I was doing some app additions to my really old PC and I found through means that an errant Apple product has been back door accessing / hacking my system.
I don’t HAVE any Apple products in this house.
The report generated by means lists the product, the source IP and the destination IP and the time.
The source IP seems like a BS router number… but could the destination IP be tracked?
Is there a web site where I can enter the destination IP that will tell me which one of my neighbors this Mother- cough I mean… which neighbor deserves a Mellow-Greetings Social Call???
Also, could I just list the IP addresses here and say “Game On: Open Season”?
Inquiring Minds
wow, just Look at him trying to get back in! Lots of slightly different source & destination IPs now. Look at that desperate mother-effer go…
Can you be more concrete here? What do you mean “accessing / hacking my system”?
Also…I’m unclear on your terminology. I would have thought that “source IP” refers to the origin of the packet and “destination IP” refers to the IP that the packet was directed to. But you seem to be using the terms differently.
That’s a violation of the SDMB rules, I would think. Also, they could just be connected through someone else’s hacked wifi or hijacked computer, so there’s no guarantee you’ve actually traced the attack to its real origin.
I investigate computer compromises for a living. I’d be happy to help, but I can’t really parse the OP. How do you know the suspect device is an Apple product? Where are you seeing the IP addresses? You say you want to track either the source or destination, but if you’re being compromised, one side of the communication kind of has to be your IP. How do you know one of your neighbors is involved?
I’m not trying to be a dick, but if you want help, try again being less oblique.
But, in general, if you have just an IP address, you’re going to have a tough time following it back to an actual person. If you’re law enforcement, you can go to the ISP and get logs and such that might lead you to the actual person. If you’re a random schmo, probably not.
Additionally, if what you are trying to say is that someone connected to your Wifi without authorization through whatever means, that IP address you have will be one of your addresses, assigned by your router.
Fuck-head neighbor has been hacking my PC.
I now have an App which identifies their Stinking Ass IP.
Has to be a neighbor, as my router only transmits 50-60 feet.
I was looking for a site that lets me ID and… Appropriately THANK… that neighbor…
…for being a Fuck-Tard and Hacking my PC.
He was Completey Through my wireless point; he was well into my PC, and For Some Time.
I’ve blocked all the portals, except one or two (and I’ll change those soon).
I would SO love to post a Nice Screen Shot of the software log and all the offending IP info… but I love posting here way to much and the Mods have already said “No”.
Well, the router only transmits about 50-60 feet. Assuming that I’m “Monkey in The Middle” that leaves maybe 8-10 possible houses. (I say 10 and not 8 because Two have weird CB-type Antennas attached to the shingles on their roofs, boosting their pick-up capability.
Other than that, no one except drive-byes could access the transmissions from my router.
True, but if I say what I’m using here, and they are now reading here, whats to keep them from trying to code a work-around past that program?
Its popping to
CityCupertino (20% confidence)
Metrocode807 (California, San Francisco-Oakland-San Jose CA)
SubdivisionCalifornia (CA) (60% confidence)
CountryUnited States (US) (99% confidence)
Postalcode95014 (10% confidence)
ContinentNorth America (NA)
Time zoneAmerica/Los_Angeles
…I’m pretty sure that you ALL know that I don’t live w/i 3000 miles of there…
I see no evidence here. Just a lot of unsupported assertions.
For instance, “your neighbor’s IP address.” Really? Somehow, you seem to have conflated the idea of wifi range and the proximity of your “attacker.” You do understand that the Internet Protocol means that your erstwhile hacker could just as easily be on the far side of the globe and still “touch you”, right?
To put it as delicately and politely as possible, are you on any prescribed medications? Because on at least twoprevious occasions, you’ve made posts that sound, frankly, like someone who is off his meds, and this one does as well.
OK, well if someone is accessing your WiFi network, you can lock down your wireless access point/router so that only the MAC addresses of your devices can connect to it.
What exactly is the evidence that someone accessed/hacked your computer? Based on what you’ve written so far, I think it would be useful to help understand what is actually going on.
I installed an app on an old computer. Some application noted traffic that appears to be from an Apple device. The app generated a report which has the source IP of the Apple device, the destination of the traffic and the time.
Can I track this?
============
First, how are you seeing the traffic? If you have Wireshark or a similar program setup to connect to your router that is one thing. If you have ‘Extremely Important Security WARNING!!?!??!! YOU’VE BEEN HACKED!!?!’ message from whichever software you installed, that is something totally different.
Next, devices and applications will broadcast on the network. For example, I believe that Itunes broadcasts. What that means is the Itunes app will send a message to every other device on the local network. Any device that is configured to listen for the broadcast will respond, like any other PC with ITunes installed. That may or may not be a sign of a problem.
Additionally, what is the IP of the device you are seeing? Your home network (most likely) will be doing some form of Network Address Translastion (nat). What that means is that your router will get an IP address. That IP address will be a public address. All traffic going out will use Network Address Translastion, most likely pat (Port Address Translation) because the IP of your computer will be in the private network range (most likely 192.168.x.x)
What that means is this. Your router will have an address like 123.123.123.123. Your PC will have an address like 192.168.1.20. When your PC goes out to the internet, the request to the outside world from the IP address 123.123.123.123. The router keeps a table that sez device 192.168.1.20 sent a request on port 80 going to www.straightdope.com. So the straightdope.com sees a request come in on port 80 from 123.123.123.123 and sends the information back to 123.123.123.123. Then the router at 123.123.123.123 sez, I got data back on port 80 from 123.123.123.123. Looking at my table, that request actually came from 192.168.1.20, so I will send the data to 192.168.1.20. A bit more complicated than that, but that is the basics. The big thing is that your PC, 192.168.x.x, cannot directly talk to anything that is not on the same 192.168.x.x network. To talk to devices on other networks there will be routing and/or NAT. (I would be extrememly surprised if you have a one to one nat)
The reason that matters is that on your local network your ought to only see things in the 192.168.x.x range that your PC is on. So to dig deeper we need the IP of your local machine and the machine that is ‘hacking’ you. To get your IP, hold down the Windows key and press R. In the run box type in cmd and click ok. In the dos window that appears type in ipconfig /all and post the info.
