He also said that the FBI had leads of its own. "They already had a kind of idea who it was, because they gave me an IP address to look for," he said, which made it much easier to locate the section of his logs pertinent to the Palin hack.
But he couldn't link Kernell to that IP address.
"Because I'm not in contact with the Internet service provider, I'm not 100 percent sure of where the IP is based," he said. "But from what I can tell, the IP address doesn't look consistent with the media reports."
ISPs are assigned blocks of IP addresses that they in turn parcel out to their users. If that ISP is small and serves a localized customer base, it may be possible for outsiders to connect an individual to an IP address with some certainty.
"It's public knowledge where an ISP is located, but if they serve a wide geographic area, it may not be easy to figure out a connection," Ramuglia said.
He declined to name the ISP to which the IP address was assigned, saying only that it is "not a well-known ISP and seems to be a small, residential ISP."
The ISP, of course, would be able to identify its customer by the IP address, Ramuglia noted.
According to rubico's confessional message last week, Palin's account was accessed by resetting its password, a process that required a correct answer to a single security question. Rubico claimed that the online research needed to reset Palin's password took just 45 minutes.
Before the incident, Palin, the Republican nominee for vice president, had come under fire for using private e-mail accounts to conduct state business. Some critics had accused her and others in her administration with using private, rather than state-provided accounts, to skirt message-retention and public records laws.