How can someone see your IP address without connecting?
Printable View
How can someone see your IP address without connecting?
I think you need to be a little more specific.
For one thing, someone can scan a range of IPs and get a list of what IPs replied to the scan.
Whenever you connect to a webpage the host can see your address...
There are many many ways to obtain an IP address...
without connecting....what do you mean !
sorry but i did not realize what you were tryin to say
If your question is "How can someone see your IP address without being connected to you?". Anybody has to be connected to you in order to know your IP adress. It can be with a scan, an access to a webserver which would be on your computer, a direct connection through an instant messenger....
If your question is "How can someone see your IP address when you are not connected?". The answer is the same: he can't. Because you don't have a real IP adress when you are not connected (if we forget the 127.0.0.1 IP adress which is a loop).
An IP address is very much like a listing in the telephone book. It's public information, you could ask for it.
If you have access to a router that has passed traffic from the machine in question, the arp tables would have that information. You would have to know the hostname to match it with the IP address in question, but there are ways that you could narrow down just one host.
I'd recommend reading more on networking and TCP/IP. You'll get some ideas.
Regards.
Edit : I am naturally assuming you are the admin of the network in question and have ownership of the IP/ machine you are looking to find out about.
My name is Masud and I'm new so please try to bare with me.I hope this is the right fourm to ask about these things.I'm getting quite a bit of intrusion activity on my machine,and my question is (how far am I allowed to pursue these culprits using some of the tools that are provided before I step outside of the legal paramerters)? Help! :) Please!
masud - you should really start a new thread if you're asking a question of your own, it isn't very polite posting an off topic question in someone elses thread and you have less chance of anyone seeing your post, thus not being able to help out!
ps Start a new thread and you WILL get an answer
Enjoy AO :)
r3b00+
masud, your question really should be in its own thread in a security forum. what your doing is interupting this thread. Go to discussion forums, select the forum that best suits your question either windows *nix or general security. When that forum loads showing all the newest threads it contains, click the button on top for 'new thread'.
Being as your question is already asked and i have no idea what hobbit921 is talking about: you can block anyone from accessing your computer but you cannot take any action against an attacker yourself. You can trace the attacking address and report that person to their isp, usually [email protected] or you can report the attack to the athorities if damage, including defacement, was incurred because of it or you were actually broken into. Scans do not mean your being attacked so watch what your reporting.
um. i would just like to say that i use kali, and that every time i connect the IP address show up, but its always different. why is that, i thought IP addresses were supposed to stay the same?
You're incorrect!Quote:
every time i connect the IP address show up, but its always different. why is that, i thought IP addresses were supposed to stay the same?
There are two types of IP addresses, static and dynamic, a static IP address you've gotta pay for, these are mainly only used by people running webservers, etc. so that they're always online.
A dynamic IP address is an address assigned to you, by your ISP, every time you connect to the internet and this is taken from a pool of IP adresses available to your ISP. Therefore every time you connect you are given a different IP address.
Hope this cleared things up a bit for you.
r3b00+
Aside from the static and dynamic posted about previously byrb300+ (good post too) there are also rollovers. When you connect to busy sites they are often using multiple servers to handle the traffic. DNS's can be set up to use different types of access to these multiple servers so that on DNS entry can be used for many servers. The easiest, and most common, is the roll over. If you have three servers where Server1 has IP1 etc. Then the first time your DNS name (URL) is resolved by your DNS it will return IP1, the second time IP2, third time IP3, fourth time IP1 again, and so on. This spreads out the load without requiring a ton of URL's. There are also load balancing algorithms that work similarly but are more efficient where the servers are actually polled for availability.Quote:
um. i would just like to say that i use kali, and that every time i connect the IP address show up, but its always different. why is that, i thought IP addresses were supposed to stay the same?
One excellent example you can see this with is Yahoo. If you resolve yahoo's DNS name a number of times you will get different servers almost every time. There is just no way one server could handle the sizeable load a site like Google or Yahoo have to deal with. BTW for this type of setup the servers used to be required to have static IP's. When I set up this type of system I had to fat finger in the IP addresses. Newer DNS's may allow more dynamics but I seriously doubt it for this type of implementation.
I would like to have some idea , if you guys have time to listen .I'm sure this has been written somewhere else - or you might know it already .
IP : Public and Privite
Private : Define clearly in RFC 1918 : 10.0.0.0->10.255.255.255 , 127.0.0.0->127.0.0.255 , 172.16.0.0->172.16.255.255 ,192.168.0.0->192.168.255.255 . These IP don't have to obey the class rule . Which mean 10.0.0.0/24 or 192.168.0.0/16 is a valid one .
Public : All the rest IP , and below 224 which is considered class D.
When you use Dial-up service , (ISDN or PSTN) , you connect to the Internet via your ISP which will provide you an Public IP (depend on Geographic location - My VietNam is 203.162.x.x) from the IP pool which the ISP are given itself by a larger IP-leaseable ISP. So , when you are using such Circuit-switch connect , and when the line are dead , you do not have any Public IP . Using a NEO Monitor IP , i can capture my ip (or simply ipconfig command) and the Public IP of other one that i have a TCP connection with .
Now about the leased ip stuff . Rarely someone at home rent a whole IP or an IP network . Small company who want to provide internet or VPN to a number of users can rent at least 4 , 5 IP ( 1 for WEB server..ect..) . And the inside network could use IP private which is unlimited and when a user need to connect to internet , it's obvious that he/she needs a public one . So Router , or Server with Nat/Pat feature can translate such private IP to public IP , and vice versa when a unknown Internet host want to access your Web server which has local IP .
However , large company buy an range of IPs and allocate each host with an public IP . In such situation , well , the host is more vulnerable unless nessesary precaution must be taken .
Well , it is just something i know .
ok. thanks for the heads up. i knew there was a reason and i was pretty close to the answer :). thanks anyway, though
r3b00+: but if i have a leased line connection,that means i never get d/c then my ip wount change, is that right ?
Bimmer: If youve a leased line you should have a static IP address, but im not too sure to be honest.
BUt if youre paying for a leased line, which isnt cheap then im nearly sure youre gonna have a fixed address.
Its easy to check yourself!
Someone else here might have a better idea.
Cheers
r3b00+
lol