That was my first thought too. My guess would be a shortened URL that redirected to a private server, which then redirected to some Facebook contact form. Facebook message times could then be roughly correlated with IPs harvested from logs from the private server.

[giardini]

Find the ISP and ask for the user's information, either formally (with police assistance) or informally (pay someone for the info).