Hi all,

Need advice on the follwoing problem:

I have an IP address (of someone who is using my scripts without permission) and I would like to send a message to its owner. Any ideas how can I do it?

Never mind.
Upon further investigation I found the following:

% This is the RIPE Whois server.
% The objects are in RPSL format.
% Please visit http://www.ripe.net/rpsl for more information.
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html

inetnum: 217.206.34.0 - 217.206.34.7
netname: NORTELNETWORKS
descr: Nortel Networks
descr: Office
descr: New Southgate
country: GB
admin-c: PM738-RIPE
tech-c: EH92-RIPE
status: ASSIGNED PA
mnt-by: EASYNET-UK-MNT
changed: hostmaster@easynet.net 20020116
source: RIPE

route: 217.204.0.0/14
descr: Easynet UK
origin: AS4589
mnt-by: EASYNET-UK-MNT
changed: chris@easynet.net 20010903
source: RIPE

role: Easynet Hostmaster
address: Easynet Network Operations Centre
address: Easynet Group PLC
address: 44-46 Whitfield Street
address: London W1T 2RJ
address: England
address: GB
phone: +44 20 7900 4444
fax-no: +44 20 7900 4445
e-mail: hostmaster@easynet.net
admin-c: SMH1-RIPE
tech-c: SMH1-RIPE
tech-c: CL60-RIPE
tech-c: PD5917-RIPE
nic-hdl: EH92-RIPE
remarks: Please send abuse notification to abuse@easynet.net
notify: hostmaster@easynet.net
notify: hm-dbm-msgs@ripe.net
mnt-by: EASYNET-UK-MNT
changed: shastie@easynet.net 19970131
changed: shastie@easynet.net 19990622
changed: shastie@easynet.net 19990817
changed: shastie@easynet.net 19990818
changed: shastie@easynet.net 20000718
changed: shastie@easynet.net 20000914
changed: shastie@easynet.net 20001101
changed: shastie@easynet.net 20010219
changed: sharon.hastie@uk.easynet.net 20020123
source: RIPE

person: Peter Munford
address: Oakleigh Road South
address: New Southgate
address: N11 1HB
address: UK
phone: +44 1628 618 888
e-mail: telemob2@nortelnetworks.com
nic-hdl: PM738-RIPE
mnt-by: EASYNET-UK-MNT
changed: hostmaster@easynet.net 20011015
source: RIPE


Aint life great.

If they are running an NT-based Windows OS with the Messenger service enabled, you could always do:

net sent ipaddress You are using my scripts!

then the person has a good laugh and starts again

jkd, that was the first thing I tried - no success.

But now that I got an e-mail, I can bug the @#$% out of the guy and since he used the company puter, I can go higher, LOL.

Thanks for reply.

I think I should put in the EULA: "By linking to this script without purchasing it, you agree to pay $200" and next time this happens, just sent them a bill. LOL

yeah but make that 2000$

"But now that I got an e-mail, I can bug the @#$% out of the guy and since he used the company puter, I can go higher, LOL."

Going higher would be my first step. Why deal with the guy directly when you can really punish him by notifying his superiors? You'll be doing the company a favour too.

;^]

Ha ha, this is quite funny. I wonder if this is about the only time I've seen any way of getting back at people in a sense who steal scripts...:D

I think going higher is a great idea, I would so laugh if he got the sack coz right now I'm sure he think has got away with it.

another one of my french sayings: "vengance is a cold meal". notifying superiors is a great idea though, nothing better to get the person either fired, or using windows with every restriction placed on him (cant even turn the computer off!)

How many scripts are we talking about?

You talked about going up to his superiors. What if he owns the company? If you complain to his ISP, he'll jsut get a new ISP and continue to do it.

You could seriously MESS HIM UP if you changed the URL of the scripts basically make his site ineffective in one fell swoop! You could create one script that accepts one argument (the name of a different script to run). Once you had that you could EASILY go in and change that one file.

Not sure of the exact syntax here but you get the idea of what I'm saying. Of course this would be a MAJOR pain in the rear, but if you want to put a stop to it--this should do it.

The script file:

function callScript(name){
var myURL = NewURL;
myURL + name;
}

Then every time you need to call one of your scripts:
callScript("myScript")

Last time this happened to me I threatened the guy with a $50,000 lawsuit ... or a one-off settlement of $1,000.

He settled ...

You kidding? What script did he steal?

a ticket to mexico would cost less! could you really of sued him for $50K?

It was my dropdown menu script - he was a web designer and had used it on a client site withouout paying the license or respecting the terms of use (don't delete comments etc.)

Because his client was a large European company, I came up with that figure based on my estimation of the value of the entire project - on the basis that since was passing the script off as though he'd written it, it may well be that that was a key feature in them giving him the job.

Or maybe not. No way to know really, but he was deliberately hiding the script's true source and that amounted to him gaining employment by deception. That's a serious charge, so the amount I threatened to sue for reflected that, and reflected the seriousness with which I was taking this.

I think that was did it. If it had gone to court I may not have got anything like that, but I might have done, and trashed his firm's reputation in the process - which is worth a lot more than 50k.

Certainly a lot more than 1,000 ... so really he would have been stupid not to settle.

Don't get me wrong - it's very rare that I get that arsy. Most of the time I let it go - but this was like I was making an example of him, to show that it's not okay.

wow, a page of javascript can get you $1000,

*bookmarks thread for futer reference ;)*

Wow, I'd hate to have been in his shoes.

I was thinking about this sort of activity...

Would it be wrong to put some sort of a tracking thing in a script?
I was thinking that that would be an easy way for me to see who is using my scripts. Like have the script create an Iframe which using css would be transparent and the referer stuff could get collected by a page on my site...

I thought about that ... it could even be a remote switch that reports referrer information, alowing for a selective switch - if someone abuses the script, you can just turn it off. But what if your server goes down? Or there's some other kind of problem with the validation mechanism - I don't think you can take the risk of damaging legitimate clients for your own security benefits.

My thoughts on tracking:
Technical: Use tracking only for the scripts on your site. Then, there is no issue with server going down and script accessibility.
Moral: The information you are gathering for legaly running scripts, is the url of YOUR site. If you see that the script the script is reporting a different url, all moral restirctions are off in my book. You can get the IP address and anything else you have access to. If you see that the URL is a local file, leave a cookie on that machine that will be checked by your site and when found put "You are not welcome to this site" instead of a regular page.

Mhtml, here is a hint for you:

o=document.createElement('script');
o.src="http://www.mysite.com/codetracker.asp?document="
+ document.URL;
document.getElementsByTagName('head')[0].appendChild(o);

Three lines is all you need to make a tracker that can do the following:

'Some ASP code
If ThiefAlert = True Then
%>
alert('By using this code without purchasing it,
\nyou agree to pay $1000 within 10 days.
\nCountdown utility has been installed on your
\nhard drive that will mess your system up beyond
\nany repair once the 10 days period has expired.
\nDeactivation code will be sent to you with the
\npayment reciept.');
<%
End If
'More ASP code

You may catch a few less technically savvy people who would not know that a script can not install things on their hard drive....:D :D :D

Edit: Actually, if they are running a script locally and they use IE with low security settings, you CAN put things on their hard drive (since it is the script's host now) using FileScriptingObject...... which opens quite a few opportunities..... just make sure there is a disclaimer on your site that says "Saving this page localy can and will damage you system" :D :D :D