It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

What does my IP tell 'them'?

page: 1
0
<<   2 >>

log in

join
share:

posted on Mar, 16 2009 @ 02:10 AM
link   
I have been following this thread about a possible abduction with the poster wondering if ATS sparked it. This got me to wondering about IP addresses and how much information can be gathered from it. I travel constantly and usually have hotel connections and when at home I am on the Apartment buildings free WiFi. To this point I have never had this laptop connected to a connection that has my name tacked onto it.

What sorts of information can be gathered on me with this? I have the basics of internet knowledge but this I do not know of.

I could see being able to follow a pattern of where I am and doing a track back but does my comp send out information that could link to me specifically? Is there really anything that someone could do to block the traceability of your internet usage?




posted on Mar, 16 2009 @ 02:25 AM
link   
There are two types of IP (Internet Protocol) connections/addresses. One is called static and the other is known as dynamic.

The IP address is an address that is given to a specific internet connection, and not a computer. People who use dial-up Internet have the dynamic IP connection, which means that their IP number is always changing, whenever they sign on to their internet service provider's internet.

People who use DSL or Cable Internet connections have static IP, meaning that because their internet connection is always on, they will always have the same IP number, with that Internet provider. If they were to change their Internet service with a different provider, for the same home location and same computer, their IP number also changes.

With an IP number, anyone can track the location of where your computer is, so as long as you still have the connection open. Dial-up Internet Providers always rotate their user's IP addresses, so trying to find someone through dial-up can be difficult without looking at all the known computers that have used that specific number.

For wi-fi users, their IP number will also change to that of the wi-fi provider's number.

Hackers can manipulate a person's computer by controlling the computer through the IP address, which is why we have firewalls to protect us.

Through the IP address, you can find out a person's personal information, who their internet provider is, where they live, their phone number, and home address.

The truth is that there is no such thing as totally privacy on the net. You will always leave behind clues to your identity. The most privacy you can get is if you use an internet proxy to mask your IP address to that of another, but this will still allow any investigators of police force to trace you. All they need to do is find which IP addresses are tied to the proxy and then trace that one to you. Hackers will use a proxy to mask their IP using 10's to 100's of different IP addresses from countries all over the world, which makes tracking them down difficult, due to having to go through international privacy laws.

[edit on Mon Mar 16th 2009 by DJMessiah]



posted on Mar, 16 2009 @ 03:15 AM
link   
Your IP can be compared with usage logs to trace your individual ISP account. Often, your IP address can be DNS resolved to show what ISP you're using, and in what city your account is registered.

Someone can guess your geographical location based on your IP address.

Actually, if an ISP can afford to do so, it may continually give out the same dynamic IP address to the same account.

Anonymizing routing services block your true IP from the webserver, but rogue gateways can be set up to follow you around, and even conduct man-in-the-middle attacks (stealing submitted info, phishing, impersonating you, etc).

You're better off using SSL whenever possible.



posted on Mar, 16 2009 @ 08:08 AM
link   
Rogue gateways? DNS resolving IP addresses? And since when can you get a home address from an IP address alone?

Please ignore the two posts above, they don't seem entirely sure about what they're talking about. Just my opinion, no offense intended.

Your IP, itself is not too revealing. At most, someone conducting a WHOIS lookup (not resolving a DNS name) can view your ISP's information, and it will provide them with an address and phone number of your ISP. Keep in mind, this applies to home use only, though. When using some governmental systems and higher-end business systems, there is a chance the organization's name will show up instead of their ISP.

Since your laptop has never been connected to anything with your name on it, I wouldn't worry about much being traced back to you just from your IP address. The only really conceivable method to track you would be either by installing some form of a trojan on your computer that tracks/logs your activity, or by a convoluted process of tracking down which networks you accessed via their public IP, then accessing those networks, getting your MAC address, and attempting to retrieve logs from the local networks you accessed that match your computer adapter's MAC address (The MAC address being a unique address that looks like 00:01:02:03:04, consisting of 5 two-digit hex numbers assigned to anything that can connect to a network. It's generally how static IPs on local networks are assigned and some other stuff you don't really need to worry about - even then, you can spoof mac addresses).

That answers the OP's simple question, but to go more into depth:

Assuming most of us have a home connection that we use, I feel it's necessary to go into that aspect of the discussion. As noted above, there are two types of IP addresses - static and dynamic. Generally with dial-up, you do get dynamic IP addresses, addresses that change constantly with each connection you make to the ISP, but DSL users also generally have a dynamic IP address, unless they specifically request a static - they just generally have to unplug/plug in their router for their address to change. I believe that most WISP (wireless ISPs) use dynamic IPs, too. Cable and other high-speed broadband internet services (FiOS, for instance) mainly use static IPs.

What does this mean? Dynamic IPs are generally harder to track without a specific date and time, since all of the IPs are shared among a region of users. If a government agency is attempting to get user information for an IP address, without a specific date and time, chances are, they will get a list of hundreds, if not thousands of customers that use that range of IPs. If they have a date and time, the ISP just has to look up which user was assigned that IP address at the given time.

Static IPs are complete different. If the agency has the IP, chances are it will be directly traced back to the account with little problem, since it's only assigned to one person.

How can you prevent this? There are various services that hide your IP addresses, such as VPNs hosted overseas, or proxy servers that are hosted in various places. Some popular anonymisers are JAP and Tor. Keep in mind, these may not be legal in your country - I believe Tor is facing legal issues in a lot of the EU as a result of the nearly impossible IP tracing it provides (It's called an onion proxy - one proxy connected to another proxy connected to another proxy, and so on, until it hits your computer, making it necessary to track the connections of at least a dozen different proxies that maintain thousands of connections at a time - a virtually impossible task).

Hope this is of some value or help



[edit on 16-3-2009 by Highground]

[edit on 16-3-2009 by Highground]



posted on Mar, 16 2009 @ 11:02 AM
link   

Originally posted by remotemedic
I could see being able to follow a pattern of where I am and doing a track back but does my comp send out information that could link to me specifically? Is there really anything that someone could do to block the traceability of your internet usage?


What about your MAC-address? Every PC has a distinct MAC-code, and al your PC components have unique codes. Easy....



posted on Mar, 16 2009 @ 11:19 AM
link   

Originally posted by Neo Christian Mystic

Originally posted by remotemedic
I could see being able to follow a pattern of where I am and doing a track back but does my comp send out information that could link to me specifically? Is there really anything that someone could do to block the traceability of your internet usage?


What about your MAC-address? Every PC has a distinct MAC-code, and al your PC components have unique codes. Easy....

Not necessarily true. Network adapters have MAC addresses. Your wireless adapter has a different MAC than your Ethernet adapter. If your computer doesn't have a network adapter, it doesn't have a MAC address
.

In realistic terms, though, the MAC address is normally sent to the router/switch you connect to to access the internet. Your MAC address is not visible "outside" of the network in that aspect. However, if someone was able to gather that you were present on a certain network, and had means to access that network's logs (provided the network in question keeps logs), they might be able to trace it back to you. Most home routers aren't that advanced, they can log websites visited, but not the MAC address the query originated from. They store MAC addresses to static IPs, which can actually change when their lease is up... Unless you're in a corporate/enterprise environment, it's highly unlikely anything provable could come from knowing or tracing your MAC address.

And, as I said, MAC addresses can also be spoofed. My wireless card has a built-in function, as do most.



posted on Mar, 16 2009 @ 01:46 PM
link   

Originally posted by Highground
Rogue gateways?

Yes.


DNS resolving IP addresses?

You can do a reverse lookup on an IP address and get a hostname. It's been done before.


And since when can you get a home address from an IP address alone?

I never said home address, just ISP account. Law enforcement can access ISP records.


Please ignore the two posts above, they don't seem entirely sure about what they're talking about. Just my opinion, no offense intended.

You obviously know less than I do.

MAC addresses are a group of 6 numbers.

You also don't seem to know much about Internet protocol.


Dynamic IPs are generally harder to track without a specific date and time, since all of the IPs are shared among a region of users.

Logs on both ends as well as the gateways record date and time. There are date and time stamp at the application layer as well. You know what an application layer is, right?


How can you prevent this? There are various services that hide your IP addresses, such as VPNs hosted overseas, or proxy servers that are hosted in various places. Some popular anonymisers are JAP and Tor. Keep in mind, these may not be legal in your country - I believe Tor is facing legal issues in a lot of the EU as a result of the nearly impossible IP tracing it provides.

You also don't know how tor works. Tor is not impossible to trace because of rogue gateways. Intel agencies run tor nodes, in case you didn't know. At times, you're easier to trace through tor than through a direct connection. A rogue tor node that MIMs your SSL connection will render it useless.



posted on Mar, 17 2009 @ 01:35 AM
link   
WOW, thanks to all posters... I could have gone with a "Yup, they will find ya sucker!!!". Thats awesome, Ill whip out a internet dictionary and sift through all that.

Much appreciated all sarcasm aside. Thanks a lot.



posted on Mar, 17 2009 @ 02:09 AM
link   
If a person were running a LAN behind a router behind a router, i.e. two routers in sequence, would the MAC addresses of the individual computers on the LAN be untraceable?



posted on Mar, 17 2009 @ 07:27 AM
link   

Originally posted by vcwxvwligen
You can do a reverse lookup on an IP address and get a hostname. It's been done before.

Why bother with a reverse DNS lookup when you can submit a whois query?


I never said home address, just ISP account. Law enforcement can access ISP records.

Never said you said that. The first guy did.


You obviously know less than I do.

MAC addresses are a group of 6 numbers.

You also don't seem to know much about Internet protocol.

I was off an octet, not a huge deal, especially when I'm not writing a freaking whitepaper as much as I'm trying to explain as simply as possible the (realistic) possibilities of being tracked on the internet. You've never been in a rush to get something done and been mistaken?


Logs on both ends as well as the gateways record date and time. There are date and time stamp at the application layer as well. You know what an application layer is, right?

Yes, I know there are date and time stamps. If you reread my post, you will find I was referring to the agency conducting the interview. If they do not have a valid date or time stamp, it will be harder to pinpoint the user of a dynamic IP than if the agency HAD a timestamp. It was more of a pointless comment, but still relevant and I don't see any issues with it.


how tor works. Tor is not impossible to trace because of rogue gateways. Intel agencies run tor nodes, in case you didn't know. At times, you're easier to trace through tor than through a direct connection. A rogue tor node that MIMs your SSL connection will render it useless.

Two things: I never said it was impossible. I said NEARLY impossible. If you're running a Tor node yourself, it doesn't even matter because it would be unprovable you did the alleged activity yourself, similar to the people opening up their wifi networks after being contacted by the MPAA or RIAA. Second: weren't you saying, a few posts above, you're only safe on SSL? You realise that even if you were using SSL encrypted channels, you're still vulnerable to rogue gateways on your network. I'm pretty sure even Cain can intercept SSL connections.

As for the rogue gateways, yes, you are correct. I was thinking at the time, unless you're a "person of interest," it wouldn't really apply to you, but I realise that's the point of this thread, so I concede that point. You are correct, and apparently more knowledged in the field than I made you out to be at first. We all have our good days and bad days, yes?

[edit on 17-3-2009 by Highground]



posted on Mar, 18 2009 @ 05:06 PM
link   

Originally posted by Highground
Why bother with a reverse DNS lookup when you can submit a whois query?

whois doesn't tell you the individual hostname, which may contain clues


Never said you said that. The first guy did.

You said that I said


I was off an octet, not a huge deal, especially when I'm not writing a freaking whitepaper as much as I'm trying to explain as simply as possible the (realistic) possibilities of being tracked on the internet. You've never been in a rush to get something done and been mistaken?

You were also in a rush to discredit me, and to advise OP to "ignore" me.


Yes, I know there are date and time stamps. If you reread my post, you will find I was referring to the agency conducting the interview. If they do not have a valid date or time stamp, it will be harder to pinpoint the user of a dynamic IP than if the agency HAD a timestamp. It was more of a pointless comment, but still relevant and I don't see any issues with it.

Who said anything about an interview?
Most unencrypted protocols (like IRC, HTTP, instant messaging) send date and time stamps in plaintext.


Two things: I never said it was impossible. I said NEARLY impossible. If you're running a Tor node yourself, it doesn't even matter because it would be unprovable you did the alleged activity yourself, similar to the people opening up their wifi networks after being contacted by the MPAA or RIAA. Second: weren't you saying, a few posts above, you're only safe on SSL? You realise that even if you were using SSL encrypted channels, you're still vulnerable to rogue gateways on your network. I'm pretty sure even Cain can intercept SSL connections.

Tor exit nodes look at the data you're sending. I never said "only way to be safe," I said you're better off using it. Nowadays, you can't decrypt good public-key encryption without the private key, even if you record the handshake.

An easy way to MIM an SSL connection is to send a fake certificate to both sides. This is infinitely easier on tor, because even the cert authority can be spoofed by the exit node, unless somehow the client changes exit nodes at just the right time.



posted on Mar, 18 2009 @ 05:21 PM
link   
reply to post by Highground
 


Dude, this Tor thing sounds ok where does one get it ?
Any dangers with it?

And can a complete PC idiot like me figure out how to use it

Cheers

Moo



posted on Mar, 18 2009 @ 06:08 PM
link   
Well, as far as what people can do with just your IP addresss alone, and not with any "help" from other sources isn't very much. By help I mean getting into ISP logs.

At most, I can locate your general area within about 20-40 miles based on your IP address. But I couldn't get your actual house or address. I can only get the above information based on the IP address ranges. Meaning, if your IP address starts out with like 64.139.blah etc, then I know that IP addresses in that range originate from a certain area.


www.geoiptool.com...

Here, go to this page and you can see the basic information you give out to every server you connect to on the net.

But that is about as close as you can get from the IP address alone. To get closer than that, you would need to access the ISP logs and such.

Personally, I don't even worry about such things.



posted on Mar, 18 2009 @ 07:49 PM
link   

Originally posted by moocowman
reply to post by Highground
 


Dude, this Tor thing sounds ok where does one get it ?
Any dangers with it?

And can a complete PC idiot like me figure out how to use it

Cheers

Moo


Google works wonders, and no, you'd probably have a hard time with it. And it has a slow connection which would probably frustrate you.

www.torproject.org...



posted on Mar, 19 2009 @ 05:33 PM
link   
reply to post by sadisticwoman
 


Thanks anyhoo
darn how do you say thanks in more than one line on here


[edit on 19-3-2009 by moocowman]



posted on Mar, 19 2009 @ 05:40 PM
link   
reply to post by badmedia
 




At most, I can locate your general area within about 20-40 miles based on your IP address.


You serious dude ? 20 -40 miles ?

I now apologize for every cross word we've ever had in any thread, it was all my fault and you were right all along. please accept my humbleness apologies It will never disagree with you again.



posted on May, 10 2009 @ 12:47 PM
link   
Pardon for my noobness but there are a few things I dont understand.

1) I thought that IP addresses start with 192.168. something? How can it be used to trace where you are?

2) Someone mentioned TOR. I understand it routes information something like through a linkedlist. Is there a web link to teach me how to configure it properly? Is it usable on IE or opera?

3) SSL is a form of encryption. Is it free? Else how does one encrypt data when using TOR?


Thx.

Do u2u me if possible

[edit on 5/10/2009 by hitmen]



posted on May, 10 2009 @ 02:29 PM
link   

Originally posted by hitmen
Pardon for my noobness but there are a few things I dont understand.

1) I thought that IP addresses start with 192.168. something? How can it be used to trace where you are?

2) Someone mentioned TOR. I understand it routes information something like through a linkedlist. Is there a web link to teach me how to configure it properly? Is it usable on IE or opera?

3) SSL is a form of encryption. Is it free? Else how does one encrypt data when using TOR?


Thx.

Do u2u me if possible


192.168 is an internal IP address, that would be used to link up with your router etc. Your modem/router is most likely located with an IP address of 192.168.0.1 or something to that effect. Your PC also probably carries an IP address with that starting out as well as all devices on your network(assuming you use an automatic DCHP server on your modem, which I always have on every broadband connection).

Like this PC I'm on now has an internal ip address of 192.168.0.101 and the one next to me is 102, and my iphone is 103 etc.

So those are just internal IP addresses. Nobody is going to be able to connect to your PC using those IP addresses, they will most likely go to somewhere within there own network.

But your modem does get a unique ip address from your ISP. And that is the IP address you broadcast. You absolutely HAVE to broadcast your IP address, because it's needed for the connection. No IP address, and it's not going to know where to send the information. Just as you need the IP address to connect to a site. The IP addresses for domains is kept in a DNS server, so when you connect to like site.com, your PC connects to your DNS servers and gets the IP address for the site. The DNS servers also have their own IP addresses, which are generally assigned by your ISP. But you can choose to use a different DNS server if you wanted.

The IP addresses you get assigned by your ISP will be in a certain range. And it is based on that range that I am able to find out where you live within 20 or so miles.

I have a database of IP ranges. And these IP ranges are tied to latitude and longitudes. How good and how close I can get to your house with it depends on the quality of the database. You can get a free database that will get you within 20-40 miles, and if you need to get closer to that, then you can pay for a higher quality database etc.

But I can not get your house, address or anything like that.

You have seen these things in action before. They are generally used to bring things relative to your location. Ads and such. It's called "geo-targeting". Go to google, type in "Pizza Hut". And it is going to bring up results from your local Pizza hut. Phone numbers and such. This is done by this.

When you see something that says "X miles away", what they are doing is taking your lat and long from the geo targeting, and the lat and long from the other side, and you do a little equation and it gives you the distance between the 2.

SSL will encrypt the data you are transferring. It is "free", but the website itself has to be using it. You will see URLS that start with "https" that means a secure connection. The website can generate it's own secure certificate for free, but you generally have to pay for them to be "signed". Unsigned certificates that are generated for free usually throw up security alerts with browsers, even though it can be secure on it. I'm guessing because it might not really be secure, where as a signed certificate is as you have to some code from the place that signs it.

All in all, these are not things to worry about. If you are using credit cards and such, then you will want a secure connection. Outside that, there isn't much need for it.

And the IP address is not a big deal either. It would take warrants and such to the ISP to get information that says who you are and so forth.

No idea about TOR. As I said, I don't worry about these things at all. If there were actual security threats with this stuff, it would be all over the place with warnings and such.



posted on May, 19 2009 @ 05:33 PM
link   

Originally posted by hitmen
Pardon for my noobness but there are a few things I dont understand.

1) I thought that IP addresses start with 192.168. something? How can it be used to trace where you are?

IP addys go from 0.0.0.0 to 255.255.255.255
Certain ranges are reserved for special purposes, such as:
10.x.x.x, 192.168.x.x - local network
0.0.0.0, 255.255.255.255, 224.0.0.x - broadcast/multicast (goes to everybody, used mostly to discover services on the local network)
127.0.0.1 - loopback ("loops back" to the local machine, like for Polipo, or even a local webserver. Some programs use loopback to talk to one another.)

There are lots of resources on the Internet to learn about the Internet itself. You can start by searching for "TCP/IP." And yes, they can be used to trace you, but don't come on here asking how you could trace somebody else, thanks.


Originally posted by hitmen
2) Someone mentioned TOR. I understand it routes information something like through a linkedlist. Is there a web link to teach me how to configure it properly? Is it usable on IE or opera?

Not a "linkedlist." Tor is a local SOCKS server that you install on your computer. To browse the web, you need another program like Polipo sandwiched in between tor and your webbrowser.

You should just search for "tor." Do we really need to teach people how to use a search engine nowadays??


Originally posted by hitmen
3) SSL is a form of encryption. Is it free? Else how does one encrypt data when using TOR?

SSL is what your browser uses to communicate with websites that start with https://
Gmail and Firefox Add-Ons use this. Several other sites like LiveJournal and Facebook use it for logging in. Several other sites provide this service optionally like TinyURL and Sourceforge (change http to https in the address bar). Wikipedia also provides it optionally, although with a special URL. The money for SSL comes from the websites.



posted on May, 19 2009 @ 06:14 PM
link   
reply to post by Highground
 


Once upon a time, I was an administrator on a text based RPG game online. One of our players connected one night, severely depressed and stating they were going to kill themselves. Between myself and another admin, we pulled the IP record of the player, ran it through a reverse DNS to find their general location, then pulled the telephone number of their ISP.

Once we had that information, I worked to keep the player online and talking while the other admin contacted first the local police for where the player lived. While he was doing that, I was contacting the player's ISP and advising them of the situation (while still talking to him on the game). Within 15 minutes the police and the ISP had gotten together, pulled the user's home address (based only on the IP we provided) and arrived at the player's house with EMTs. The player was taken to the hospital and returned a few days later to thank us for intervening on their behalf.



new topics

top topics



 
0
<<   2 >>

log in

join