-
Hail Guest! We're looking for Community Content Contribuitors to Stratics. If you would like to write articles, fan fiction, do guild or shard event recaps, it's simple. Find out how in this thread: Community Contributions
-
Greetings Guest, Having Login Issues? Check this thread!
-
Hail Guest!, Please take a moment to read this post reminding you all of the importance of Account Security.
-
Hail Guest! Please read the new announcement concerning the upcoming addition to Stratics. You can find the announcement Here!
B
Bruin
Guest
Generally the first one or two are internal networks and usually have similar IP addresses. Any smart network person can identify these. However after the first internal network addresses it goes to your personal (specific) IP addresses which gives a way for hackers to ID you.
The first hop is generally from your PC/IPOD whatever to youre router, 2nd hop will be modem, 3rd hop is your ISP router near your house, 4th is generally the ISP itself. If you dont have a router (or use modem with built in router) just skip that part.
1. My IP is nowhere in there.
2. yourmom is 14 hops away from me.
3. 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31 24.79.196.31
Your ip is in there.
It is 24.79.196.1 - You are behind a router as well as a NAT, which is why you don't think your IP is in there, but it is.
Your internet service provider is Shawcable out of Calgary, Alberta.
A simple port scan would tell me everything else I need to know.
You can believe me or don't. It's what I do for a living.
It is 24.79.196.1 - You are behind a router as well as a NAT, which is why you don't think your IP is in there, but it is.
Your internet service provider is Shawcable out of Calgary, Alberta.
A simple port scan would tell me everything else I need to know.
You can believe me or don't. It's what I do for a living.
Then try access my web server at http://24.79.196.1
Now try access it at http://24.79.196.31
The 10.0.0.1 is the hop that 'should' be my ip, but it's the LAN side of my router so you never see the address for the WAN side. The .1 address is the first hop under my ISP's control.
Also, I'm in Winnipeg, Manitoba. Not Alberta. That's arguing semantics though, as that's what the WHOIS says.
A port scan on the proper IP address would tell you which ports I've specifically allowed to pass through my router, nothing more.
You can believe me or don't. It's what I've done since I was 4 and simply happen to make my living at it.
=]
Now try access it at http://24.79.196.31
The 10.0.0.1 is the hop that 'should' be my ip, but it's the LAN side of my router so you never see the address for the WAN side. The .1 address is the first hop under my ISP's control.
Also, I'm in Winnipeg, Manitoba. Not Alberta. That's arguing semantics though, as that's what the WHOIS says.
A port scan on the proper IP address would tell you which ports I've specifically allowed to pass through my router, nothing more.
You can believe me or don't. It's what I've done since I was 4 and simply happen to make my living at it.
=]
The address for your web server is not the same as the address for your router. There is a lot more to this, but this is not a hacking class.
I never said you live in Alberta, I said your isp is in Alberta.
The port scan will tell me which ports are open and by that I can determine what softwares you are running, exploit their vulnerabilities and access your system.
When you get your CISSP, come talk to me, in the meantime, think about mapping and what you are giving a hacker when you post your traceroute.
Here is a quote from Homeland Security in a whitepages article..
Excellent! Track that and see what you get. You will find its all faked.
My web server is my laptop.
Don't bring out the credentials. You're either right, in which case the truth shall set you free. Or you're wrong, and... I can't think of a way to finish this sentence that wouldn't take it out of friendly disagreement territory =]
A tracert will not show your IP. It will only show the LAN address of your router, or the first hop of your ISP if you're connected directly.
*drools*
*feels the heat*
[YOUTUBE]<object width="445" height="364"><param name="movie" value="http://www.youtube.com/v/Md7MYS06Tdw&hl=en_US&fs=1&rel=0&border=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/Md7MYS06Tdw&hl=en_US&fs=1&rel=0&border=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="445" height="364"></embed></object>[/YOUTUBE]
*feels the heat*
[YOUTUBE]<object width="445" height="364"><param name="movie" value="http://www.youtube.com/v/Md7MYS06Tdw&hl=en_US&fs=1&rel=0&border=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/Md7MYS06Tdw&hl=en_US&fs=1&rel=0&border=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="445" height="364"></embed></object>[/YOUTUBE]
@Wulf & Vortex...I know you are both moderators, but if you make me pull the tech car over to the side of the road to settle you down, both of you will be getting more than a port scan. 
-Skylark
P.S.
-Skylark
P.S.
not everyone might have a router, they may be hooked up directly to their isp. as vortex says if you show off your outside access ip then hackers can attempt to hack you by probing your ports.
its not a lesson for the network professional, its a lesson for the nerd deficients.
Lorddog
its not a lesson for the network professional, its a lesson for the nerd deficients.
Lorddog
If you don't have a router, then you're still only showing the first hop in your ISP. That won't be your IP.
It will narrow it down a lot, but there'd still be 253+ addresses to guess that are other customers in your ISP, or unassigned addresses.
It will narrow it down a lot, but there'd still be 253+ addresses to guess that are other customers in your ISP, or unassigned addresses.
But port scanning isnt legal! Hackers wouldnt break the law like that. They are good people...no?
Thanks for trying, he just doesn't get it.
If you want to post your whole tracert then do it, what the heck do I care?
For those who want to listen, its good advice.
You're trying to tell me that I don't know my own IP.
You're trying to tell people to strip out the lines of information from a tracert that will tell people how stable their connection to their local router and ISP is. These lines gives no personally identifiable information.
You are actively spreading misinformation and making it more difficult to troubleshoot any networking issues.
If you believe me to be wrong, then prove it. What is the address that I give as my webserver? That is running off my laptop.
Portscan the .1 address. Portscan the .31 address. Which is more likely to be mine?
Go to http://www.whatismyip.com
Does the address that it gives you appear anywhere in a tracert that you perform?
This is the closest you have come to understanding. Now, I ask you, how many of those will have traffic on the port that UO uses?
I don't need the ip for your laptop to get the info I need. I only need the routers info.
The actual IP of my laptop is 10.0.0.x. My router is the 24.79.196.31. It is port-forwarding port 80 to my laptop. For the purposes of this discussion my router and laptop are the exact same IP from an external point of view.
A problem showing up before it leaves the local network will be indistinguishable from a problem showing up at further hops, if the first hops are not included.
The UO Tech forum has no such rule last time I was by there.
I have one IP address. What are you theoretically intending to hack, if you're going after the .1 address instead of my router/laptop's IP?
.1 is a machine owned and operated by my ISP. I doubt anybody on these forums that is smart enough to hack that machine is stupid enough to hack that machine.
See above. Good luck hacking my ISP. Even if you do hack my ISP, you do not gain access to any data residing on my side of the network, as that will not get you through my router.
Who knows? There's no way for you to tell. NAT is letting the UO servers communicate through the router, but not you. Your port scan won't show any active UO ports.
My router's WAN status screen:
My router is .31.
My ISP owns .1
Are you seriously suggesting that it's a potential risk for somebody to both hack my ISP's server and set up a man in the middle attack between me and EA just for my UO password?
When you say router, you're really talking about the ISP controlled one and not the one I plug into my cable modem?
The site I gave will give you the address for your house, to put it basically and assuming a standard residential setup. Your computer will be whatever you get from an ipconfig, or wherever else you check your ip directly from your pc.
The .1 I'm arguing about with my setup is a machine somewhere in my ISP's control. The .31 I'm arguing about is the box I plug into my cable modem, that controls everything in or out of my house.
The one I plug into my cable modem is what I've been arguing about. People with that number can exploit poor security on that one.
The one under my ISP's control has the resources of a nationwide ISP aimed at keeping it secure.
The ISP is the only one that has an address appearing in a tracert.
This is what I've been basing my whole argument on.
My IP is not that address. Nothing sent to that address will ever reach me. Port scans to that address will not show any services I have running.
Anybody that can hack my machine or extract my UO password from that number alone will be too busy performing man in the middle attacks on traffic to and from banking websites to bother with me. Also, law enforcement responds to that level of a hack.
Port scan is not the only tool, and I'm not going further with this. It does not require me to hack the ISP's router.
Post them all you want, what do I care?
Wikipedia on trace route:
Would it be better if I said I can get your ip address from 24.79.196.1?
Would you understand better then?
Now that is laughable. You are in Canada, I'm in the United States. The hacker might be in the UK, or India. Which law enforcement agency would you like to investigate this?
Nerds...
ROFL, I was waiting for that...
You'd be wrong, but I'd understand you better. Also, that's not what you said.
If you'd like to show me that you're right, I can spoof a MAC address for a new IP, show you my new tracert, and you can tell me what my IP is later tonight. If not, I'll let it go.
Anyway, don't mistake my arguing for anything personal. I'm just a stickler for being right. Especially when I'm right. =]
If you'd like to show me that you're right, I can spoof a MAC address for a new IP, show you my new tracert, and you can tell me what my IP is later tonight. If not, I'll let it go.
Anyway, don't mistake my arguing for anything personal. I'm just a stickler for being right. Especially when I'm right. =]
http://www.betanews.com/article/British-hacker-will-be-extradited-to-US-for-trial/1249035677
http://news.softpedia.com/news/Venezuelan-VoIP-Hacker-Extradited-to-U-S-124771.shtml
http://www.pcworld.com/businesscent...ties_extradite_indian_on_hacking_charges.html
Moral of the story: Hack regular people all you want. Don't mess with anybody that has money or power.
Not taking it personal, it was something to do while I was at work. Now its time to go home.
I'll let you continue to think you are right. Of course, that would mean that dozens of IT Security professionals are wrong in saying not to give out trace routes.
And no, I would rather not play find your ip without written permission from your ISP.
Not that Wikipedia isn't the greatest collection of knowledge gathered in one place since man first started writing on the walls of public restrooms, but if sensitive information includes "Which way out to the internet", your security needs a second look.
Anyway, I need a smoke. Back in a few.
!!
The whole "should have never started" issue aside...you have an excellent reason to quit now.
-Skylark
That's because there's no password on the wireless, and it puts you on their LAN
Completely separate topic from trying to find their IP or connect from the internet side of their router.
Yeah, I know.!!
The whole "should have never started" issue aside...you have an excellent reason to quit now.
-Skylark
I only do it at work now, nowhere else.
