+ Reply to Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 31

Thread: How Can Private Trackers Know

  1. #16

    Join Date
    14.06.09
    Location
    Arkadia
    P2P Client
    rTorrent
    Posts
    445
    Activity Longevity
    0/20 18/20
    Today Posts
    0/5 ssssss445
    on IRC is exposed your: chosen IRC nick, IP, used IRC client. Then IRC client can (but doesn't have to if you set it up so) leak its name, version number, version of operating system running, CPU arch, CPU speed, compiler options used for compiling client.

    Note that I said 'can'. All that info is leaked ONLY IF some staffer sends you "CTCP VERSION" query, and ONLY IF your client then responds with all that info which I mentioned. Problem is, one of mostly used free IRC clients: XChat and HexChat DO send all this info by default in CTCP VERSION reply.

    Luckily you can easily change or spoof CTCP VERSION replies. In case of HexChat its on Settings > CTCP replies. You can always test what your client sends: when in some channel just write: /CTCP YourNick VERSION

    You can also spoof/cloak your IP on IRC using remote shell with screen or bouncer like znc, or easy way using webservice like irccloud, but thats story for some other time...
    Reply With QuoteReply With Quote
    Thanks

  2. Who Said Thanks:

    JohnareyouOK (09.04.19) , Renk (04.02.19) , illusive (18.02.14) , crystal (16.02.14) , DriftKing (14.02.14) , THC (11.02.14) , Instab (11.02.14)

  3. #17

    Join Date
    26.11.11
    Location
    mesquite
    Posts
    13
    Activity Longevity
    0/20 15/20
    Today Posts
    0/5 sssssss13
    MAC address. I was banned for cheating on what years ago and about a year ago I got another account. I was banned shortly after for a dupe account. There was about 3-5 years in between. I had a new modem, new IP, used a different torrent and irc client and I had even moved at that point so I figured I was good. I may have even had a new computer but I am not sure. I am sure however that I had definitely re-installed Windows since then. The only thing that was the same between those years was my router and, possibly, my PC. If they are not tracking the MAC address then they have spies that have been following me for years.
    Reply With QuoteReply With Quote
    Thanks

  4. #18

    Join Date
    05.06.12
    Posts
    176
    Activity Longevity
    0/20 14/20
    Today Posts
    0/5 ssssss176
    I think only your ISP can see your MAC address.
    Reply With QuoteReply With Quote
    Thanks

  5. #19
    Moderator
    Instab's Avatar
    Join Date
    18.09.09
    Posts
    6,660
    Activity Longevity
    5/20 17/20
    Today Posts
    0/5 sssss6660
    Quote Originally Posted by cirulilu View Post
    I think only your ISP can see your MAC address.
    they can only see the MAC of the first device in the chain. assuming you're behind a router then nobody can see your machine's MAC.
    Your account has been disabled.
    Reply With QuoteReply With Quote
    Thanks

  6. #20
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,385
    Activity Longevity
    11/20 19/20
    Today Posts
    4/5 ssss39385
    I never changed my MAC and What.cd couldn't catch me having four active accounts. Then I realized there was no point on doing that anyway.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  7. #21

    Join Date
    28.04.11
    Posts
    533
    Activity Longevity
    0/20 16/20
    Today Posts
    0/5 ssssss533
    Quote Originally Posted by guybrush View Post
    MAC address. I was banned for cheating on what years ago and about a year ago I got another account. I was banned shortly after for a dupe account. There was about 3-5 years in between. I had a new modem, new IP, used a different torrent and irc client and I had even moved at that point so I figured I was good. I may have even had a new computer but I am not sure. I am sure however that I had definitely re-installed Windows since then. The only thing that was the same between those years was my router and, possibly, my PC. If they are not tracking the MAC address then they have spies that have been following me for years.
    When you say new IP you mean a dynamic one in the same range? Did you also have a new ISP? New town? For e.g. if you live in a small town/village and you were the only one with a what.cd account then I believe it was pretty easy for them.

    What I mean is that more things can pile up: same city, same ISP, same OS, same browser, same torrent client, same email provider, same style of behavior (choosing a username, posting, commenting, bookmarking, using a seedbox etc.) etc.
    Last edited by THC; 21.05.14 at 18:24.
    Reply With QuoteReply With Quote
    Thanks

  8. Who Said Thanks:

    tr-cht-fx-242p (23.05.14)

  9. #22
    Moderator
    Instab's Avatar
    Join Date
    18.09.09
    Posts
    6,660
    Activity Longevity
    5/20 17/20
    Today Posts
    0/5 sssss6660
    Quote Originally Posted by THC View Post
    When you say new IP you mean a dynamic one in the same range? Did you also have a new ISP? New town? For e.g. if you live in a small town/village and you were the only one with a what.cd account then I believe it was pretty easy for them.

    What I mean is that more things can pile up: same city, same ISP, same OS, same browser, same torrent client, same email provider, same style of behavior (choosing a username, posting, commenting, bookmarking, using a seedbox etc.) etc.
    exactly, most of the time in such cases people simply don't think of enough details hence it seems like a mystery to them when they get caught but they just didn't do the math properly.
    Your account has been disabled.
    Reply With QuoteReply With Quote
    Thanks

  10. Who Said Thanks:

    THC (24.05.14)

  11. #23
    Mac Address is the best way for trackers to know you
    Reply With QuoteReply With Quote
    Thanks

  12. #24
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,385
    Activity Longevity
    11/20 19/20
    Today Posts
    4/5 ssss39385
    The following thread got a lot more educational last year, I recommend checking it out.

    http://www.sb-innovation.de/showthread.php?t=19023
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  13. #25

    Join Date
    03.12.16
    Posts
    76
    Activity Longevity
    0/20 9/20
    Today Posts
    0/5 sssssss76
    What most people always neglect to do when duping is changing their browsing habits too. I mean not change them a little,but change them 101%.

    We will use Whatcd (RIP) as an example.
    Lets say you have an account there, high user class and shit, log in frequently. You like checking forums, especially the invites forum or whatever thread. You like a lot searching for your favorite band, you like checking staff profiles of other trackers etc.


    Lets say now you get banned for whatever reason.Trading, cheating, you name it.
    Ok, pity and all, you had good ratio on your last tracker. You potentially made friends, you were close to that shitty good 6 month recruitment etc. For starters, DO NOT make hasty moves and most of all DO NOT panic.

    Just go and create new account. Try not to be in the same ip range if possible. Play with browser fingeprint. Dif email/username/password of course (random generated for better or worse). Just use a usual username and a usual password. I have seen people using emails like ''monkeyking'@'' etc or other shitty usernames. BIG no. Just use something usual, something wont even resemble to someone being/have been a member. I have heard of good people, honest people, being banned because: '' your username/emails resembles to a previously banned member''...

    And most of all: use always incognito. I think that shit is encrypted and must be better on firefox, but anon and other IT guys could clarify that.

    -----------

    Ok, now you in the tracker.
    Spend time reading the rules and wiki. Avoid browsing the forums, you are not there for than anyway. Try searching also some of your favorite music or even download a couple of songs right away. Again: DO NOT search for the same artists/songs/albums/whatever shit you did before. This is imperative and a necessary evil...
    Avoid uploading too if you like that for at least some time, lets say a month. Try changing log in frequency. For example if you previously logged in like 5 times per day, now log in once per day or even once every 2-3 days.
    You need to understand something now. Most people in trackers are regular ''users''. I mean literally ''users'' over 60% on most trackers are mere user class. These people dont give a fuck when it comes to community. They are only there for the content. So fuck the community and enjoy the content.

    I think i was as detailed as much as possible. Most people get caught because they probably make one of the mistakes above. Dont give staff a reason to check your profile. Be as simple and as usual as possible. They always said the best place to hide is in plain sight. You are gonna play with fire here, but at least where your gloves before you do .
    Staff always bans for whatever reason, even good people. The unavoidable consequences of power and its corruption. Dont give them any kind of reason to ban too. Benefit of the doubt is your friend here. Though they usually find you guilty until proven otherwise.

    Last but not least, never forget that gazelle logs EVERYTHING. So be extra careful upon signing up again.

    ***mac address finding is an urban legend they still enjoy people consider it. If you are that paranoid though, just use a mac spoofing programm. Most of them are free anyway.

    *** the above advice wont be any good to traders/sellers. Cant really speak about cheaters, but if you think you can freely trade and not being caught, think again. They might not get you for a day, a week,. A month. A year. But eventually, they will come at you knocking.
    Trading/selling is like a tree with branches. But unlike the tree, if only one of the branches fall (lets say one of the people you previous traded getting caught or even one of the people your previous transaction participant traded with, lol), they will come at you. All the dots are connected here. Some staffers are either psychotic or dont have anything better to do with their life, so thats all they know and do. Eventually a building collapses, if the foundation is rotten, so better beware of your future dealings...
    Reply With QuoteReply With Quote
    Thanks

  14. Who Said Thanks:

    JohnareyouOK (28.03.19) , alpacino (28.06.17) , illusive (27.06.17) , anon (27.06.17) , H265 (27.06.17)

  15. #26

    Join Date
    24.01.19
    Posts
    7
    Activity Longevity
    0/20 6/20
    Today Posts
    0/5 ssssssss7
    I Invited a user from public forum, and after 2 days later they found my forum thread ! They gave me the link on IRC.
    And I read very similar story on another forum.
    How do they detect the forum thread ?
    Reply With QuoteReply With Quote
    Thanks

  16. #27
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,385
    Activity Longevity
    11/20 19/20
    Today Posts
    4/5 ssss39385
    Quote Originally Posted by eylul View Post
    I Invited a user from public forum, and after 2 days later they found my forum thread ! They gave me the link on IRC.
    And I read very similar story on another forum.
    How do they detect the forum thread ?
    There are several ways, some that spring to mind right now are:
    • IP-catching images/links posted by staff;
    • unintentional IP-catching images/links posted by regular users (hotlinking an image from the tracker or clicking on a direct link to it, both of which send IP, cookies and referring URL to the target host under default browser setups);
    • timestamp comparison (you invited that person, then posted "invite sent" in public minutes later, all they have to do is search who was invited within that timeframe);
    • one or both of you used the same name on both trackers and that forum;
    • one or both of you used the same e-mail on both trackers and that forum (indirectly discoverable through the password recovery function);
    • your invitee was actually an undercover tracker staff who duped you into inviting them to then disable your account for inviting "strangers" (this actually happens, some of them have nothing better to do I guess);
    • any other bit of information either of you posted publicly and that's entropic enough to identify your account (country of origin, ISP, connection speed, torrent client and version, client port, Web browser and version, etc.), either by itself or when combined with other details.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  17. Who Said Thanks:

    ueki (07.02.21) , JohnareyouOK (28.03.19) , alpacino (28.01.19) , eylul (27.01.19) , Lucius (26.01.19)

  18. #28

    Join Date
    24.01.19
    Posts
    7
    Activity Longevity
    0/20 6/20
    Today Posts
    0/5 ssssssss7
    Thanks anon for all your help.
    Reply With QuoteReply With Quote
    Thanks

  19. #29
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,385
    Activity Longevity
    11/20 19/20
    Today Posts
    4/5 ssss39385
    Quote Originally Posted by eylul View Post
    Thanks anon for all your help.
    Tsk tsk, there's a "Thanks" button below my posts
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  20. Who Said Thanks:

    latres (30.12.19) , Einstein (15.04.19) , eylul (27.01.19)

  21. #30
    Advanced User Renk's Avatar
    Join Date
    17.08.08
    Location
    Elsewhere
    P2P Client
    utorrent
    Posts
    581
    Activity Longevity
    0/20 19/20
    Today Posts
    0/5 ssssss581
    Quote Originally Posted by fraudman View Post
    BTN can track using the Computer Names and Mac Address. I banned 2 times for this..

    As far as I know, Computer Name and Mac address are no routable information. he Mac Address relies on OSI's layer 2 (Ethernet) IP on OSI's layer 3. Ethernet works at the local level only. Ip protocol on the other side can reach remote networks. Sometimes the Mac Address can be coded inside the v6 wan IP, but in that case it's an IP detection in the first place, not a Mac Address one. If you mask your wan IPV6 with eg an IPV6 capable Vpn, your Mac Address will no more be "seen".
    Reply With QuoteReply With Quote
    Thanks

  22. Who Said Thanks:

    Instab (04.02.19)

+ Reply to Thread
Page 2 of 3 FirstFirst 123 LastLast

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •