- How was the computer connected to the internet?
- Directly to the router?
- Through a wireless network?
- If it was connected through the wireless, was it a secure or open network?
- There were two individuals in the household that had access to the computer.
- What was the version of Windows that was in use at the time? (It makes a difference.)
- Were there different logins for each of the users?
- Did they use them?
- How was the computer connected to the internet:
- Was it a direct connection through the router?
- Was it on a wireless?
- Was it a secure connection or open?
- What time of day were the files downloaded?
- Can the motion picture company prove that the files reside or resided on the accused computer?
A hotel receives a notification that they have been one of the thousands of accused file-sharers. They can pay a couple of thousand dollars settlement and be done with the issue or fight it. The hotel is not guilty of the act of downloading the movies. Their clients are as they used the internet to download the movies.
A business receives the same notice regarding downloading the movie from their IP address. The business makes claim that they had an open wireless network (something their IT Guy should not have allowed.) and that the movies were downloaded during the times that the business was closed. That they had seen several cars in the parking lot after hours that had people in it using laptops.
I'm a bit suspicious about the cars in the parking lot downloading movies from an open network. I would be more inclined to think that they were attempting to steal personal or business information.
There are a couple of points to this article. The first is that IP addresses can be a great clue, and often times connect the dots so to speak. The IP addresses cannot be really more than a clue.
The second point is there are so many avenues to search that without a competent computer forensic expert to assist you may miss the real evidence.
Computer Forensics Northwest White Papers