cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
james_sanzin
Community Champion

Is there a way to track where a log in occurred from?

Jump to solution

Over spring break we had 2 instructors  receive an inappropriate message from a student account. 

The student claims she was "hacked," Her mother claims the student was with her at the time the incident occurred. The instructors report that they would not expect this type of behavior from the student. 

I seriously doubt the student was actually "hacked." It seems more likely that someone gained knowledge of her password. 

Any one have any ideas on how to investigate further or handle the situation? 

5 Solutions

Accepted Solutions
kblack
Community Champion

Hi  @james_sanzin ‌ - The user log that an administrator can download as a CSV file does indeed include a column called "Remote IP" that will show from which IP address the login occurred.  (The GUI that is illustrated on that page does not have that information; the CSV must be downloaded instead.)  The trouble is, of course, that if the student has a dynamic IP address like most ISPs offer these days, that information will not be terribly helpful.  But still, if the "hack" occurred right after a previous login that was "legitimate" it may very well still have the same IP address.

Hope this helps a bit.  

View solution in original post

kona
Community Coach
Community Coach

To add to what  @kblack ‌ said, we've been able to use the CSV file to see a pattern of home vs. school vs. phone for the student, and even operating system. You could use this to help identify something that doesn't fit with the normal pattern.

View solution in original post

mjsumaya1
Community Member

As a student I recently had the same thing happen to my account. I have looked all over the canvas site trying to locate this data (CSV) file to prove That I am innocent which is very easy for me to do due to haveing five static I.P. numbers whereas the hacker's I.P. would be different than my I.P. number with this information I could prove my innocents
As I am not a Professor I have no access to this data. How can I get this data?

On a different note, I sense a violation of my rights as a user of the Canvas program that my movements can be tracked by canvas by using the canvas application on my smartphone. in addition to not being informed of this very fact with the right to know?

Am I wrong to believe this?

View solution in original post

0 Kudos

 @mjsumaya1 ‌ To close out the story, this student was not actually hacked. It turns out this student chose to log in and let a "friend" use their device. That "friend" sent the inappropriate message. 

View solution in original post

mjsumaya1
Community Member

I would like to thank everyone for replying to my question and assistance in clarifying that I should have been aware of the login information has and is being recorded by the canvas program, However I would like to argue that if the administrators of the canvas program at my school would have investigated this further and asked this question to the canvas programmers and not just assume that I was guilty merely because I am a 56-year-old single Hispanic male that I am guilty as they accused me. I would not have had to endure the shame and humility of being labeled as some kind of sexual deviant in my school for what was said to my professors. In addition, I was told by the Dean that the I.T. department informed him that it was me and that I had not been hacked when in fact the canvas program would clearly show that the I.P. used by me is the same I.P. address I have been using since the very first time I logged in the program and that the hackers  I.P. address is totally different and Yes I was hacked.

View solution in original post

9 Replies
kblack
Community Champion

Hi  @james_sanzin ‌ - The user log that an administrator can download as a CSV file does indeed include a column called "Remote IP" that will show from which IP address the login occurred.  (The GUI that is illustrated on that page does not have that information; the CSV must be downloaded instead.)  The trouble is, of course, that if the student has a dynamic IP address like most ISPs offer these days, that information will not be terribly helpful.  But still, if the "hack" occurred right after a previous login that was "legitimate" it may very well still have the same IP address.

Hope this helps a bit.  

View solution in original post

kona
Community Coach
Community Coach

To add to what  @kblack ‌ said, we've been able to use the CSV file to see a pattern of home vs. school vs. phone for the student, and even operating system. You could use this to help identify something that doesn't fit with the normal pattern.

View solution in original post

mjsumaya1
Community Member

As a student I recently had the same thing happen to my account. I have looked all over the canvas site trying to locate this data (CSV) file to prove That I am innocent which is very easy for me to do due to haveing five static I.P. numbers whereas the hacker's I.P. would be different than my I.P. number with this information I could prove my innocents
As I am not a Professor I have no access to this data. How can I get this data?

On a different note, I sense a violation of my rights as a user of the Canvas program that my movements can be tracked by canvas by using the canvas application on my smartphone. in addition to not being informed of this very fact with the right to know?

Am I wrong to believe this?

View solution in original post

0 Kudos
kona
Community Coach
Community Coach

Per my reply to your other post, students and even teachers don't have access to this information, only Canvas Admins have access to this information. You would need to reach out to the admin at your school to get this. If you're not sure how to do this then click on the Help link in Canvas and Report a Problem. 

As for yoir second question, I'm not an expert in this, but as far as I'm aware Canvas does not track your location specifically, just the IP address from wherever you are logging in and using Canvas from. This is pretty standard and written into pretty much every user agreement for most (if not all) program/apps you use on the computer and your phone. In general you'd probably be surprised by the information that's being collected by the apps you use on your phone, but it's not illegal because you check the "agree" box (where it's spelled out in legal terms) when you download and go to use the app. 

Hope this helps!

 @mjsumaya1 ‌ To close out the story, this student was not actually hacked. It turns out this student chose to log in and let a "friend" use their device. That "friend" sent the inappropriate message. 

View solution in original post

abunag
Community Champion

To build off your answer to the second question - if a user is using the App, they've agreed to two sets of permissions - first from the Canvas Terms of Use which is agreed to upon first login, and then a set of permissions that are agreed to upon installing the App for the first time.

As for tracking IP addresses - while they can sometimes be deciphered into physical locations, that's not their point.  Their point is to tell apart each computer connected to Canvas, so Canvas knows where to send specific information.  The best, simplest analogy is a computer's "phone number".  Tracking an IP is not only appropriate, it's pretty much a requirement for a website to operate appropriately.

mjsumaya1
Community Member

I would like to thank everyone for replying to my question and assistance in clarifying that I should have been aware of the login information has and is being recorded by the canvas program, However I would like to argue that if the administrators of the canvas program at my school would have investigated this further and asked this question to the canvas programmers and not just assume that I was guilty merely because I am a 56-year-old single Hispanic male that I am guilty as they accused me. I would not have had to endure the shame and humility of being labeled as some kind of sexual deviant in my school for what was said to my professors. In addition, I was told by the Dean that the I.T. department informed him that it was me and that I had not been hacked when in fact the canvas program would clearly show that the I.P. used by me is the same I.P. address I have been using since the very first time I logged in the program and that the hackers  I.P. address is totally different and Yes I was hacked.

View solution in original post

kona
Community Coach
Community Coach

 @mjsumaya1 ,  I'm sorry to hear about your situation. I'm not sure of the procedures at your school, but at ours the student can request this type of information (their own login history with IP address, etc) as part of the disciplinary process. My recommendation is to request a copy of this information from your IT department.

As a side-note, is there no way that someone got a hold of your phone or computer and could have done this? It's not unheard of that people could think they were "pranking" you and have done this.

Yeah, I launched an investigation and checked in to this before I allowed the teacher to make any rulings. Thats why I created this question, so I could make sure what I was doing before I allowed the teacher to place any blame.