Our home was recently vilolated and a Laptop and other things were stolen.
The laptop was a new Gateway running Vista Home Premium and the trial of
the Symantec Internet Security Product. What I have is the system model and serial numbers, the COA serial and the wireless MAC address.
Is there any way that I can use my other laptop to track this thing down or am I just wasting my time?
The local police and Gateway have both been notified.
I have since installed LocatePC on the remaining systems in the house but that won't help me find this one.
Thanks for any help.
As theprez stated, what has this to do with BackTrack?
Other than that, if you have the time you could run 'airodump-ng' or Kismet and wardrive until you find the MAC address. Other than that, your out of luck. Do you know how may stolen laptops get sold on the street in my city? LOTS! All formatted with a fresh copy of WinXP_SP2. Unless the thief knows how to fake a MAC address you are out of luck.
Just wardrive for it, do some detective work, find out what region you would think the thief is located. Home detective work is the best I think, but because some things need clearance [like criminal database searches etc] you will be limited to what you can do.
EDIT: Just thought I'd let you know that any police station will put your case to the back of the cabinet along with 'broken window' cases. Do your own detective work as I said, gather as much information as possible. First off you should try and figure out if there has been any break-ins in your area within the last 3 months. See if there is a pattern, find out if you have any enemies that would want to do that. Spy on local gangs [from a distance]. Etc, etc..again, Good luck.
There is a chance, although slim, that the police could arrest the person and you could get the laptop back. Although, if they arrest the perp, the laptop will be held in evidence until the end of the trial, which could take quite a while.
I've already had a laptop stolen, recovered, and returned, although it took about 3 years for it to be returned.
It would be better just to forget about it, file a claim with home owner's and have them buy you a new one. If by chance the Police call and say they've recovered it, you still get it back.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!
Now... as for actually tracking the laptop over the internet, I think the only luck you'd have are with things like Microsoft's update website, or Norton's update website. If your laptop is currently being used without having being wiped, then it will be periodically sending data to Microsoft's site and Norton's site looking for updates. If you're lucky, one of either of these company's might be kind enough to tell you the IP address from which the data originated. You might have some luck tracking the IP address... and if you're really lucky it will be registered to something like a college or library. From there you can use airodump-ng.
From my own personal experience, it's best not to inform the companies straight away when something gets stolen. The last time my phone was stolen, I didn't report it stolen. If I had reported it stolen, the thief wouldn't have been able to make calls on it, and also I wouldn't be able to access my online account which has a detailed list of calls made. I checked the last calls, and they were to Romania. Then I remembered that I'd been at a carnival the day before and the attendant on the bumper cars was a dirty, smelly, Romanian gypsie. I used an online translator to translate threatening texts from English to Romanian, and sent them to the phone, and I also sent a list of the numbers that he rang. I said in the text that the police were coming the following day to arrest him. Up until that point, the phone had been constantly on but nobody would pick up when I rang it. Less than 20 seconds after I sent that text, the phone was off. I hope I shit him up good.
Anyway... getting back to the topic at hand... you might have more applications on your laptop that periodically contact the internet for updates, applications which involve some identifying information such as a username.
Regardless of whether you get the laptop back, hunting is fun. Track the IP address to a locality, and then use airodump-ng to find the laptop. Then sniff the traffic from the laptop; you'll get stuff like Facebook accounts, Bebo accounts... shouldn't be hard to find the person from there.
Here's what I would do in the future. Get ahold of this app:
Run this on your workstations/laptops. The app will update your IP through dyndns. Now, from a remote location, you can access your workstation/laptop through whatever backdoor you installed. Its an easy way to gather information, you can provide the IP to his ISP and police, you can also access your computer and attempt to track him down. I have terminal services and pcanywhere running.
Now if he formats it, then your S.O.L.