The Value of IP Adresses

[Muskelmann098]

Hello,

I've seen that many people believe that if you get someone's IP address, you can do a lot of harm to them. Some people claim to be able to remotely control other computers through their public IP Address. Although I haven't seen any examples of it, I got curious and so I'd like to as you, since I recon there are people on HTS with plenty of experience: What can you really do with only a public IP address?

Examples/Stories are welcome

[Phantom Wolf]

Not all that much. You can trace it to a general location, but that isn't always accurate. You could scan the ports and look for a vulnerable service running.

A lot of people don't even have public IPs. Me for example, the IP I see at a site like http://www.ipchicken.com/ isn't my IP address, it's sort of shared between every cellphone (or similar device) connected to the same tower. My router isn't actually visible to the Internet

It is entirely possible to be able to take control of a computer if you have its IP address, just not likely.

[insomaniacal]

Phantom Wolf covered all the bases pretty well. Most devices connected to the internet today aren't using a modem directly, but rather connect via a router of some type. So, generally, when you see an IP, there's a good chance it doesn't even point directly to a computer.

People that say "I can h4x0r j00 wi7h t3h IP33z" are generally skript-kiddies who have just completed reading their first wikipedia article about networking, and have downloaded "Hacking toolkits" which ask them for a target IP. If you meet any of these in your internet travels, tell them that your IP is 127.0.0.1, and hopefully, lulz will ensue.

[Muskelmann098]

Thanks for your answers both of you.

I haven't had the pleasure of being threatended like that yet, but I'll be looking forward to it

I would assume that those 'hacking toolkits' scan for vulnerable processes and use known exploits to 'h4x0r' the poor bastard on the other end? The only way I see it as truly useful though, would be if you could already plant a program on their computer which would receive instructions from your machine and act like a Trojan, but then we're into something entirely different.

So bottom line then, not to worry

[insomaniacal]

Thanks for your answers both of you.

I haven't had the pleasure of being threatended like that yet, but I'll be looking forward to it

I would assume that those 'hacking toolkits' scan for vulnerable processes and use known exploits to 'h4x0r' the poor bastard on the other end? The only way I see it as truly useful though, would be if you could already plant a program on their computer which would receive instructions from your machine and act like a Trojan, but then we're into something entirely different.

So bottom line then, not to worry

Yea, you've got the right idea. They'll usually be preloaded with a couple different exploits targeting certain operating system vulnerabilities, or some common software vulnerabilities, then they'll have a payload, which tends to send account names and passwords to an FTP server somewhere. Generally, the kinda stuff you see on Hackforums.

What you're describing is essentially a botnet. Generally, a virus will be embedded within another executable that makes your computer join an IRC chatroom, and then the "bot-master" issues commands to all the infected computers from there.

[Phantom Wolf]

People that say "I can h4x0r j00 wi7h t3h IP33z" are generally skript-kiddies who have just completed reading their first wikipedia article about networking, and have downloaded "Hacking toolkits" which ask them for a target IP. If you meet any of these in your internet travels, tell them that your IP is 127.0.0.1, and hopefully, lulz will ensue.

Even a lot of script kiddies know that 127.0.0.1 is a loopback address. You should give them something like 127.56.238.43 which would probably still work, but wouldn't be so easily recognized. (Basically any address that starts with 127 is a loopback address)

[RevengeDriven]

Not all that much. You can trace it to a general location, but that isn't always accurate. You could scan the ports and look for a vulnerable service running.

A lot of people don't even have public IPs. Me for example, the IP I see at a site like http://www.ipchicken.com/ isn't my IP address, it's sort of shared between every cellphone (or similar device) connected to the same tower. My router isn't actually visible to the Internet

It is entirely possible to be able to take control of a computer if you have its IP address, just not likely.

Its not possible at all to take control of a computer with just an i.p. The person would have to somehow download something from the person trying to take control of the computer. Knowing an i.p. doesn't do you any good.

Even port scanning for ports running vulnerable app.s is of little use unless you have the skills to set up shop on the computer you are scanning.

Phantom Wolf covered all the bases pretty well. Most devices connected to the internet today aren't using a modem directly, but rather connect via a router of some type. So, generally, when you see an IP, there's a good chance it doesn't even point directly to a computer.

People that say "I can h4x0r j00 wi7h t3h IP33z" are generally skript-kiddies who have just completed reading their first wikipedia article about networking, and have downloaded "Hacking toolkits" which ask them for a target IP. If you meet any of these in your internet travels, tell them that your IP is 127.0.0.1, and hopefully, lulz will ensue.

The only i.p. from a router visible on the internet is your WAN side i.p.....which is indeed your public i.p. You also have your LAN gateway which is non-routable and not visible to the internet as no one can see past the router on your network.

[Goatboy]

Its not possible at all to take control of a computer with just an i.p. The person would have to somehow download something from the person trying to take control of the computer. Knowing an i.p. doesn't do you any good.

Knowing an IP does you tons of good.

First and foremost, how are you supposed to launch an attack against someone if you can't specify their computer? The IP address in and of itself is just a number, but it's what enables attacking in the first place. And while you are right in saying "Its not possible at all to take control of a computer with just an i.p.", it's not a very big step from an IP to ownd if that particular computer is vulnerable.

Additionally, an IP address can reveal geographical, ISP, and in some cases personal information, all of which can be used to help in a social engineering attack. You would be surprised what people will tell you if you say you grew up in the same area or even use the same ISP.

Even port scanning for ports running vulnerable app.s is of little use unless you have the skills to set up shop on the computer you are scanning.

Or you can find an exploit online/use Metasploit.

[RevengeDriven]

Yes very true your i.p. plays an intricate part in possibly getting hacked. However the 'hacker' would have to start with port scanning your computer. They would than have to find an open port and either have your help i.e. downloading something to help them implement an attack on that port OR they would have to have an exploit for an app. running on said port.

I still contend that just having an i.p. means nothing. You have to have skills way beyond even being able to port scan to 'hack' a computer. Especially if the computer is a home computer and the 'victim' should have WAN side pings turned off in the router (like I do) than what will you do with the i.p.? Even if you have an i.p. you should still need to ping my machine to see what ports I have open (if any) 'cause again with just an i.p....that means nothing.

This should clear things up a bit more.

Code: Select all

http://aboutinternet.org.ua/6097final/lib0109.html

To attack a computer, you need your target's IP address, which you can get either through ping sweeping or by looking up a domain name on the Network Solutions website

Code: Select all

http://www.networksolutions.com/cgi-bin/whois/whois

. Once you know a computer's IP address, the next step is to find which ports are open so you know which ones you may be able to use to access the target computer.

Finding a computer and an open port can get you into a computer, but finding an open port is not enough.Hackers must find out which operating system the computer uses so they can know which commands to use and how to take advantage of any known vulnerabilities in the software that could save them from having to guess the computer's password.

[Goatboy]

Well if you're going to assert such a limited view of things, you might as well say that a house address is useless for a taxi, and that a phone number is useless if you want to call someone.