1. The guy who has the proxy he went through to hide his tracks will sift through the logs to find the IP address he came from. Luckily this idiot posted the exact URL he used, so that will be easy.
2. The feds will serve a warrant or subpoena to the ISP or university that owns that IP address, demanding the logs of all connections to that proxy server. That will produce a local IP address.
3. Then they’ll either look up what account that’s assigned to if static addresses are used, or look in the DHCP log if dynamic (you get a different one most of the time you log on) addresses are used.
4. Match account to the person.
5. Visit by the guys in suits.
The idiot used a domestic proxy with a clear “no illegal stuff” policy so I doubt he’s smart enough to cover his tracks to evade steps 2-4.
Thanks. 2 other posters on this thread pointed-out that Kernel admitted his actions. I’m sure that the investigators will still follow his tracks in making their case. I was curious how this type of thing gets done.
I’m a little familiar with networks & the differences between static & dynamic addressing. But if anybody else has access to the computer used in this crime it could be tough to make a case. A more sophisticated hacker might have used a “public computer”, like one at an internet cafe.