Results 1 to 8 of 8

Thread: ip question...?

  1. #1

    Question ip question...?

    hi! From my last post i came to know that if some one have your ip, he/she could do some harm to you. I wonder if it is true. and if it is than can he get information about the person whom ip he has...? If yes than plz explain it to me, what can he do and HOW? i want to ask this question but i m afraid that people here might take it as an attempt to gain hacking knowledge, if you are thinking than sorry friends you are wrong. i m asking this just to increase my knowledge and strengthen my security. Hope for some good response.

  2. #2
    Senior Member
    Join Date
    Apr 2002
    Posts
    380
    If someone has your IP and has bad intentions, that person can scan your computer for open ports to try to infiltrate your computer. One way of knowing if you have open ports is to use the following test :

    http://www.pcflank.com/test.htm

    Now if you don't have a firewall running, you are asking for trouble so I would suggest getting one ASAP...

    As of knowing who you are, that cannot e figured out with the IP alone. Off course if someone manages to infiltrate your machine and you wrote your name and adress somewhere on it then they can get it...
    [shadow]Scorp666, the Infamous Orgasmatron[/shadow]

  3. #3
    Senior Member
    Join Date
    Dec 2001
    Posts
    291
    hmmm thats a fairly broad question, the fact is yes it is possible for one to do harm to you with your IP, risks can range from a simple denial of service attack (which typically just slows or killls a connections speed in its entirety) to actual attacks on running services such as file sharing and web services (typically a desktop or simple home machine arent too suceptable to these as they dont run too many services).

    The what and hows are on a list as large as the phone book in my city, it all depends on a number of factors, how often your IP changes if it changes, your bandwidth (connection speed), what operating system you are running, your ISP's network architecture, what patches and software you have loaded, even the type of web browser you use.

    The best advice I can give you in the situation of being a beginner is to pick up a firewall or firewall software (software such as norton personal firewall can be purchased fairly cheaply), get a good antivirus program, keep both of them updated (this is the most important), keep your system and other software updates, use good passwords (dont use your moms name or a dictionary word, try using numbers/letters/and perhaps an odd character such as %), and be aware of opening files or emails from strange and suspicious sources.

    with all that to worry about, I will say one thing.... the typical attacker is what we call a script kiddie, they typically use outdated exploits which are useless against up to date systems, and look for easy targets (simply doing the above will remove you from that list). There are a few nasty black hats out there yes... but they too are typically concerned with business or more attractive networks. Even so, you should still keep yourself aware, watch for software updates, oh and the most important thing in the world BACK UP!!

    thats about the easiest I can answer that question, if your more concerned with a particular attack, try doing searches in the forums on this site, google, and other security sites... with a little persistance you'll easily find what you need.

    Best of luck

    ~~in edit, response to scorp's post that I missed while typing this long winded spiel~~

    The fact that they cannot get information about you from IP only is not entirely true, anyone can do a ping trace and a whois to get a providers information... from there it is only a matter of presenting a subpeona to the provider to obtain the information, or simply retreiving it via social engineering (tricking an unaware receptionist for example). Typically social engineering information from a provider is quite simple, most receptionists and support people are understaffed and quite busy, and it sometimes is easier for them just to answer a "quick question" from someone in a management position or perhaps from the "internet child abuse hotline". I track people down via IP daily when fraudulent orders are placed on our site, however it does take a little effort and once again, your typical script kiddie will either lack the knowledge, or the persistance to go that far.
    ~THEJRC~
    I\'ll preach my pessimism right out loud to anyone that listens!
    I\'m not afraid to be alive.... I\'m afraid to be alone.

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    With an ip address, what a person can learn about you depends on the type of connection you have.

    if you are connect using something like aol then by using the tracert command she can ascertain your approximate location by finding the location of the proxy you are attached to and the account number you are presently assigned.

    If you have a registered web site and you have given all the information requested at the time of registration, much can be learned about you with whois and dig. A zone transfer might reveal you internal ip structure.

    Scanning ones ip addy with something like nmap will disclose your os and all the services you are running.

    Various vulnerability scanners can then be run on those services and compared to a list of exploits she has for those services.

    A DoS attack can be launched against an ip addy.

    these are just a few examples.

    Of course knowing all these things can be done you would put defenses and detection systems in place to find out when and who attempted these things. The chances increase every day that the intended intruder will be caught.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  5. #5
    Senior Member
    Join Date
    Dec 2001
    Posts
    321
    Bassically if he has your ip addresse it's like having your home addresse and he can do lots of things.
    That person can lunch different type of attacks with different results, the least harmful would be to kick you offline the worst would be to total your pc....
    for ways of doing that look at google.com or the archive files proposed in this site but most of them won't work anymore because these are known flaws and they have been fixed.
    Plus if you are using a regular modem u don't have to worry about that sicne your ip is assigned by your isp from a certain range and there are no guarantees that you may have twice the same ip. It's different if you are using dsl (depands what kind of services u suscribed for) cable T1... then u have a fixed ip and it's a different story u need to set up a firewall so check out the tuts
    and good luck
    assembly.... digital dna ?

  6. #6
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    nabylbt running a vulnerable mach on a dynamic ip is still a very dangerous thing. You can have your identity stolen get wiped out financially, trojans and virii placed. Not just to be disagreeable but no one shoud consider themselves safe just because they dial up.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  7. #7
    Really and truly, MOST of the people who have the capability to bypass firewalls and other basic security precautions don't bother themselves with entering home computers...so basically i advise you to get a firewall ( i reccomend Tiny's firewall) and get it soon. Most of the threats by someone you piss off in a chat room or something that say they're entering your computer at this time, bypassing some made up technical term that they thought up at the spur of the moment off of the top of thier heads...etc, are just 12 year olds with virtually no computer knowledge trying to sound smart and technical. Ignore 'em, get a firewall and rest easy....you'll at least be under the illusion of security

  8. #8
    [[shadow]B]hmmm thats a fairly broad question, the fact is yes it is possible for one to do harm to you with your IP, risks can range from a simple denial of service attack (which typically just slows or killls a connections speed in its entirety) to actual attacks on running services such as file sharing and web services (typically a desktop or simple home machine arent too suceptable to these as they dont run too many services[/shadow] ).

    What is service attack, plz tell me in detail about it, and whether keeping my self upgrade with a firewall like zonealarm and antivirus like norton, assure my safety from all types of hacker?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •