# IP Address..



## jim-henscheli (May 4, 2015)

Hey, as some of you may recall, i posted a thread aboht the security of google, many people responed with related to Ip. Addresses, I want to know how easy it is for a mere mortal, to track an IP address. So, if anybody on here can track mine, please send me A PRIVATE MESSAGE, informing me of my location, we can go from there. Happy hunting.


----------



## 8301 (Nov 29, 2014)

Found you!

Dairy farm in Bangkok. Leave that poor cow alone.


----------



## coates776 (Sep 4, 2015)

Have asked my professional corporate hacker children / nephew (Keep in mind they are paid to do it by corporate world) they are telling me to start learning this fascinating journey you need to go to your computers command prompt a black screen appears and type mslookup and hit enter and magic occurs They tell me editing the source of a web page and getting the encrypted posting reference takes them to a data base that depending on how much money has been sent setting up its security can be hacked.

Its not something that can be done by your normal lay person. There occupation is called "pent testing" or to us lay people penetration testing. Their job is to break-in to any system any way and paid well if they succeed. The stuff we see in movies actually really happens.


----------



## Will2 (Mar 20, 2013)

Jim,

It is very easy to get "normal people's ip address"

I don't have my server up right now but I will explain a very easy way to get IP

first you imbed a white gif into your post from your server. The server logs everyone who accesses the gif when the page loads. You can then quickly determine from anyone who accesses this post or replies at a specific time by correlating the time someone replies, or how many times someone views the thread, perhaps to be the person who is the OP or if they reply by determining the access log to the time they post.
OK SO THERE IS AN IMAGE IN THIS POST







JUST HOLD YOUR LEFT CLICK DOWN AND DRAG IT FROM UNDER THE WORD POST OVER TO UNDER THE OK AND IT WILL BE HIGHLIGHTED.
THIS ONE HAS ACTUALLY BEEN UPLOADED FROM MY COMPUTER, in the real world method, it would be via my dynamic IP website (which is currently offline in my locker)
When anyone views this post, my dynamic server (which could be a static server) will log their IP.

So if you read this message, I would have your IP (unless you are using a net anonymizer)

You can even make a 1 pixel gif... and put it in a place people will not think to look for it. For that matter "ANY" picture included in a post could be used for the purpose of obtaining someones IP.


----------



## 8301 (Nov 29, 2014)

Ok Guys, So can you locate PaulS so we can send him a message requesting that he return?

Sorry for hijacking the thread.


----------



## coates776 (Sep 4, 2015)

While where on hacking my nephew told me of his easiest hack last week. He was told to break into this un breakable server and get to the back end and retrieve certain information his pay check got bigger the quicker he got what they wanted but he had to give up in 3 days.

Anyway he watched what time the staff took lunch then on their return asked them to print of a document from his usb as his printer was broken which she did. When she entered the us bit loaded a key stroke loading program he had written for there operating system. He then left went next door read her key strokes logged into the system and then used his means to ask Sql queries to the database and completed his assignment in 30 min.


----------



## 8301 (Nov 29, 2014)

Smart....


----------



## Slippy (Nov 14, 2013)

I know who CAN'T track IP addresses! HAHAHAHAHAHA!


----------



## James m (Mar 11, 2014)

After you find the IP address open a dos box and type "tracert" then the address. It will show you hops the network takes.


----------



## Smitty901 (Nov 16, 2012)

Please track mine. do so on a regular basics . The results my confuse you a bit.


----------



## James m (Mar 11, 2014)

Ipv4 or ipv6.


----------



## Auntie (Oct 4, 2014)

According to https://www.whatismyip.com today I am in Chipley Florida. The view outside my window is the same as always so I am actually in Colorado.


----------



## James m (Mar 11, 2014)

Auntie said:


> According to https://www.whatismyip.com today I am in Chipley Florida. The view outside my window is the same as always so I am actually in Colorado.


You hacker you!!


----------



## Auntie (Oct 4, 2014)

So now I am a communist and a hacker? WOW


----------



## James m (Mar 11, 2014)

Admit it!! We're on to you!!


----------



## Auntie (Oct 4, 2014)

James m said:


> Admit it!! We're on to you!!


"We" are you one of "them"?


----------



## James m (Mar 11, 2014)

We know your Communist Affiliation's. We know what you are planning. Give it up.


----------



## Auntie (Oct 4, 2014)

Since you know what I am planning do you think it is a good plan? I am having my doubts about one step. You can read it in my documents - Plan C (a and b were deleted after review).


----------



## James m (Mar 11, 2014)

It's a diabolical plan. That's why we are building a special jail within a jail just for you.


----------



## Auntie (Oct 4, 2014)

As long as it has a coffee pot, unlimited coffee and books I am ready.


----------



## PatriotFlamethrower (Jan 10, 2015)

I used to be the administrator of a small discussion forum, and I could track the IP addresses of all members of the forum within SECONDS. Very easy to do.

I could ban IP addresses whenever I needed to. It was a tool I used to get rid of trolls and other troublemakers.


----------



## rice paddy daddy (Jul 17, 2012)

Auntie said:


> According to https://www.whatismyip.com today I am in Chipley Florida. The view outside my window is the same as always so I am actually in Colorado.


A beautiful part of Florida, albeit demographically poor. Just down the road from Bonifay, and not far from where we once wanted to retire - Two Egg.

The IP address of this computer I'm using at the moment shows as being several counties from where I really am.


----------



## whoppo (Nov 9, 2012)

If you're reading this, your IP address is in my web server logs right now...

Update: first visitor, IP address (sanitized) is xxx.xxx.35.218

additional visitors, also sanitized: xxx.xxx.97.58


----------



## tinkerhell (Oct 8, 2014)

My strategy is not to be important enough for anyone to track.

So far, so good.


----------



## James m (Mar 11, 2014)

PatriotFlamethrower said:


> I used to be the administrator of a small discussion forum, and I could track the IP addresses of all members of the forum within SECONDS. Very easy to do.
> 
> I could ban IP addresses whenever I needed to. It was a tool I used to get rid of trolls and other troublemakers.


I believe that they are talking about changing IP addresses to mask what trouble makers are actually doing.


----------



## tinkerhell (Oct 8, 2014)

proxy server


----------



## James m (Mar 11, 2014)

My IP address was 1337.


----------



## tinkerhell (Oct 8, 2014)

my IP address is 192.168.1.1 but I never share that address with any computer outside of my gateway.:laughhard:


----------



## James m (Mar 11, 2014)

192.168.1.1 is usually a wireless router. End devices start at .2 my phone is dual stacked with ipv4 and ipv6 allegedly out of New Jersey but I'm over the border.


----------



## James m (Mar 11, 2014)

I'm going to be part of a hacker competition in a month or two. I'd better learn to hack pretty fast. They give you the tools. Wish me luck.


----------



## coates776 (Sep 4, 2015)

A quicker way to get your ip is open google. Type IP address and hit enter


----------



## A Watchman (Sep 14, 2015)

coates776 said:


> A quicker way to get your ip is open google. Type IP address and hit enter


I did not know that. Thanks coates776.


----------



## whoppo (Nov 9, 2012)

James m said:


> I'm going to be part of a hacker competition in a month or two. I'd better learn to hack pretty fast. They give you the tools. Wish me luck.


Good luck man! I've taken first place in two SANS "capture the flag" events and second place in another. It's generally 5 days/evenings of class then CTF on Saturday,,, lotsa fun!


----------



## James m (Mar 11, 2014)

Yes it's capture the flag, how's it work. What do I need to capture??


----------



## jim-henscheli (May 4, 2015)

Fascinating series of uh....comments folks. But I may have asked asked the question wrong, I was wondering, if it is possible to determine, from my posts on this forum, where I am geographially. I know my IP Address, I know where I am. Ha


----------



## whoppo (Nov 9, 2012)

James m said:


> Yes it's capture the flag, how's it work. What do I need to capture??


This is how it generally goes...
Throughout the week of class they'll introduce you to a number of ways to conceal information.. embedded in images, executable files, etc. as well as the tools used to hide and reveal same. Come game day, there will be a number of servers... four is a common number. Windows and Linux, some behind firewalls, some completely open. You'll need to compromise the servers, search for and collect pieces of information that are tucked away using the tools they've shown you. For all of the events in which I've taken part, the pieces of info are assembled to reveal a pass phrase. First one (or team) to bring that passphrase up to the instructor wins.

Win or not, you'll have fun and learn a lot at the same time. Just enjoy yourself bro!


----------



## whoppo (Nov 9, 2012)

jim-henscheli said:


> Fascinating serious of uh....comments folks. But I may have asked asked the question wrong, I was wondering, if it is possible to determine, from my posts on this forum, where I am geographically. I know my IP Address, I know where I am. Ha


Knowing your IP address, your ISP can be identified. The host.domain names for area routers are generally descriptive of their locations (city/state/etc.), so with a little investigation your general location can be deciphered. To get more specific would require access to your ISP's systems to associate your DHCP address with an account (assuming you have dynamic addressing).


----------



## James m (Mar 11, 2014)

OK guy. You know your IP? Open a dos box command line in windows. Type "tracert" space, then your IP address. It tells the internet company that the data requested hopped through, and it will eventually lead to your internet company provider in your area. It won't tell exactly.
Someone who had your IP could do the same thing to get the same results.


----------



## jim-henscheli (May 4, 2015)

I see, so the IP Adress is elusive, but once obtained it can be used to reveal more specific stuff?


----------



## James m (Mar 11, 2014)

If it is a cable modem that number is specific to you. Dial up changes but not by much. The big thing is there are programs that can change or mask your IP so it looks like you are somewhere else.


----------



## James m (Mar 11, 2014)

Uh, can you repeat the question?


----------



## James m (Mar 11, 2014)

I think I'm in Denmark right now.


----------



## James m (Mar 11, 2014)

Slovakia.


----------



## Smitty901 (Nov 16, 2012)

It can also be a dead end that leaves more questions.


----------



## Auntie (Oct 4, 2014)

Just checked again and I am now in Saint Marys, Georgia. The moon looks so pretty from here


----------



## Kauboy (May 12, 2014)

coates776 said:


> While where on hacking my nephew told me of his easiest hack last week. He was told to break into this un breakable server and get to the back end and retrieve certain information his pay check got bigger the quicker he got what they wanted but he had to give up in 3 days.
> 
> Anyway he watched what time the staff took lunch then on their return asked them to print of a document from his usb as his printer was broken which she did. When she entered the us bit loaded a key stroke loading program he had written for there operating system. He then left went next door read her key strokes logged into the system and then used his means to ask Sql queries to the database and completed his assignment in 30 min.


The weakest link in any security will ALWAYS be the human one.


----------



## Kauboy (May 12, 2014)

I think the OP's question isn't being understood well.

He wants to know if any of us, on our side of the internet, can find *HIS* IP address and then use it to find his physical location.

OP, the short answer is no.
Without access to the server that this site resides on, we cannot find your public IP address.
A site administrator can, because they have access to server's/site's logs.
As Will stated, if he were running his own server, he could track who accessed it.

That said, we ALL have visibility to the server's IP address with a simple PING command. (209.99.52.5)
Getting any deeper than that would begin to brush against legal boundaries, so I'll stop there.
*IF* someone could penetrate a server on which you've frequented, they could most certainly get your IP.
However, that does not grant them full information on where you are.
Unless you're leasing your own IP address from the appropriate governing body, you're likely running a dynamically assigned address provided by your Internet Service Provider(ISP). This is an addressed pulled from a pool of available addresses that the ISP has created based on one of their IP's they've leased from the previously mentioned governing body. They subnet their leased IPs into hundreds or thousands of "child" addresses, depending on the "parent" address they've leased, and how many static octets it contains. If your address is dynamic, then access to your ISP's logs would be required to determine what state/community/street/address it was assigned to when your modem requested it. Without this access, you're basically a ghost to the "normal" user.

The government has "voluntary" agreements with ISPs to ensure they can always find where you are.
Aside from that, you're pretty much safe from anyone finding your exact location.

Again though, see my previous post.
Tracking you digitally is much more time consuming and illegal than to just have you fill out an "entry form" for a "drawing" on some random merchant site.
"You *are* the weakest link. Goodbye."


----------



## Silverback (Jan 20, 2014)

https://www.iplocation.net/

If you are worried about some of your activities I would suggest Using Ghost VPN, it will allow you to connect using a geo IP of... anywhere... Russia, Germany, the US if you want. If you use this is conjunction with a chrome incognito window you should be fairly safe from being identified.


----------



## Silverback (Jan 20, 2014)

History dictates Iowa, then San Jose CA. Cisco related/job.


----------



## whoppo (Nov 9, 2012)

Kauboy said:


> I think the OP's question isn't being understood well.
> 
> He wants to know if any of us, on our side of the internet, can find *HIS* IP address and then use it to find his physical location.
> 
> ...


Well... this is mostly correct. I don't have access to the server hosting this forum, but here's the last two octets of the public IP addresses for everone that's viewed PAGE-3 of this thread in the past day (first two octets omitted for general privacy reasons, but I have those, as well as operating system, browser type and version, etc.)

.60.254
.9.81
.173.192
.136.113
.244.41
.151.6
.58.166
.173.3
.85.11
.135.232
.39.202
.135.232
.85.11
.142.6
.52.142
.72.214
.65.145
.213.219
.164.108
.46.63
.236.124
.75.142
.252.55
.252.90
.42.234
.228.2
.175.63
.35.218
.149.188

granted, some of these might be public proxy addresses, but most are not.
Also, I may have missed a few in going through my own logs... old eyes y'know.


----------



## Kauboy (May 12, 2014)

whoppo said:


> Well... this is mostly correct. I don't have access to the server hosting this forum, but here's the last two octets of the public IP addresses for everone that's viewed PAGE-3 of this thread in the past day (first two octets omitted for general privacy reasons, but I have those, as well as operating system, browser type and version, etc.)
> 
> .60.254
> .9.81
> ...


Ah, you sneaky devil. You host your own server and image files.
Decent scrub job on the license plates. Does that squirrel really live in your house?
If that was you with the cat, I seen yo face! The cat was not impressed.


----------



## whoppo (Nov 9, 2012)

Kauboy said:


> Ah, you sneaky devil. You host your own server and image files.
> Decent scrub job on the license plates. Does that squirrel really live in your house?
> If that was you with the cat, I seen yo face! The cat was not impressed.


Bingo!
Thanks (I missed a few though)
Sometimes.
Yes... 20 years ago... oh no! There goes my opsec! 
Cat always watched me playing video games from the shoulder 

ViaWest?
Did you crawl the site or actually give each pic a few seconds of view?.. some fast mousing there


----------



## Kauboy (May 12, 2014)

whoppo said:


> Bingo!
> Thanks (I missed a few though)
> Sometimes.
> Yes... 20 years ago... oh no! There goes my opsec!
> ...


My own gaming experience gives me a fast finger and even faster observation skills.
ViaWest is our company ISP. You'll never find me! :mrgreen:


----------



## whoppo (Nov 9, 2012)

Kauboy said:


> My own gaming experience gives me a fast finger and even faster observation skills.
> ViaWest is our company ISP. You'll never find me! :mrgreen:


Well I won't bother looking then 

Running our own servers brings all kinds of fun benefits... like fun with DNS, the most entertaining network service of them all 
Colo-2, where you were is one of 6 colocated boxes we own and as the name might imply, the second oldest of the flock.


----------



## tinkerhell (Oct 8, 2014)

Will2 said:


> Jim,
> 
> It is very easy to get "normal people's ip address"
> 
> ...


so any graphic not originating from the prepperforums domain could be fishing?


----------



## tinkerhell (Oct 8, 2014)

whoppo said:


> Well I won't bother looking then
> 
> Running our own servers brings all kinds of fun benefits... like fun with DNS, the most entertaining network service of them all
> Colo-2, where you were is one of 6 colocated boxes we own and as the name might imply, the second oldest of the flock.


Thank you. You ought to do a thread or two on how to reduce our internet footprint, and avoid some basic security threats.


----------



## sideKahr (Oct 15, 2014)

whoppo said:


> Well... this is mostly correct. I don't have access to the server hosting this forum, but here's the last two octets of the public IP addresses for everone that's viewed PAGE-3 of this thread in the past day (first two octets omitted for general privacy reasons, but I have those, as well as operating system, browser type and version, etc.)
> 
> .60.254
> .9.81
> ...


I read that page but my address isn't there and looks way different from any of those. Why?

:9ba3:c54e


----------



## tinkerhell (Oct 8, 2014)

that looks like a physical address(ie mac address) rather than an ip address


----------



## James m (Mar 11, 2014)

That's an ipv6. The old one with the numbers, they basically ran out of numbers. So they switched to hexadecimal to cope with the influx of New computers. Mine runs both the old ipv4 and the new ipv6.


----------



## James m (Mar 11, 2014)

Or are you looking at your MAC address? A MAC address is burned into your device from the factory, but it can still be spoofed.


----------



## sideKahr (Oct 15, 2014)

James m said:


> Or are you looking at your MAC address? A MAC address is burned into your device from the factory, but it can still be spoofed.


That's my "Public IP address" returned by google when I query IP address.

P.S. It's different from the last time I looked, so it's dynamic in some way.


----------



## James m (Mar 11, 2014)

Yes there's two types of addresses now because they ran out of numbers with the old one.


----------



## jim-henscheli (May 4, 2015)

Kauboy, you nailed it, much more clear than my original post. Someone asked if i was worried about my online activity, I am not, all of my questionable activities were lost in a tragic boating accident


----------



## Kauboy (May 12, 2014)

tinkerhell said:


> so any graphic not originating from the prepperforums domain could be fishing?


Correct.
That's what Whoppo meant when he said that he had all addresses that had read page 3 of this thread.
He embedded a 1 pixel picture from a server he hosts, and has log access to.
Again, this only grants him part of the picture. He can likely find what state and city you're in, but that's it.
To get any further, he would require access to your ISP's logs or perform a hack on your system.
Even a hack would be difficult, since we don't use direct modems anymore. Most of us use a router, which acts as your "public" internet point.
He could hit your router, try to crack it(not always that difficult), discover the internal IPs of the network, and then attack your computers directly.
It would be highly illegal, not all that easy with modern security installed, and still potentially fruitless in determining where you actually are.

While the diligent and malicious person could do that, the layperson simply can't.

FYI, Whoppo, that was me scanning your ports. How much do you charge for an email account? :mrgreen:


----------



## Slippy (Nov 14, 2013)

OK, querstion for you IT geniuses. There are some browsers or tools that say they will hide your IP address. One is called "hide your ass". 
https://www.hidemyass.com/
Do these work or are they just gimmicks to sell to unsuspecting folk?


----------



## whoppo (Nov 9, 2012)

Kauboy said:


> FYI, Whoppo, that was me scanning your ports. How much do you charge for an email account? :mrgreen:


Hehe.. you and 15,000 other people portscanning me every day


----------



## whoppo (Nov 9, 2012)

Slippy said:


> OK, querstion for you IT geniuses. There are some browsers or tools that say they will hide your IP address. One is called "hide your ass".
> https://www.hidemyass.com/
> Do these work or are they just gimmicks to sell to unsuspecting folk?


These are commonly called VPN's, but they're really just proxy servers. You access Internet resources through them, so the places you visit see their IP addresses rather than your IP address.
They have their uses, but I generally don't trust any systems I don't manage. One of the more popular systems of this type is called TOR. It routes your traffic through a number of systems to further obfuscate your identity... unfortunately what most TOR users fail to understand is that most of the entry/exit TOR gateways are run by the NSA... go figure.


----------



## tinkerhell (Oct 8, 2014)

Is there a browser security setting that will not download a graphical file from any domain other than the domain that i am visiting?


----------



## Kauboy (May 12, 2014)

None that I know of. It would limit your internet experience far more than you may realize.


----------



## Farva (Aug 26, 2015)

Side note, something to think about, possible mini rant......

The internet to me is like toilet paper, I throw it away and I don't care what happens to it. Any connection between me and the internet is throwaway. All of it including computers, phones, tablets, accounts and debit/credit cards.

Don't get me wrong, I take very moderate security precautions, but the only way you can be sure, is to just not put it out there, and if you do, it is disposable.

The only things that can be compromised are equipment I don't care about and a card that does drunken midnight Three Wolves Moon tshirt purchases.

The one thing that kind of alarms me, and I have to warn people I care about, about, Is posting images with the exif information in them. You want someone to know where you are, just post that baby picture you took with your phone.

As far as hacking and it is fun.........I work in the business. If I slim jimmed your car to see if I could do it is that Ok? Didn't think so. If I broke into your garage because I figured it wasn't part of the ADT stuff your paying for , just to prove I can do it, Is that cool? Probably not. If your job was going to be threatened by someone just testing you, no really, they're not a criminal, just "Testing". Is that cool?

Sorry about the Debbie Downer, I'll get of my high horse.
Farva


----------



## whoppo (Nov 9, 2012)

Your actions and activities on the Internet are never private. There's no possibility of absolute anonymity, regardless of the hoops through which one might jump. Once someone realizes this, perspective can be observed. 

I've made my living in network security for the past 20 years and seen a lot of changes in that time. Internet mischief used to be fun and mostly harmless, while today it's just nasty shit, often with very high stakes. HIPAA, PCI, FISMA and countless other regulatory compliance concerns have eliminated dull work days. Oh how I miss the days when OOB, Land, Teardrop and smurf attacks were the popular toys on the net...


----------



## tinkerhell (Oct 8, 2014)

A friend of mine runs a 'honey pot'. Its a virtual server with zero information in it, and the security on it 'shifts' periodically. It is design to entice a hacker, and waste their time. 

If he gets someone running an automated password attack, he sometimes makes the password easy to guess so the guy wastes some "at the keyboard" time.


----------



## Kauboy (May 12, 2014)

Big corporations will do that too. They'll set up a honey pot in the DMZ as bait to track a hacker's activity and try to locate them. It gives the attacker something to do to occupy them, thinking they've scored something, all the while being watched and tracked for later use in court.


----------

