Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can someone hack me if they know my ip address?


  • Please log in to reply
15 replies to this topic

#1 puravida999

puravida999

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 11 May 2015 - 11:28 PM

Please, I dont know much about computers, but today, discussing in a legit website that uses disqus (commenting software) I noticed that a guy was posting photos of some users of that website, he was bragging saying "you have no idea about my profession, you don't know how much I can do with your ip address, I know a lot about you and you know nothing about me". I had a little fight with him and now I'm scared he can reveal my real identity and start posting pictures of my facebook.

 

First of all, I use windows 8 in my 2 computers, one of them using avg premium and the other one avg free. I have windows firewall on in both computers. I haven't downloaded anything from anywhere, only from trusted providers, never clicked any links from him or anyone in that website.

 

Now I'm worried because I have a static ip address and I don't know if he can get my ip address from disqus comment sections (he is not a moderator, just someone who insults everyone). This website is a news website, so the moderator are the ones who own that website.

 

So there are a lot of things going on in my mind right now because I am not the only one using this ip, also my family, I'm worried he can hack into my router and see all our information and start posting them online. Also, what if my pc is secured but the computers of my family members are not too secured? can he hack them even if they don't even know of this website nor of this guy?

 

I know some of you may say, he is a troll, but how he got the info of the other users? how could he possible get into their facebooks if they don't use their real names?  I also scanned my 2 computers and no virus was found, please help me to get this clear (btw i already deleted my account and all messages from that site) but I'm constantly checking his profile to see if he has posted anything about me.



BC AdBot (Login to Remove)

 


#2 rp88

rp88

  • Members
  • 3,016 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:16 AM

Posted 13 May 2015 - 08:40 PM

An individual with just your IP adress cannot do much. Every site you connect to can see your IP adress and you can see the site's, if you look for it. An individual with your IP adress AND other information might be able to do more. Just as a mention you should know that many sites store IP adresses and some publicly display those of certain visitors (for example if you edit wikipedia without logging in then your IP adress is displayed next to the record of your edit), if IP adresses were this dangerous alone then sites wouldn't display them like that. Another thing to note is that many people's though not everyone's, IP adresses regularly change, you migth only ahve the Ip you currently have until you next disconnect and reconnnect. People who's IP changes every time they connect have "dynamic" IP adresses, people who's IP stays the same for weeks at a time have "static" IP adresses. If yours is dynamic then unless the person who knows it has full access to your ISP (internet service provider)'s database he won't be able to find anything about you from it, except a rough region to the nearest 50 miles or so. If your's is static he can find more, but still not much. Unless the person works for disqus or has got access to details in their databases then he can't even get your IP, because you didn't connect directly to him, and he didn't connect directly to you, rather you were both connected to the news site and to disqus. Report him as a spammer/for making threats, also maybe call his bluff, ask him to tell you your IP adress, he probably won't be able to as he likely doesn't have it. But don't follow any links he sends you, if you did that he wouldn't need an IP adress to attack you, links could lead to "drive-by" pages which can infect any user who visits them.

NOTE: you can search google for "what is my IP adress", it will tell you. You can also visit websites (there are many of them, because it's a very simple type of site to set up) which will tell you your IP adress and what information it reveals about you to any site you connect with, this information usually consists of:

a location, accurate to 50 miles or if you are in a big city the name of the city.

which browser you are using.

sometimes the resolution of your screen.

sometimes which operating system you have.

sometimes the name of the ISP you use.

An IP certainly does not tell anyone your exact address, your name or those kind of things, except the ISP who has those records and can link them to browsing records if they feel they need to.

Edited by rp88, 13 May 2015 - 08:40 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#3 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:16 AM

Posted 14 May 2015 - 02:33 PM

How do you connect to the Internet? What is your network setup?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#4 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 17 May 2015 - 03:09 PM

An individual with just your IP adress cannot do much. Every site you connect to can see your IP adress and you can see the site's, if you look for it. An individual with your IP adress AND other information might be able to do more. Just as a mention you should know that many sites store IP adresses and some publicly display those of certain visitors (for example if you edit wikipedia without logging in then your IP adress is displayed next to the record of your edit), if IP adresses were this dangerous alone then sites wouldn't display them like that. Another thing to note is that many people's though not everyone's, IP adresses regularly change, you migth only ahve the Ip you currently have until you next disconnect and reconnnect. People who's IP changes every time they connect have "dynamic" IP adresses, people who's IP stays the same for weeks at a time have "static" IP adresses. If yours is dynamic then unless the person who knows it has full access to your ISP (internet service provider)'s database he won't be able to find anything about you from it, except a rough region to the nearest 50 miles or so. If your's is static he can find more, but still not much. Unless the person works for disqus or has got access to details in their databases then he can't even get your IP, because you didn't connect directly to him, and he didn't connect directly to you, rather you were both connected to the news site and to disqus. Report him as a spammer/for making threats, also maybe call his bluff, ask him to tell you your IP adress, he probably won't be able to as he likely doesn't have it. But don't follow any links he sends you, if you did that he wouldn't need an IP adress to attack you, links could lead to "drive-by" pages which can infect any user who visits them.

NOTE: you can search google for "what is my IP adress", it will tell you. You can also visit websites (there are many of them, because it's a very simple type of site to set up) which will tell you your IP adress and what information it reveals about you to any site you connect with, this information usually consists of:

a location, accurate to 50 miles or if you are in a big city the name of the city.

which browser you are using.

sometimes the resolution of your screen.

sometimes which operating system you have.

sometimes the name of the ISP you use.

An IP certainly does not tell anyone your exact address, your name or those kind of things, except the ISP who has those records and can link them to browsing records if they feel they need to.

I usually register in websites with fake names, does it helps if he someone has access to disqus database?


How do you connect to the Internet? What is your network setup?

My laptop is wireless and my desktop goes by ethernet. I scanned my computer 2 times already (full scan) , run ccleaner and can't find viruses. In my laptop I run malwarebytes and nothing was found but still I'm worried :(


Edited by puravida999, 17 May 2015 - 03:09 PM.


#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:16 AM

Posted 17 May 2015 - 03:51 PM


How do you connect to the Internet? What is your network setup?

My laptop is wireless and my desktop goes by ethernet.

 

 

OK, but what is your network setup? ADSL modem, router, ... ? Do you use NAT?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 1PW

1PW

  • Members
  • 316 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North of the 38th parallel.
  • Local time:10:16 PM

Posted 18 May 2015 - 02:23 AM

Hello puravida999:
 
Please do not let my post diminish the good advice of others...
 
When a situation demands more privacy, have you considered using the Tor Browser?

 

If you are given to occasional extremes, a https connection, through a Tor Browser, connected to a trusted VPN, would present a significant challenge to the amateur hacker.

HTH :)


Edited by 1PW, 18 May 2015 - 02:42 AM.

All viruses are malware but not all malware are viruses and if the malware doesn't self replicate it just isn't a virus.


#7 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 18 May 2015 - 09:43 AM

 


How do you connect to the Internet? What is your network setup?

My laptop is wireless and my desktop goes by ethernet.

 

 

OK, but what is your network setup? ADSL modem, router, ... ? Do you use NAT? 

 

I dont know nothing about routers :/ , I bought netgear router, how do I check what you are asking me?


Edited by puravida999, 18 May 2015 - 09:43 AM.


#8 rp88

rp88

  • Members
  • 3,016 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:16 AM

Posted 18 May 2015 - 11:38 AM

"through a Tor Browser, connected to a trusted VPN"

Just as a note, this is a one or the other matter, in general it is not possible to route trafic through both tor and a VPN, and if you could then it would be extremely slow. Either would be a way to connect to sites without revealing your true IP adress to them, and it would also make it trickier for hackers but it wouldn't help that much here as the original poster says someone threatened him claiming to know his IP adress already.

It is important to note that a hacker can do damage without needing your IP, if you follow a link he posts somewhere then it could lead to an exploit drive-by page. If you were infected by something like that then a hacker wouldn't need your IP (although he could find it very quickly afterwards) as he would already have a a means to control your computer. Neither Tor or a VPN would necessarily protect against this.

Edited by rp88, 18 May 2015 - 11:39 AM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#9 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:16 AM

Posted 18 May 2015 - 12:03 PM

That depends on the model.

But let's try another way: does your laptop have a private IP address or a public IP address?
You can watch the video I made here to know how to check this:
http://www.bleepingcomputer.com/forums/t/536252/how-to-tell-if-you-have-a-private-ip-address-or-a-public-ip-address/

Don't post your IP address here. Just tell us if it is a public or a private IP address.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#10 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:05:16 PM

Posted 18 May 2015 - 07:15 PM

"through a Tor Browser, connected to a trusted VPN"
Just as a note, this is a one or the other matter, in general it is not possible to route trafic through both tor and a VPN, and if you could then it would be extremely slow. Either would be a way to connect to sites without revealing your true IP adress to them, and it would also make it trickier for hackers but it wouldn't help that much here as the original poster says someone threatened him claiming to know his IP adress already.
It is important to note that a hacker can do damage without needing your IP, if you follow a link he posts somewhere then it could lead to an exploit drive-by page. If you were infected by something like that then a hacker wouldn't need your IP (although he could find it very quickly afterwards) as he would already have a a means to control your computer. Neither Tor or a VPN would necessarily protect against this.

Using Tor and VPN together. https://www.bestvpn.com/blog/12273/using-tor-vpn-together/

Using Tor and a VPN | Pros and Cons. https://thetinhat.com/tutorials/darknets/tor-vpn-using-both.html
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#11 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 18 May 2015 - 11:34 PM

Thanks everyone for trying to help, I think he was just being a badass trying to scare me. Anyways I'm not visiting that website anymore and he is busy harassing others, whatever.



#12 1PW

1PW

  • Members
  • 316 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North of the 38th parallel.
  • Local time:10:16 PM

Posted 19 May 2015 - 10:58 AM

@puravida999: I am happy you have found the ultimate solution.  :thumbup2:
 
@Crazy Cat: Certainly!  Similarly - Tails through VPN too.  These are long used tools of journalists and their employers/whistleblowers.   Slowed end-to-end propagation is simply the expected trade-off for enhanced security.  ...and yes - your real IP address is unknown at the distant end.
 
Diverging even further, I suppose one could mention PGP/GnuPG protection through the same tunnels.  Yet that's material for a future topic.
 
Cheers.  :)


All viruses are malware but not all malware are viruses and if the malware doesn't self replicate it just isn't a virus.


#13 rp88

rp88

  • Members
  • 3,016 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:16 AM

Posted 19 May 2015 - 11:42 AM

As far as tor and VPNs not usually being used together is concerned I merely mentioned this because tor advise against it on their own website, and they say it would be tricky as well.

Tails is what you would use if you need to be even more pirvate and anonymous that the things you might use tor or a VPN for. Tails is a live operating system designed to be booted from a USB flash drive or dvd disc so a user can do things within it and then shut it down and remove the USB, leaving no trace of their actions on that computer. Tails comes with tor preinstalled within it, tails has uses but in this situation with your worries about someone with your IP adress tails isn't a solution to it.

I think all this discussion of tor, tails and VPN systems has rather diverged from the original poster's questions.

Puravida999 post#11: sounds likely, if you do check whether you have a fixed or changing IP adress (search "what is my IP" on google today, then make sur to disonnect and recnnect to the internet a few times, then check your IP again by searching google) then if you have a changing one you will know the person on that site was talkign utter rubbish, if you have a fixed one then he was probably still talking rubbish but it's worth knowing which sort you have. There are a lot of people online who say things about knowing someone's IP adress but sometimes they say it to someone who knows more about tehnology than they do, that's when they either get their bluff called or find the tables being turned, there are some rather funny reports of people who did such table turning on scammers and spammers. To the tune of:

spammer: "I know where you live[in reality the spammer would have made several spelling mistakes here and put it all in capitals]"
victim: "No, you don't, but I know where YOU live" [finds spammer's IP adress, fairly easy if they are directly connected to each other, not usually possible if both are simply connected to a common website (a forum or disqus)]
victim: "You're in [quotes largest city in 20 mile (approx) radius that IP adress originates from]"
victim: [checks weather forecast for that city] "And what rotten/lovely weather you're having right now..."

Edited by rp88, 19 May 2015 - 11:43 AM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#14 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:05:16 PM

Posted 21 May 2015 - 08:15 PM

(1) As far as tor and VPNs not usually being used together is concerned I merely mentioned this because tor advise against it on their own website, and they say it would be tricky as well.

(2) I think all this discussion of tor, tails and VPN systems has rather diverged from the original poster's questions.

(1) Even if you have this network WAN configuration: HomePC > VPN > TOR > WWW
You can still be found on the Internet without installing any spyware trojan, or rootkit, on the operating system. Granted very difficult, but it can be done.

(2) Yes rp88, I agree the topic has gone tangent to the original question.

Internet Service Provider's (ISP), assign either a Static IP, or Dynamic IP. http://whatismyipaddress.com/dynamic-static

Put simply, a 'Static IP' is a permanent IP assigned to your ISP account, and a 'Dynamic IP' is a changing IP reassigned from time-to-time, or when you power off your router.

There are pros and cons, with a Dynamic IP. While you may change the IP to your router, you may be getting/reassigned an IP that an ongoing DoS attack, or a port scan, is still occurring.
So effectively, your router is assigned an IP that is under attack.

IP LOOKUP: http://whatismyipaddress.com/ip-lookup to see your General IP Information and Geolocation Information. Mostly, 'Geolocation Information' is the location of your Internet Service Provider (ISP) telecommunications exchange.

Now image, GCR Firewall Test, https://www.grc.com/x/ne.dll?bh0bkyd2 is the attacker, and knows your true router's assigned ISP IP. GCR will port scan your router for open ports and vulnerabilities.

Edited by Crazy Cat, 21 May 2015 - 08:26 PM.

 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#15 lingroot

lingroot

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:16 PM

Posted 17 August 2016 - 07:13 AM

If you are having a static ip that will be a problem, but no one can track your real address with that IP (other than ISP and officials ).

 in most case you are having a dynamic ip,it means you Ip adress is not a constant one, it will change and is assigned by your ISP.

If you are really concerned about your security while doing online transactions please refer this good blog explaining staying safe while doing online transactions

https://nci.ca/10-safest-methods-to-shop-online/

 I recommend your to use a good firewall along with antivirus program.

 hope this one helps

 

Mod Edit:  Topic dates to May 2015 - Hamluis.


Edited by hamluis, 21 July 2017 - 11:55 AM.





2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users