I had a question related to this matter. When you ping or run a trace on someone's IP/domain name, is their box, domain, or AV alerted to such activity immediately or logged in somewhere were they can check later to see if such activity has taken place? And if so, does that information provide the actual IP address of who is probbing them and where is that information stored?
I am guessing yes, because I think I vaguely recall warnings from my own AV years ago. long before I had a clue about, much less knew I wanted to get into security, that went something to the effect of "echo request ping 123.456.78.9" or "ping echo request 123.456.78.9" or something to that effeect. Again, that was years ago and long before I had any interest in security, I wouldn't have really known what was happening other than an intrusion detection warning. And again, I very vaguely remember this, so I could be confusing and mixing this with a couple other warnings I remember from that time. I don't recall any such warnings since and if I knew for sure I wouldn't be posting.
And how likely is such activty liable to cause the target to take some sort of action against you, if they are up to speed? Or are they just going to think, Hmmm, I been probbed, unless further action results from it?
And if your actual IP address is shown, what can you do to hide it while running a ping/tracert?
The reason I am asking this is for one, to build my knowledge, and two, I went out wardriving about a week and a half ago, for about a week and a half, just using netstumbler and was following up on the signals I gathered to see what I could learn myself from it and noticed some IP addresses under the subnet category and was trying to verify if they were in fact their actual IP addresses or not, or if they were even actual IP addresses, cause some pings resulted in nothing at all.
But, I wanted to know before running any further pings/tracerts and before I piss someone off, and so I don't skyline myself, as well :D