• Hail Guest!
    We're looking for Community Content Contribuitors to Stratics. If you would like to write articles, fan fiction, do guild or shard event recaps, it's simple. Find out how in this thread: Community Contributions
  • Greetings Guest, Having Login Issues? Check this thread!
  • Hail Guest!,
    Please take a moment to read this post reminding you all of the importance of Account Security.
  • Hail Guest!
    Please read the new announcement concerning the upcoming addition to Stratics. You can find the announcement Here!

I've said it before...(trace routes)

Vortex

Slightly Crazed
Stratics Veteran
Stratics Legend
....but I'll say it again.

Do NOT post your trace route on the forums UNTIL you have removed the ip addresses from the first several hops!!!

You are giving a hacker a loaded gun and saying see if you can hit me in the head!
 

Spree

Babbling Loonie
Stratics Veteran
Stratics Legend
Don't all ips start at the same? I know when i log in to diffident networks with my ipod touch they are all the same number.
 
B

Bruin

Guest
Don't all ips start at the same? I know when i log in to diffident networks with my ipod touch they are all the same number.
Generally the first one or two are internal networks and usually have similar IP addresses. Any smart network person can identify these. However after the first internal network addresses it goes to your personal (specific) IP addresses which gives a way for hackers to ID you.
 

N49ATV

Slightly Crazed
Stratics Veteran
Stratics Legend
The first hop is generally from your PC/IPOD whatever to youre router, 2nd hop will be modem, 3rd hop is your ISP router near your house, 4th is generally the ISP itself. If you dont have a router (or use modem with built in router) just skip that part.
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
Tracing route to yourmom.com [208.113.233.166]
over a maximum of 30 hops:

1 1 ms 1 ms <1 ms 10.0.0.1
2 12 ms 62 ms 8 ms 24.79.196.1
3 22 ms 7 ms 8 ms rc1nr-tge0-0-2-0-1.wp.shawcable.net [64.59.181.6
7]
4 43 ms 27 ms 27 ms rc2ec-pos0-7-0-0.il.shawcable.net [66.163.76.26]

5 38 ms 36 ms 37 ms rd1ec-ge11-0-0.il.shawcable.net [66.163.65.45]
6 36 ms 36 ms 36 ms te-0-11-0-4-pe01.350ecermak.il.ibone.comcast.net
[75.149.228.193]
7 29 ms 31 ms 27 ms pos-1-3-0-0-cr01.chicago.il.ibone.comcast.net [6
8.86.86.33]
8 58 ms 70 ms 57 ms pos-2-13-0-0-cr01.atlanta.ga.ibone.comcast.net [
68.86.85.58]
9 80 ms 81 ms 79 ms pos-1-14-0-0-cr01.dallas.tx.ibone.comcast.net [6
8.86.85.153]
10 117 ms 114 ms 97 ms pos-0-10-0-0-cr01.losangeles.ca.ibone.comcast.ne
t [68.86.86.217]
11 98 ms 88 ms 87 ms as26347.losangeles.ca.ibone.comcast.net [75.149.
228.206]
12 91 ms 90 ms 92 ms ip-66-33-201-115.dreamhost.com [66.33.201.115]
13 93 ms 92 ms 95 ms ip-66-33-201-66.dreamhost.com [66.33.201.66]
14 94 ms 97 ms 92 ms apache2-dap.korben.dreamhost.com [208.113.233.16
6]

Trace complete.
1. My IP is nowhere in there.
2. yourmom is 14 hops away from me.
3. 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
Also, don't do this at home kiddies.

I am a trained internet stunt professional.
 

Vortex

Slightly Crazed
Stratics Veteran
Stratics Legend
Your ip is in there.

It is 24.79.196.1 - You are behind a router as well as a NAT, which is why you don't think your IP is in there, but it is.

Your internet service provider is Shawcable out of Calgary, Alberta.

A simple port scan would tell me everything else I need to know.

You can believe me or don't. It's what I do for a living.
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
Then try access my web server at http://24.79.196.1

Now try access it at http://24.79.196.31

The 10.0.0.1 is the hop that 'should' be my ip, but it's the LAN side of my router so you never see the address for the WAN side. The .1 address is the first hop under my ISP's control.

Also, I'm in Winnipeg, Manitoba. Not Alberta. That's arguing semantics though, as that's what the WHOIS says.

A port scan on the proper IP address would tell you which ports I've specifically allowed to pass through my router, nothing more.

You can believe me or don't. It's what I've done since I was 4 and simply happen to make my living at it.

=]
 

Vortex

Slightly Crazed
Stratics Veteran
Stratics Legend
Then try access my web server at http://24.79.196.1

Now try access it at http://24.79.196.31

The 10.0.0.1 is the hop that 'should' be my ip, but it's the LAN side of my router so you never see the address for the WAN side. The .1 address is the first hop under my ISP's control.

Also, I'm in Winnipeg, Manitoba. Not Alberta. That's arguing semantics though, as that's what the WHOIS says.

A port scan on the proper IP address would tell you which ports I've specifically allowed to pass through my router, nothing more.

You can believe me or don't. It's what I've done since I was 4 and simply happen to make my living at it.

=]
The address for your web server is not the same as the address for your router. There is a lot more to this, but this is not a hacking class.

I never said you live in Alberta, I said your isp is in Alberta.

The port scan will tell me which ports are open and by that I can determine what softwares you are running, exploit their vulnerabilities and access your system.

When you get your CISSP, come talk to me, in the meantime, think about mapping and what you are giving a hacker when you post your traceroute.

Here is a quote from Homeland Security in a whitepages article..


To break this down a little further, lets get in to what exactly hackers are looking for and what tools they are using against you. Port scanners are used to determine which hosts are alive on the Internet, which Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports are listening on each system, and the operating system that is installed on each host. Trace routes are performed to help identify the relationship
of each host to every other and to identify potential security mechanisms between the attacker and the target. Nslookup is a command line tool in Windows NT 4.0, Windows 2000, and Windows XP that can be used to perform DNS queries and zone transfers. Tracert is a command line tool used by hackers to create network maps of the target
network presence. After the port scanning and trace routing is finished, attackers create a network map that represents their understanding of the target's Internet footprint. This map is used for the second phase of the attack: information enumeration. The SamSpade.org Web interface that performs Whois lookups, forward and reverse DNS searches, and trace routes. Nmap is a Unix-based port scanner and ScanLine is a Windows NT-based port scanner.



 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
The address for your web server is not the same as the address for your router. There is a lot more to this, but this is not a hacking class.
My web server is my laptop.
When you get your CISSP, come talk to me
Don't bring out the credentials. You're either right, in which case the truth shall set you free. Or you're wrong, and... I can't think of a way to finish this sentence that wouldn't take it out of friendly disagreement territory =]



A tracert will not show your IP. It will only show the LAN address of your router, or the first hop of your ISP if you're connected directly.
 

Falon of Eldor

Sage
Stratics Veteran
Stratics Legend
*drools*

*feels the heat*

[YOUTUBE]<object width="445" height="364"><param name="movie" value="http://www.youtube.com/v/Md7MYS06Tdw&hl=en_US&fs=1&rel=0&border=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/Md7MYS06Tdw&hl=en_US&fs=1&rel=0&border=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="445" height="364"></embed></object>[/YOUTUBE]
 

Skylark SP

Available Storage: 0
Stratics Veteran
Stratics Legend
@Wulf & Vortex...I know you are both moderators, but if you make me pull the tech car over to the side of the road to settle you down, both of you will be getting more than a port scan. :twak:

-Skylark









































P.S. :p :heart:
 

Lorddog

Crazed Zealot
Stratics Veteran
Stratics Legend
not everyone might have a router, they may be hooked up directly to their isp. as vortex says if you show off your outside access ip then hackers can attempt to hack you by probing your ports.

its not a lesson for the network professional, its a lesson for the nerd deficients.

Lorddog
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
If you don't have a router, then you're still only showing the first hop in your ISP. That won't be your IP.

It will narrow it down a lot, but there'd still be 253+ addresses to guess that are other customers in your ISP, or unassigned addresses.
 

Vortex

Slightly Crazed
Stratics Veteran
Stratics Legend
not everyone might have a router, they may be hooked up directly to their isp. as vortex says if you show off your outside access ip then hackers can attempt to hack you by probing your ports.

its not a lesson for the network professional, its a lesson for the nerd deficients.

Lorddog
Thanks for trying, he just doesn't get it.

If you want to post your whole tracert then do it, what the heck do I care?

For those who want to listen, its good advice.
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
Thanks for trying, he just doesn't get it.
You're trying to tell me that I don't know my own IP.

You're trying to tell people to strip out the lines of information from a tracert that will tell people how stable their connection to their local router and ISP is. These lines gives no personally identifiable information.

You are actively spreading misinformation and making it more difficult to troubleshoot any networking issues.

If you believe me to be wrong, then prove it. What is the address that I give as my webserver? That is running off my laptop.

Portscan the .1 address. Portscan the .31 address. Which is more likely to be mine?

Go to http://www.whatismyip.com

Does the address that it gives you appear anywhere in a tracert that you perform?
 

Vortex

Slightly Crazed
Stratics Veteran
Stratics Legend
Nevermind, that gives too much info.

You right, everyone post your trace routes at will. Go crazy.
 

Vortex

Slightly Crazed
Stratics Veteran
Stratics Legend
It will narrow it down a lot, but there'd still be 253+ addresses to guess that are other customers in your ISP, or unassigned addresses.
This is the closest you have come to understanding. Now, I ask you, how many of those will have traffic on the port that UO uses?

I don't need the ip for your laptop to get the info I need. I only need the routers info.
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
You're trying to tell me that I don't know my own IP.

I never said that. Nor did I ever say I need the ip for your laptop. The router is my target.
The actual IP of my laptop is 10.0.0.x. My router is the 24.79.196.31. It is port-forwarding port 80 to my laptop. For the purposes of this discussion my router and laptop are the exact same IP from an external point of view.

You're trying to tell people to strip out the lines of information from a tracert that will tell people how stable their connection to their local router and ISP is. These lines gives no personally identifiable information.

Wrong, it gives me plenty of information. There is no reason to post a trace route in these forums if the problem is between you and your isp. We would only need to know about the later hops.
A problem showing up before it leaves the local network will be indistinguishable from a problem showing up at further hops, if the first hops are not included.

You are actively spreading misinformation and making it more difficult to troubleshoot any networking issues.

This is not a tech forum. There are much better places if that is what is needed. Amazingly, when you go to tech forums they tell you to sent the trace route privately (I wonder why...hmm).
The UO Tech forum has no such rule last time I was by there.


If you believe me to be wrong, then prove it. What is the address that I give as my webserver? That is running off my laptop.

It is the exact thing you gave. I don't need that ip.

I have one IP address. What are you theoretically intending to hack, if you're going after the .1 address instead of my router/laptop's IP?

Portscan the .1 address. Portscan the .31 address. Which is more likely to be mine?

.31 will be you, .1 will be the router that I am interested in.
.1 is a machine owned and operated by my ISP. I doubt anybody on these forums that is smart enough to hack that machine is stupid enough to hack that machine.

Go to http://www.whatismyip.com

Does the address that it gives you appear anywhere in a tracert that you perform?

No, your personal ip is not, but again, thats not my target...yet.
See above. Good luck hacking my ISP. Even if you do hack my ISP, you do not gain access to any data residing on my side of the network, as that will not get you through my router.

And for your earlier quote...

How many of these customers will have traffic on the port that UO uses?
Who knows? There's no way for you to tell. NAT is letting the UO servers communicate through the router, but not you. Your port scan won't show any active UO ports.

My router's WAN status screen:



My router is .31.

My ISP owns .1
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
This is the closest you have come to understanding. Now, I ask you, how many of those will have traffic on the port that UO uses?

I don't need the ip for your laptop to get the info I need. I only need the routers info.
Are you seriously suggesting that it's a potential risk for somebody to both hack my ISP's server and set up a man in the middle attack between me and EA just for my UO password?

When you say router, you're really talking about the ISP controlled one and not the one I plug into my cable modem?
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
Hmm that site gives an different IP then I view on my PC
The site I gave will give you the address for your house, to put it basically and assuming a standard residential setup. Your computer will be whatever you get from an ipconfig, or wherever else you check your ip directly from your pc.

The .1 I'm arguing about with my setup is a machine somewhere in my ISP's control. The .31 I'm arguing about is the box I plug into my cable modem, that controls everything in or out of my house.

The one I plug into my cable modem is what I've been arguing about. People with that number can exploit poor security on that one.

The one under my ISP's control has the resources of a nationwide ISP aimed at keeping it secure.

The ISP is the only one that has an address appearing in a tracert.
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
Your ip is in there.

It is 24.79.196.1
This is what I've been basing my whole argument on.

My IP is not that address. Nothing sent to that address will ever reach me. Port scans to that address will not show any services I have running.

Anybody that can hack my machine or extract my UO password from that number alone will be too busy performing man in the middle attacks on traffic to and from banking websites to bother with me. Also, law enforcement responds to that level of a hack.
 

Vortex

Slightly Crazed
Stratics Veteran
Stratics Legend
Who knows? There's no way for you to tell. NAT is letting the UO servers communicate through the router, but not you. Your port scan won't show any active UO ports.
Port scan is not the only tool, and I'm not going further with this. It does not require me to hack the ISP's router.

Post them all you want, what do I care?

Wikipedia on trace route:
Security concerns
Supplying such detailed information about the pathways taken was considered acceptable and convenient in the early days of the Internet, but later was considered questionable for privacy and security reasons. Traceroute information has been frequently used by hackers as a way to acquire sensitive information about a company's network architecture. By using the traceroute command, a hacker can quickly map out intermediate routers for known destinations on a company's network architecture.
 

Vortex

Slightly Crazed
Stratics Veteran
Stratics Legend
Your ip is in there.

It is 24.79.196.1
This is what I've been basing my whole argument on.

My IP is not that address. Nothing sent to that address will ever reach me. Port scans to that address will not show any services I have running.

Anybody that can hack my machine or extract my UO password from that number alone will be too busy performing man in the middle attacks on traffic to and from banking websites to bother with me. Also, law enforcement responds to that level of a hack.
Would it be better if I said I can get your ip address from 24.79.196.1?

Would you understand better then?
 

Vortex

Slightly Crazed
Stratics Veteran
Stratics Legend
Also, law enforcement responds to that level of a hack.
Now that is laughable. You are in Canada, I'm in the United States. The hacker might be in the UK, or India. Which law enforcement agency would you like to investigate this?
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
You'd be wrong, but I'd understand you better. Also, that's not what you said.

If you'd like to show me that you're right, I can spoof a MAC address for a new IP, show you my new tracert, and you can tell me what my IP is later tonight. If not, I'll let it go.

Anyway, don't mistake my arguing for anything personal. I'm just a stickler for being right. Especially when I'm right. =]
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
Now that is laughable. You are in Canada, I'm in the United States. The hacker might be in the UK, or India. Which law enforcement agency would you like to investigate this?
http://www.betanews.com/article/British-hacker-will-be-extradited-to-US-for-trial/1249035677

http://news.softpedia.com/news/Venezuelan-VoIP-Hacker-Extradited-to-U-S-124771.shtml

http://www.pcworld.com/businesscent...ties_extradite_indian_on_hacking_charges.html

Moral of the story: Hack regular people all you want. Don't mess with anybody that has money or power.
 

Vortex

Slightly Crazed
Stratics Veteran
Stratics Legend
Anyway, don't mistake my arguing for anything personal. I'm just a stickler for being right. Especially when I'm right. =]
Not taking it personal, it was something to do while I was at work. Now its time to go home.

I'll let you continue to think you are right. Of course, that would mean that dozens of IT Security professionals are wrong in saying not to give out trace routes.

And no, I would rather not play find your ip without written permission from your ISP.
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
Security concerns
Traceroute information has been frequently used by hackers as a way to acquire sensitive information about a company's network architecture. By using the traceroute command, a hacker can quickly map out intermediate routers for known destinations on a company's network architecture.
Not that Wikipedia isn't the greatest collection of knowledge gathered in one place since man first started writing on the walls of public restrooms, but if sensitive information includes "Which way out to the internet", your security needs a second look.

Anyway, I need a smoke. Back in a few.
 

Spree

Babbling Loonie
Stratics Veteran
Stratics Legend
Did you ever take your laptop and find some one open networks and print stuff on their printer?
 

Damien Softstep

Visitor
Stratics Veteran
Stratics Legend
Not that Wikipedia isn't the greatest collection of knowledge gathered in one place since man first started writing on the walls of public restrooms, but if sensitive information includes "Which way out to the internet", your security needs a second look.

Anyway, I need a smoke. Back in a few.
:lol:
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
Did you ever take your laptop and find some one open networks and print stuff on their printer?
That's because there's no password on the wireless, and it puts you on their LAN

Completely separate topic from trying to find their IP or connect from the internet side of their router.
 

Spree

Babbling Loonie
Stratics Veteran
Stratics Legend
That's because there's no password on the wireless, and it puts you on their LAN

Completely separate topic from trying to find their IP or connect from the internet side of their router.

But if i can print i can haxxors too :popcorn:
 

Wulf2k

Stratics Legend
Stratics Veteran
Stratics Legend
But a tracert isn't going to help you drive up to their house within range of their unsecured wireless network either.
 

Spree

Babbling Loonie
Stratics Veteran
Stratics Legend
Then when I'm on their network can i post their trace route? :lol:
 
Top