ISP Addresses: what can it tell you?
Hello everyone,
I should preface this by saying I'm not a comp genius so please go slow with me . I post on a few online forums, but on more than one occasion someone will find out where I live by using my ISP Address I think? Is there any way to avoid this? What else can someone find out?
From my understanding, if I log on from a public server, they will only get the location of the public server. But what if in the past, I've logged on or even created my username from home. Can they somehow use those past loggings or the creation of my username from home to somehow trace it back to my home address, even if I didn't post from home? I just don't know how it all works.
Thanks!
I should preface this by saying I'm not a comp genius so please go slow with me . I post on a few online forums, but on more than one occasion someone will find out where I live by using my ISP Address I think? Is there any way to avoid this? What else can someone find out?
From my understanding, if I log on from a public server, they will only get the location of the public server. But what if in the past, I've logged on or even created my username from home. Can they somehow use those past loggings or the creation of my username from home to somehow trace it back to my home address, even if I didn't post from home? I just don't know how it all works.
Thanks!
0
This discussion has been closed.
Comments
Any computer on a network has an IP address. When you use high-speed internet, or even if you just use modem dial-up, you have an IP address. It is how the networking hardware at your Internet Service Provider (ISP) identifies you, and knows how to route data to you. If you have 2 or more computers networked at home or at work, it is the same idea, they each have a unique IP address, so that a file transfer from computer A to B does not get mixed up and go to C instead.
Now depending on your connection, you probably do not always have the same IP address. Most home users are connected using DHCP (Dynamic Host Configuration Protocol.) The ISP assigns you a random address from a pool of addresses based on what numbers have been assigned to them, and what numbers are available on their system. Businesses often pay for a Static IP address, one that never changes, so that they can host FTP servers, remote login capability, etc.
What can be done with your IP address? Well, that depends who has it. For instance, as a Moderator here on the forum, I can see what IP address you posted that post from. I can take that address and "ping" it, basically chck to see if that IP address is currently in use (it' was not at the moment I tried.) I can do a "trace route) which will tell me, at the very least, where in the world you are, and who your Internet Service Provider is. Or, if you are not using a commerical ISP, but some large business or institution like a government department or a university (which is what your IP resolved to... )
But to answer your question about having used more than one IP address, can a username be traced back to your home address...? YES. You have posted to Short-Media from 2 IP address, the other of which looks to be your home address, as it is a well-known commercial Internet Service Provider. That address was active when I pinged it. I can't get your street address from that information, but I can see who your service provider is, and if you do something illegal, we could contact your ISP and report the problem. For instance, if you posted an image of child pornography here, as soon as it was spotted, one of our Moderators would move it the thread out of public view. Then one of the site Administrators would cache the page, trace your IP like I just did, and contact your ISP. Your ISP would then check their logs, and see that the IP address in question was logged to your DSL or Cable modem for that time period. Then they would contact the police, who would show up at your door and seize your computer.
Now, having someone's IP address can lead to some bad things. A user can probe your TCP/IP ports for vulnerabilities, and attempt to exploit one and hack into your system. However, the average user cannot do this sort of thing. Even most "script kiddie" hackers rely on trojans that get on your computer via other sources (like downloads on Kazaa,) read your IP address, and then send that info back to the malicious individual. The trojan opens up a communications port if it can (firewalls ,ay prevent it) and then wait for the script kiddie to come in and take control of your system. Of course, if you have no firewall at all, and any open shared folders on your system, they can access those instantly. (That's how I convinced my brother who lives 1000 kilometres away from me that he needed a firewall, I told him to go look in a certain folder on his hard drive, and he found a note from me.....)
Could someone outside of your ISP find out your username on other sites, etc, just by having your IP address? No. But someone at your ISP could if they really wanted to. But you have to realize that they have thousands or millions of customers, making billions of internet connections per day. They would not do it just for fun... But if you do anything illegal over the internet, there is always a record. If some kid writes down their neighbour's credit card number and then orders stuff online using it, they can get caught. Bottom line: don't do anything stupidly illegal unless you know how to compromise other people's computers or remote servers and use their IP addresses to do your dirty work. Which is also illegal by the way....
Dexter...
Oops... I meant that, really. I was just a bit out of it at the moment
Thank you, immensely, for the rest of your post, which was very informative.
Wow, haha that's scary. I did post that from uni. Can you tell what uni it was? (you don't have to post that here )
Okay so if you can't get my home address, how have people known, in the past, where I'm from? Does it just give the city? If that's all, then no one can really find out exactly who I am right? (For instance, I posted from a friend's house once, and a user was able to trace it to her home.)
Also, does the same apply to emails? If I send an email even once from a particular address while at home, that's all someone needs to find out where I live (even if I mostly email from a public place)?
Lol thanks for the warning... I know all this may sound as if I'm a bit paranoid. I have nothing to hide, thankfully, so you can try to get as much info as you want lol, but I'm just asking all these questions because it's not fun having some internet users telling you exactly where you live. So seeing I'm pretty naive about these things, I thought a little bit of awareness was necessary.
Thanks again
2)Yes, there are email tracers which can trace where the email was sent from (providing the IP and city).
Yes. It starts with an M. That's easy to find out, anyone cando it, you can use a program to do traces, or just go to any of several websites to do it.
I suspect that the person had more info than juts an IP address. Perhaps they had an e-mail address which was publicly listed somewhere. You can google e-mail addresses, or use reverse lookup directories. Some people have their e-mail addresses listed on directories or websites with their names, and then it is just a matter of looking up the name in the phone directory, and taking a guess.
E-mails have IP addresses attached to them. Those can be masked or "spoofed", which is what spammers do, but if you send a threatening e-mail to someone without any masking, they can get the IP address and trace it back to the origin, ie, what e-mail address it was sent to. If the police request the ISP to turn over info on that IP address, then yes, they can get physical location address to match up to it. So, you'll want to send your hate mail via an anonymous web-based mail service from a public computer in a place that has no video cameras or sign in sheets which require ID
No problem. So long as you are reasonably careful about your identity, don't post your e-mail address publicly, and only post on reputable forums, you are reasonably safe.
Dexter...
Okay well... I just got off the phone with a friend of mine, and she said you can get the internet service provider AND the name of whoever the service is under. Apparently she speaks from experience (of others getting that info of her) from just the IP number. Anyone know about this?
Which is why the RIAA is pissed
but anyway back on topic; any site you visit pretty much logs your IP, like, they have to to send you info, no offense dexter but I think your post was a little more intimidating than it needed to be. Yes, if you do something illegal it can be traced back to you (if you're dumb enough to do it from your own ISP account), but nobody is going to get your IP address and then get your address to come to your house.
like my local IP resolves to like 109809830.ne.mediaone.net or something like that (or it used to), its some bigass number then like my general area (new england, good luck with that one) and my service provider (is now comcast, bunch of the addresses havent changed). But, Dexter is right in that if you do something illegal and somebody has undeniable proof that you did it on their server, the police could have just cause to subpoena the ISP for the Name/Account connected to a particular ISP. But, they're not gonna do that for Joe Shmoe who wants revenge for you TKing him in Unreal Tourney.
haha, cool deal man, where abouts do you live in the area?
that number I had just made up, but I didnt know they had switched the names over now, good to know!
Also good to know that S-M staff are randomly tracerting members IP addresses for geographical regions for unknown reasons.
LOL. Only in this thread because that was the topic. But we do traces on disruptive or offensive posts that we end up dumping, to see if they match up to areas / providers of people who have caused this site problems in the past.
Dexter...
actually I just checked this out and you're wrong, it resolves to
************.ne.client2.attbi.com
Is there any truth to this?
I learned about this a while back on some other forum about ebay. It seems that if ebay saw you doing suspicious activity with your account, or for whatever the reason, they would suspend the account. They then looked at there logs to see if your ip address showed up logging in on any other accounts and if so, suspend them too. The problem with that is if you had a dynamic ip address they may not find everywhere you go in there site. Also, your last ip address could end up being used by another once you released it and slim odds but it's happened, that person may be an ebay member and get their account suspended for nothing. So they started using the MAC addresses for a more accurate identifier. Now rather they developed this or not, I don't know. I do know they sure have the money too.
I heard of people using several computers or several different nic cards to get around this and pull scams on ebay. Some of the more famous ones are the beanie baby scam, baseball card scam or the laptop scam. Simply sell as many of these expensive items as you can, under as many different names as you can until they close you down and then run. Many of these morons didn't run though and got caught. They thought they fooled the system but forgot that ebay still had there ip addresses and law enforcement could trace them, even through proxies.
Anyway, I thought it was interesting.
edit- Interesting, that eBay would do that. However, I find the MAC story unlikely as the IP address is actually a much better tool for identifying someone, both because it helps you actually find them and because it's a little harder to mess with. A MAC address is easily changed, even easier than renewing the IP from your ISP... (in fact it sometimes helps to change your MAC to get a new IP!) Basically you have to be handed a new IP address by the ISP, but you can make a new MAC anytime you choose without touching the network.
There's no way any website uses your MAC address to ban you from their site, the best they can do is use an IP address as an identifier, and as EMT says, its a pretty good one.
MAC Addresses are stripped off and re-encoded on every packet at a router, so, the source mac you'd be receiving at the web server end would be that of the closest router to communicate with that server, the MAC of your nic card is gone after a packet even hits your cable modem (or home router) because it's already been stripped down and re-encoded with that devices unique MAC, so, your source MAC changes at every hop, your IP does not (however...it may change once if it is behind a NAT firewall obviously)
well...I mean you can say never say never, but, it's not technically feasible/possible that someone would be able to 'ban' you with a MAC address on a webserver....unless for some reason that webserver is locally connected to your machine.
and I assume you say you're not an expert enough to know for sure as if you're doubting my answer, I don't claim to be an expert but I just took an entire semester of Network Protocols and all we did was learning to read hex traces and do packet identification and transfer....so I guess that does make me expert enough to know for sure.
So I certainly agree with Cam. The information just isn't available to eBay or any site on the Internet. Nothing's impossible - maybe eBay does an exploit on your browser and installs a bit of spyware to report your MAC - but that's something of a long shot and certainly not worth it to eBay, legally or monetarily.
That makes absolute sense to me. There are tons of ebay client programs that users voluntarily install. So ebay really wouldn't need to employ any spyware tactics even though they still may? It could be that I misread the information. Like I said, I saw it in another form, that's all, didn't say it was 100% accurate:) I also agree that an IP address is better to trace someone (to there home) then a MAC address but if your looking to (block someone from your site) I would say to have their MAC address would be better. Why; Because most users would not have several different MAC cards to keep changing them nor have the knowledge to spoof. On the other hand, an IP address can change every time you reboot or recycle your modem or router thus showing ebay a new and different IP address every time.
Camman.
I was not doubting your answer, I'm just leaving the unknown open to ponder. Every fact is a fact until it is proven otherwise. With technology the facts change everyday with advancements. 200 years ago the Internet was physically impossible, that was a fact. Today it's not, so that fact changed.
Ebay generates tens of millions of dollars or more per day with millions of people at risk on there system. If there is a way to read a MAC address through http I do not doubt that they have the resources to do it as well as a strong desire. So do I think it's possible with the information I have at hand today, no, so you are correct. Do I think it's possible, absolutely.
Keep in mind the saying about technology today is 10-20 years more advanced then we know of. I mean do you think they are going to let terrorists know any sooner then we have to that we can follow there MAC address all over the Internet?
I use ebay all the time and I've never installed any "client program", there's no need for it because ebay is completely web based, why would I run some software from them? I know they have some bar you can install that's supposed to prevent you from being directed to sites that look like ebay to rip you off and stuff, but, do you honestly think that somebody conducting shady business at their site is going to be installing all their software??
So, yes, it MAY be possible if ebay finds a way to steal your MAC using malicious code, and it would be all over the news in a matter of hours with the amount of people who use their site. But, that's the same as saying, well it's possible that ebay has a client program that searches your hard drive to find your name and documents and ban you that way. It would be an invasion of privacy, and a stupid way to block you at that.
(and coincidentally; it would not be 'better' to block someone's MAC rather than their IP because most high-speed internet system's don't "recycle" the IP addresses, their DHCP system is set up to bind your IP address to the MAC of your modem, so, you can turn it off and restart it 1000 times and you're still going to get the same IP address, it's generally not the same DHCP system as say a dial-up where they have a pool of IPs and you will randomly be assigned one of many thousands every time you dial up)