Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Question about third party DNS and ISP logs


  • Please log in to reply
5 replies to this topic

#1 maxa99

maxa99

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 27 June 2015 - 08:49 PM

Hi,

Recently my son left very inappropriate comment on his school friends biog. His family is very furious and wants to sue. Apologies were not accepted.
I am using Google Open DNS as third party DNS provider.
My question is very simple. Can ISP list that this SPECIFIC PAGE on blogger.com was visited at that moment and from our IP address or they can log only IP address of blogger.com. I know they usually can and do log URLs but there is something specific here….I’am using Google Open DNS server. Some people say that provider only logs IP address of sites you visited if you use third party DNS provider and some that they can see and log full URL. This is very important for me so please help.

Thanks in advance



BC AdBot (Login to Remove)

 


m

#2 1PW

1PW

  • Members
  • 316 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North of the 38th parallel.
  • Local time:01:42 AM

Posted 28 June 2015 - 12:49 AM

Hello maxa99:
 
Have you considered the records that could be subpoenaed from the source computer, your ISP and Google as well as the logs from the computer that holds the biogs and its ISP?

 

Five separate records that coincide could be exceptional damning inculpatory evidence.

 

HTH


Edited by 1PW, 28 June 2015 - 01:51 AM.

All viruses are malware but not all malware are viruses and if the malware doesn't self replicate it just isn't a virus.


#3 maxa99

maxa99
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 28 June 2015 - 04:35 AM

My ISP is the only one that worries me at this moment, google erases records after 48 hours. I realy need the answer considering just my ISP



#4 tsgtsc84

tsgtsc84

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:42 AM

Posted 28 June 2015 - 09:13 AM

Hi I'm new to the forum, and I am a doctor, but my mate is a lawyer in the UK. I saw your plight so had to join. This comes from him:

 

 

No judge would commit to a trial, let alone award damages to someone under 18 writing a comment on a blog, even an adult, it just wouldn't happen, all they are trying to do is scare you, don't engage with them, nor approach them, leave it. He is truly sorry, it was a joke, spare of the moment thing - end of - in the UK the police, let alone a judge would even bother to get involved.

 

To obtain records, would need a serious crime to have taken place and a court order (which is not issued lightly) especially not for a few words. CCTV footage can be taken by the police from a crime scene, but records are a completely different ball game. Firstly, a court order would be submitted to the relevant company e.g., your ISP, who have their own data protection rules and regulations. All his takes time and money, which the people sueing would have to fork the bill. You are generally saying, anything from 6-9 months. So, I really would not worry about another parent wanting to sue for a single comment. All I can say, if their son has never done something stupid, then???? Get a life comes to mind.

 

Tony.

 

P.S. this is advice. Not legal help.


Edited by tsgtsc84, 28 June 2015 - 09:31 AM.


#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,620 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 AM

Posted 28 June 2015 - 02:18 PM

Even if you use a third party DNS, your ISP can know the full URL, because:

 

1) it can see your DNS requests and Google's DNS replies

2) the path of the URL is in the HTTP header

 

remark: 2) is only possible with HTTP, not HTTPS.


Edited by Didier Stevens, 28 June 2015 - 02:18 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 5,948 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:09:42 AM

Posted 28 June 2015 - 05:48 PM

@tsgtsc84 #4  first of all - welcome to BC !

 

I think this is about as sensible a response as any. If  nothing else, the son has learnt something about stupidity, and the friend has learnt something about security and/or moderating comments..

 

Chris Cosgrove






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users