One or the most important advice in Uplink is not leaving hints where your gateway is. The game has two methods of tracing an attack: active and passive tracing.

Active tracing should be clear. Always when the target notices an attack the attacked system starts a backtrack. Never let the active tracing reach your system or you get in real trouble.

The passive trace begins at the point where the active trace ends. Either your hack was that good the active trace never started or the administrator has the info about the last server you bounced to.
Every connection leaves log traces on servers that were used. So the administrator follows your bouncing route. If you do not do anything the passive trace reaches your first used server and will read in the log "Connection from 127.0.0.1. routed to xyz". Gotcha! It needs a very long time but it works.

Now, what do you have to do? You have to log onto a server with admin rights and clear the logs. You must start with a server where you have easy access to the logfiles and from where you won't be traced. The answer ist the "InterNIC"-Server.
Connect to it and go to admin and use the password breaker on it. Now you get access to the logfiles. Keep in mind that it would be suspicious when there is only the disconnection log. So keep the connection log and the "password accepted" log. Thats it.
The fact InterNIC doesn't trace your hack the admin password will be always the same so future connections will be faster :)

I've played I think 3 times and at various points I was caught by passive tracing and I gave up after that and waited some months before trying again.

I'm curious, a friend told me about this earlier but if you do this trick does that effectively kills off passive tracing or do your enemy agents have some nasty tricks closer to the end?

It depends on your software. The LogDeleter has several upgrades and only the highest version can erase logs without recovering them. Lower tiers should leave a blank log that can be recovered by an UnDeleter. An UnDeleter can also restore the original log information if it was edited.
But there is no other way enemies get your IP.
On later missions you must force a track and have to modify your logs so that other agents get into jail.

Uplink Corporation busted me, because I was using their Internal Services System as one of the bounces. Careful log deleting in InterNIC after every mission didn't save me. Why would they do that?

That doesn't sound familiar, I always bounce through the Uplink servers, and I never get caught. Make sure that the InterNIC is always the very first server you bounce through. (So your gateway connects directly to the InterNIC)

Are you sure about that? It's an admin account, whose password you have to hack, therefore it's a password you shouldn't have. That seems suspicious to me. When you connect to legitimately use the service it logs only the connection and disconnection.

You have to hack the password only one time. A password only changes when the system begins an active trace ("Our servers has been hacked, so we need a new one."). InterNIC never traces so the password remain the same. And when you log in as the admin you create a log with 127.0.0.1. password accepted (successful logins will be saved with username and password -> your login to your game after starting Uplink is only connecting to a server (of course not a real one ;) ).

The normal Uplink Co where you are hired can and will trace you when you try to hack into one of the official servers (the one where you can buy Software, Hardware and get new mission. Ever tried to hack into the file system? Do it if you can). InterNIC ist just a server where all server adresses has been collected.

I've always been wondering. At some point I came to the conclusion that the Uplink Test Server is the best answer since they won't bust you for hacking this particular server (after all, getting caught by this server is even part of the tutorial and doesn't cause any consequences). So isn't erasing the logs of this machine just as good as InterNIC? I was surprised to see that most people use InterNIC although some players use the Test Server. Is there any particular reason why InterNIC is better than the Test Server?

Btw: "Ist". Haha, you Germans crack me up (just kidding, German is my first language too and I make the same typo all the time :B).

I don't really know exactly how password resets are decided, but it seems to only happen immediately when the active trace is over 50%.

Also, in the InterNIC you should remove the "Password accepted" log.

I know the password never changes on InterNIC, but it's still somebody else's password for somebody else's account. Just 'cause you don't need to hack it every time doesn't mean it's not still a hacked account. We are not admin, and would not be logging in at all if we were just there to use the legitimate service (i.e. looking up IPs), therefore logs that show us entering a password show that we're doing something on the server that we shouldn't be doing.

Even if InterNIC doesn't care, leaving the password accepted log is still leaving evidence of wrongdoing. Seems to me that another company, one who's tracing you, might figure out there's something fishy going on and use it against you. And even if they don't, I can't see any possible benefit to leaving logs of your illegal actions around that are tied directly to your gateway's IP.

There are even mission for that but you need to have a high rank.

@F4LLOUT: you can't imagine how often this happen to me ^^