How Long Does Your ISP Store IP-Address Logs?

HardOCP News · Jun 29, 2012

Don't know how long your ISP stores IP-address logs? This article at TorrentFreak will help you find out.

The ongoing avalanche of mass-BitTorrent lawsuits reveal that IP-addresses can get people into a heap of trouble and it’s not unusual for Internet subscribers to be wrongfully accused of sharing copyrighted material. This begs the question, for how long are these IP-addresses stored? To find out, TorrentFreak asked some of the largest Internet providers in the US about their logging practices.

MavericK · Jun 29, 2012

Cliffs: Way too long.

Ur_Mom · Jun 29, 2012

MavericK96 said:
Cliffs: Way too long.

Cool. Thanks. Article was blocked at work, figured it was a while but this tells me enough.

Toothball · Jun 29, 2012

Any idea for RCN?

aznguile972 · Jun 29, 2012

Not that I condone piracy or any such practices, but why keep logs when they are not required?!? I would say 2 weeks to a month would be sufficient for any company.

NKDietrich · Jun 29, 2012

Torrents. How quaint.

SkribbelKat · Jun 29, 2012

MavericK96 said:
Cliffs: Way too long.

What Ur_Mom said...thanks for the TLDR version. ^^

thewooster · Jun 29, 2012

Wow, Verizon's is painful XD.

niconx · Jun 29, 2012

AT&T Uverse IP addresses never change so it doesn't matter how long they keep logs.

SomeFknGuy · Jul 1, 2012

doesnt matter, any ISO's i download of questionable content are done via ssl encrypted tunneling....enjoy isps....enjoy

Sly · Jul 1, 2012

SomeFknGuy said:
doesnt matter, any ISO's i download of questionable content are done via ssl encrypted tunneling....enjoy isps....enjoy

Encryption doesn't matter since the ISP only track traffic, not content. Too much CPU power and latency if they actually check the data inside each packet. All they need to see in the logs is that 10MB of traffic went into an account whose source IP is a questionable server, and then 10MB went out immediately after to a particular address.

By cross referencing ip logs from multiple ISPs, you can buildup an accurate snapshot of the net. Spoofing doesn't work since they are the actual network so they log the server IPs that the packet actually came from rather than what's written on the packet. If the IP of the server the packet came from is 100.100.100.100 but the spoofed packet says 200.200.200.200, the ISP is going to log 100.100.100.100. If you were routing to a public VPN, since the traffic going into the VPN is unencrypted they can segragate the packets and see that 100 packets make up a 100MB file (Scanning all their clients is impractical, but they can do it if it's just a few; like VPN servers), and 100MB of encrypted data went out to a particular IP.

SkribbelKat · Jul 1, 2012

Encryption ususally introduces a certain degree of "padding" in the data and tends to alter the size of a file.

How Long Does Your ISP Store IP-Address Logs?

HardOCP News

[H] News

MavericK

Zero Cool

Ur_Mom

Fully [H]

Toothball

Weaksauce

aznguile972

Weaksauce

NKDietrich

Supreme [H]ardness

SkribbelKat

Supreme [H]ardness

thewooster

Gawd

niconx

2[H]4U

SomeFknGuy

[H]ard|Gawd

Sly

Supreme [H]ardness

SkribbelKat

Supreme [H]ardness