.:[STICKY]:. IP addresses FAQ

Tutorials and guides for Plazma Burst and community features.

.:[STICKY]:. IP addresses FAQ

Postby ZapruderFilm » 26 September 2016, 19:07

Many people have spoken about IP addresses, and I've seen some level of hysteria regarding '___ has my IP?! WHAT DO?!' So I decided to create a quick guide on them, so people can have a little bit of awareness, although I am sure most of the forum browsers know the gist of it.

Alright, we'll start simple.

What is an IP address?

IP address, standing for internet protocol, is a group of 4 numbers separated by periods. Here is google's IP address: 8.8.8.8

What is the purpose of an IP address? How does it all work?

Get comfortable, for someone who isn't technologically savvy, this might be hard to understand. Every device on a network is assigned an IP address. When devices exchange data, IP addresses are used to tell devices where to send the data they are exchanging, and to listen for further requests.

Here's a quick analogy you can probably get the idea of.

When you send a letter in the mail, you put your address on there. From there, the letter goes to the post office, where it gets sorted, and then gets sent to the address you put on there. Then, you get a letter back, the return address is the same address you sent the letter from, so you know it's a reply.

Replace the letter with data packets, and mailing addresses with IP addresses, and the post office with your
Internet Service Provider (ISP) and Domain Name System Server (DNS) and you have a very basic understanding of how the internet exchanges data.

XXXX Hacker has my IP address, what can be done with it?

IP addresses can be used for many things. The two things you most likely have to worry about a hacker doing, are using Geo Location to get your general vicinity (Usually within 40 miles of your location), or send a Denial of Service attack.

How do people acquire my IP? How much do I have to worry about people having it?

Every website you visit, every thing you do on the internet, relies on IP addresses. PB2 recieves your IP address every time you visit the website, every time you join a game, every time you load data. This means, a ton of people probably have your IP address, saved in databases and other things. But do not worry, most people have no malicious intent, and most people couldn't care less what your IP address is.

Inherently, everytime you load data from anywhere, that place acquires your IP address.

This only becomes an issue once someone who has malicious intent gets it. Usually these people get IP addresses from their targets through IP tracking links-That is, websites built to generate familiar looking (But not the exact same) links, and when the victim clicks it, their IP address gets emailed to the person who generated the link.


How can I protect myself from these people, or more specifically, their trackers?

There are many many ways to do this. I will be adding more in the future, but for now, I will just speak about having awareness of the possibility of IP trackers. If you don't load any data from someone, or their IP tracker, you can't give them your IP address.

Whenever someone sends you a link, you should observe it closely. There are several things to look out for.

First things first, if you see a link, hover your mouse on it. In google chrome, in the bottom lefthand corner, you should see a white(ish) bar appear, telling you where the link goes to. This can sometimes be different than the actual text the link says. See the example in the spoiler.
Spoiler: Show More


Moving on, people will often generate trackers that look very similar to trusted URL's, but not quite the same. For example,
Code: Select all
http://printscr.gq/921KW2.jpg
<-- Is actually an IP tracker. It tracks your IP address, and immediately sends you to
Code: Select all
http://prnt.sc/cmmrfd
<-- This link, a legitimate lightshot link.

So be wary of similar looking URL's that are not actually the links of trusted websites, such as http://prnt.sc

Another thing to look out for are shortened links. Surely you've seen these, there is some annoying kid on here who always seems to shorten his links.

Shortened links are just links that as soon as you click them, they redirect you to a different website.
Some common examples are
Code: Select all
http://tinyurl.com/
http://goog.l
http://bit.ly
http://adf.ly/


If you see a link from any of these websites, if you click it, you don't know where you're actually being sent- But don't worry! There is a way to see where it goes without clicking the link.
The service I recommend is http://www.wheregoes.com/redirect_tracker.php
Just go here, insert the shortened link, and this website will visit and tell you where it goes. From there, you should be able to determine if the link is malicious or not.

Other than links, any server or website you access that is owned by a person, they get your IP address. This includes minecraft servers, teamspeak servers, and other types of game servers where a person can purchase a server and run that software on it.


This is all for now, my next post will expand on how IP addresses work, covering public and private IP addresses, and other ways to protect your IP without freaking out over every little link, and potentially changing your IP, should it be acquired by someone with malicious intent.

Part 2:

After getting a bit of attention regarding this, we're gonna start expanding on the topic a bit, layer some new knowledge about this. This edit was made 10/8/2016. If something I said overlaps what I previously said, assume both things are true, and I said something was a certain way for simplicity, when the idea is a bit more complex, and I'm getting more into it on this post, rather than just not mentioning it. Alright, well, first I am gonna explain some ideas, not really relevant to security, but nice knowledge to have regardless :)

I've heard something about this term, IPv4, IPv6? What?

Well, good observation. For a very long time the traditional format for IP addresses was the standard protocol we talked about earlier. That is, 8.8.8.8 Or, 4 numbers separated by periods. Of course, these 4 numbers have a limit as to how high they can be, they don't go into 300's. This means, the internet is running out of IP addresses for new devices being added. With this problem nearing, internet developers had an issue-What happens when we run out of new combination for IP addresses? This is where IPv6 emerged. It works the same way for our understanding, they just look differently. Now, many people use both, and you can actually see your IPv6 address by typing ipconfig in CMD on windows. http://prntscr.com/cre7mt An IPv6 has 8 hexadecimal digits separated by colons. We could explain what hexadecimal is, but it isn't relevant. Moving on.

So, every device on a network receives an IP address. So, should I switch computers, I would get a new IP address if I was being attacked with a Denial of Service attack? (More on these attacks later.)

No. Not necessarily. There is a concept needing to be explained here. While every device on a network receives an IP address, there is a difference between any old network, and the internet. Sit tight, this concept is hard to grasp.

Alright, so you move houses, get a new wifi (network). You add all your computers to that wifi (network) and then you pay the internet people to come give you internet access. Then you and all your computers get connected to the internet, and you start surfing the web.

Let's say you forget to pay your bill. When you don't pay, all that happens is you lose internet access. The wifi can still be connected to, and you can still print things off printers connected to your wifi.


Why?

Because your local network and the internet are separate things. Every device on your local network is assigned a LOCAL IP address, then your modem connects to the internet with a PUBLIC IP address, and sends and receives information from/to your local network. That means that the IP address people receive when you surf the web, is the public IP address (Modems also get local IP addresses) of your modem, not the IP address of your computer.

Ever heard of LAN? Local Area Network. When you play on LAN, people on the internet can't join. That is because local and public are different.

I found a pretty nice image here to explain it too.

Spoiler: Show More


Alright, so people get my modems public IP address, what does it matter?

It means, that if someone malicious gets your IP address, you need to change the IP address of your modem, not your computer or some other device. It also means your IP address won't change unless you change it's IP manually, or, switch networks completely, to one that is bridged to the internet with a different modem.

DDoS, DoX, Geolocation? What are these?

This thread is to talk about IP addresses, and those are attacks of sorts. They'll get their own thread later, and I will edit in links. We can talk about Geolocation and briefly mention DoX, because they are relevant.

Geolocation is the use of various databases to figure out the general vicinity or area a public IP address is at. Here's how it works. Geolocation websites are going around requesting access to information from weather websites, ISP (Internet Service Providers), and other location oriented services. They ask for what IP addresses are hosted in what parts of areas, and then, they ask weather websites which IP addresses request weather information for certain areas. They use this information to calculate the general area an IP address is located from.

Is there a way to avoid Geolocation happening?

No, not without avoiding giving anyone your IP address. Don't even bother trying, we will talk about possible solutions to this if it creeps you out later.

You mentioned DoX?

If your IP address is recorded in a database leak, people can get your account information by searching your IP address in a leaked database. Please read my database thread here. viewtopic.php?f=126&t=18193


Alright, I think this is enough information to say I've added a bit to the thread. Hopefully sooner or later here I will get the chance to talking about other ways to hide your IP, and changing your IP address if necessary. Thank you for reading.
Last edited by ZapruderFilm on 8 October 2016, 19:07, edited 1 time in total.

ZapruderFilm
Android T-01187 [200]
 
Posts: 238
Joined: 26 August 2016, 21:00
Location: USA

Re: IP addresses FAQ

Postby Terror Only » 26 September 2016, 19:43

thanks for useful information. first time i see a FAQ topic on this forum that is actually worth reading
User avatar
Terror Only
Falkok [250]
 
Posts: 259
Joined: 12 February 2016, 11:45
Location: pizza sauce

Re: IP addresses FAQ

Postby ZapruderFilm » 26 September 2016, 19:45

Terror Only wrote:thanks for useful information. first time i see a FAQ topic on this forum that is actually worth reading

Lots more coming soon, and other guides about other useful things.

ZapruderFilm
Android T-01187 [200]
 
Posts: 238
Joined: 26 August 2016, 21:00
Location: USA

Re: IP addresses FAQ

Postby Silent Aurora » 26 September 2016, 20:11

ZapruderFilm wrote:Reserving this post for future thread updates.


Just update the OP and make a new post stating you have made an update instead of making posts such as what you did now since its considered double/triple posting. Which is against the rules.

Posts have been removed.

supertramp wrote:Pls don't teach these things to Kris
I prevent him from doing stupid things


When replying to a post, make sure it meets the required standard, please refer back to dooms topic about post quality.

viewtopic.php?f=150&t=17609
User avatar
Silent Aurora
Heavy Marine [900]
 
Posts: 937
Joined: 11 December 2013, 18:09
Location: Hika and sks <3

Re: IP addresses FAQ

Postby wreak » 27 September 2016, 03:35

Terror Only wrote:First time i see a FAQ topic on this forum that is actually worth reading

holy shet i am offended now. u better take back what you said or else i am going to have to put the swords on you.

Interesting tutorial, its pretty cool to see information outside of pb2 or just really useful information that keeps you in pb2.
User avatar
wreak
Civil Security Boss [500]
 
Posts: 577
Joined: 23 January 2015, 02:01

Re: IP addresses FAQ

Postby Protonoid » 27 September 2016, 04:26

The post is worth being sticky,

I would also recommend using an anti-phishing software that usually comes with your Antivirus. If it disables some websites, do not try to visit the website by turning it off.
Spoiler: Show More
Having a AV/Anti-Phishing software does not guarantee that you're 100% safe.


Also resist the geolocation services to trusted applications only, Use manual location services instead of that.
User avatar
Protonoid
Civil Security Heavy [300]
 
Posts: 344
Joined: 6 October 2015, 08:51

Re: IP addresses FAQ

Postby MI6 AGENT 007 » 4 October 2016, 11:22

This should really work out especially from those hackers.
User avatar
MI6 AGENT 007
Civil Security Heavy [300]
 
Posts: 339
Joined: 3 June 2016, 00:35
Location: USA

Re: IP addresses FAQ

Postby Eazy_E » 8 October 2016, 07:00

This is actually a good one ese...

-----------
-----------
User avatar
Eazy_E
Recruit
 
Posts: 22
Joined: 11 May 2016, 14:55

Re: IP addresses FAQ

Postby Tempus » 8 October 2016, 17:00

Its nice to see well written guides.
User avatar
Tempus
Advisor
 
Posts: 321
Joined: 15 July 2013, 02:45
Location: United States

Re: IP addresses FAQ

Postby ZapruderFilm » 8 October 2016, 19:06

After getting a bit of attention regarding this, we're gonna start expanding on the topic a bit, layer some new knowledge about this. This edit was made 10/8/2016. If something I said overlaps what I previously said, assume both things are true, and I said something was a certain way for simplicity, when the idea is a bit more complex, and I'm getting more into it on this post, rather than just not mentioning it. Alright, well, first I am gonna explain some ideas, not really relevant to security, but nice knowledge to have regardless :)

I've heard something about this term, IPv4, IPv6? What?

Well, good observation. For a very long time the traditional format for IP addresses was the standard protocol we talked about earlier. That is, 8.8.8.8 Or, 4 numbers separated by periods. Of course, these 4 numbers have a limit as to how high they can be, they don't go into 300's. This means, the internet is running out of IP addresses for new devices being added. With this problem nearing, internet developers had an issue-What happens when we run out of new combination for IP addresses? This is where IPv6 emerged. It works the same way for our understanding, they just look differently. Now, many people use both, and you can actually see your IPv6 address by typing ipconfig in CMD on windows. http://prntscr.com/cre7mt An IPv6 has 8 hexadecimal digits separated by colons. We could explain what hexadecimal is, but it isn't relevant. Moving on.

So, every device on a network receives an IP address. So, should I switch computers, I would get a new IP address if I was being attacked with a Denial of Service attack? (More on these attacks later.)

No. Not necessarily. There is a concept needing to be explained here. While every device on a network receives an IP address, there is a difference between any old network, and the internet. Sit tight, this concept is hard to grasp.

Alright, so you move houses, get a new wifi (network). You add all your computers to that wifi (network) and then you pay the internet people to come give you internet access. Then you and all your computers get connected to the internet, and you start surfing the web.

Let's say you forget to pay your bill. When you don't pay, all that happens is you lose internet access. The wifi can still be connected to, and you can still print things off printers connected to your wifi.


Why?

Because your local network and the internet are separate things. Every device on your local network is assigned a LOCAL IP address, then your modem connects to the internet with a PUBLIC IP address, and sends and receives information from/to your local network. That means that the IP address people receive when you surf the web, is the public IP address (Modems also get local IP addresses) of your modem, not the IP address of your computer.

Ever heard of LAN? Local Area Network. When you play on LAN, people on the internet can't join. That is because local and public are different.

I found a pretty nice image here to explain it too.

Spoiler: Show More


Alright, so people get my modems public IP address, what does it matter?

It means, that if someone malicious gets your IP address, you need to change the IP address of your modem, not your computer or some other device. It also means your IP address won't change unless you change it's IP manually, or, switch networks completely, to one that is bridged to the internet with a different modem.

DDoS, DoX, Geolocation? What are these?

This thread is to talk about IP addresses, and those are attacks of sorts. They'll get their own thread later, and I will edit in links. We can talk about Geolocation and briefly mention DoX, because they are relevant.

Geolocation is the use of various databases to figure out the general vicinity or area a public IP address is at. Here's how it works. Geolocation websites are going around requesting access to information from weather websites, ISP (Internet Service Providers), and other location oriented services. They ask for what IP addresses are hosted in what parts of areas, and then, they ask weather websites which IP addresses request weather information for certain areas. They use this information to calculate the general area an IP address is located from.

Is there a way to avoid Geolocation happening?

No, not without avoiding giving anyone your IP address. Don't even bother trying, we will talk about possible solutions to this if it creeps you out later.

You mentioned DoX?

If your IP address is recorded in a database leak, people can get your account information by searching your IP address in a leaked database. Please read my database thread here. viewtopic.php?f=126&t=18193


Alright, I think this is enough information to say I've added a bit to the thread. Hopefully sooner or later here I will get the chance to talking about other ways to hide your IP, and changing your IP address if necessary. Thank you for reading.

ZapruderFilm
Android T-01187 [200]
 
Posts: 238
Joined: 26 August 2016, 21:00
Location: USA


Return to Tutorials

Who is online

Users browsing this forum: No registered users



cron