Okay so we all know what an IP is, and that essentially it can't be traced to you or anyone specifically unless the authorities are involved and the internet provider is contacted to give the name/ address of the IP number,
with you so far...
but how does law enforcement get the IP in the first place?
well they get it from the server logs, of the place you've connected to that's caused them to need to trace your IP address to the real person.
From what I understand, the only way you can find out someone's IP is if you get them to click on a link, run it through a tracker, and then you'll have it. So is law enforcement able to skip that step and look straight at your IP?
not quite.
it's not clicking on a link, it's connecting to a site, so for example when you posted here you make a connection to this site, and if the law enforcement came to this site asking for your IP, it would be given.
same as when you connected to google, or yahoo, you connect to their servers, their servers record that connection, time date and IP.
you don't have to force someone to click on a link, you just need to know what their IP address is, or where they have been, so you can ask a website "hey this guy derp what's his IP?"
Basically, if you connect to anywhere on-line there is a good chance that your IP address will be recorded, if you do something that will attract the attention of the law whilst you;re on that place where your address is recorded, then the law will just go to that place where the address is recorded, and where you've done that thing that gets their attention, and they'll come find you.
no everyone needs to contact an ISP for all the time I've been here I've posted from addresses that are attached to businesses.
when I was AT uni, I posted from their block, no need to contact law to find out where I was, it said quite clearly.
when I worked at a software house, looking up the block also contained the business address
same when i worked at a uni, look up the address and you find a block with address details etc.
the address I'm posting from now, if you look it up you'll find the address of my office. (actually the address of my old office.)
if you've been dumb enough to post something stupid from a school there is a chance that the person trying to track you down can just go straight to your school. (where they will keep logs of what sites were connected to from what machines, and the machines keep track of who logged into them. -the servers that track internet usage might also track account names of who is going to whatever site.)
And then if the person catches wind of the investigation, they can delete the sight and just change their IP by spoofing the MAC?
firstly that's not how you spell site when talking about internet sites.
secondly...
you're going to need to be more specific or post a better explanation...
you put up a hate filled site, and then decided that was a bad idea.
so your plan is to take it down and change your MAC address? so that your IP changes...?
ummm, not going to work.
assuming you used paid hosting. well you were dumb enough to leave CC details.
if you used free hosting, then at xyz time last week the address a.b.c.d signed up for and put up said hateful site.
at that time address a.b.c.d belonged to this telco servicing that residential account. (even if you got a new IP, it doesn't change the fact or record that you had an address at a given time)
after that, the MAC address is burned into the chip, it does not change easily, yes, you can spoof a MAC address, I suppose assuming that your computer connects directly to the internet, but the MAC address of your modem/router as hardware will still be the same, so even if you spoof a mac address in packets sent from your machine, this likely won't affect the (probably separate device) that is your router.
I'm trying to catch an offensive poster on my own without having to involve law enforcement, but he's deleted the site and I'm certain has changed his IP
it is certainly possible to track a person by stuff that they post online.
certainly when this place was hacked a few years ago I managed to do a pretty good job of finding the people, where they lived, their family on face book, aerial photos of their house via google earth, planning permission applications for their house, whether they had pets and what their names were etc...
(of course this is only possible if people are careless about what online presence they leave.)
at this point your best bet is to quickly learn some mad/leet hacking skills, and hack the telco's systems and erase the IP assignment logs, then log ticket with their help desk to load backup tapes so that you can erase those too, you'll need to learn their systems so that you can understand if how and where data has been replicated to make sure that you don't leave any copies...
long story short...
you're boned.