If you knew my IP address, what could it tell you about me?
Depends. If your IP address is dynamic, not much. If it is static, I could tell the name of the computer you’re logged in with and the name if your ISP. On UNIX, the command to do that is nslookup.
Now if you have an unsecure telnet or FTP server running on your computer with no firewall or anything to keep me out, I could snoop your computer and look at any documents on your hard drive. Ditto if you haven’t kept up with your windows updates.
Note: I am not a hacker (IANAH).
b
Lesee…
What your ISP is (I could tell whether it’s dynamic or not) … your likely geographical location to within a city probably…
Yf you were online at some point, lets scan your PC:
Given the behaviour at the returns of pings, various types of traffic etc we can then guess your OS (assuming you’re not using a router, at which we could probably get the brand)…
any services you’re running (I’m running a web server, SSH and a few other things) on my cable connection. If you’re running a file sharing service, that would show up there.
That’s all I can think of off the top of my head, but those are the biggest ones.
I’m using a firewall and a cable modem. How do I know if my IP address is dynamic or static?
How would I keep hackers from even seeing my IP address?
You cannot keep websites you look at from finding out your IP address without using a proxy or anonymizer. If you run an email program on your computer people you email can probably see your IP address. Some ISPs may filter that stuff out of the sending headers but mine does not.
Just out of curiosity… do you mean an telnet or FTP service with no password required for access?? Or are there simple ways of getting past the usual password protections on that kind of program?
Yes, and yes. Of course if you run an FTP or telnet server with no passwords you’re inviting trouble. But the password encryption on Windows 95 and 98 (don’t know about the others) is pretty simple and can be cracked in a few hours.
b
Hmmm… didn’t know that windows 95 or 98 came with an FTP server… or telnet 
So what password encryption ARE you talking about??
They don’t. But I think that if you install them, they can use Windows password services.
Hacking and Windows security aren’t my areas of expertise. I have this second hand from someone who knows a bit more about it. I may have gotten some details wrong.
About the only thing a bare IP address could tell you is the country of origin and possibly the internet provider. Doing a name lookup could tell you the internet provider, type of internet service, and possibly the location as specific as the north, south, east, or west side of a city.
Use your IP address at DNSStuff to see what can be done.
Neat. Thanks.
I was kinda wondering about this too.
A couple of days ago I was waiting for a bus and I saw this big-ass billboard for “ICICI Bank”. Hmm. A branch just up the road, eh? Okay…
So tonight I connect to User Friendly online comic for the first time and …there’s an ad for ICICI Bank! I look closely at it and it has all the appropriate fine pront for my jurisdiction (no “member FDIC” for instance, because I am not in the US).
So I was wondering, how the heck did that ad know that I was in the same area? But reading this thread has enlightened/reminded me of all the things one can do at a network console…
The location isn’t always all that accurate. Depending on how your ISP’s servers are set up, they may only be able to locate you to a fairly large area covered by your ISP. I tried my own IP address, for example, and it came up with a location that was a good hour or two drive from where I actually live. I didn’t check it, but I suspect the location they came up with was the location of my ISP’s sever.
Check with your ISP. They very rarely allow static IP addresses on a fast network, because it makes it easy for you to set up a dedicated server. Servers accessed by people all over the internet get a LOT more traffic than a typical user’s PC, so ISPs typically forbid servers and static IP addresses in their service contract. Some ISPs will allow a static IP, but they charge you a lot more for it. My ISP won’t even sell you a static IP. A friend of mine happens to have a static IP from his ISP, but it seems to be a rare thing these days.
The geographic lookup at dnsstuff is wildly wrong for me. It pegs me as somewhere in Virginia, when my ISP is actually about an hour north of San Francisco.
Their whois is right on, though.
WRT static IPs on fast networks, my ISP has no problems with that. I’ve got static IP on a 6 MB DSL line. I’m going to change to dynamic though as it’ll save me $10 a month and dynaic IPs are essentially static at this ISP as they currently assign one to a user and leave it alone. I’m told they might change to renewing IPs monthly.
What else can your IP reveal? On its own, just the number itself, not a heck of a lot other than who your ISP is. Start whacking at it with various tools and protocols to figure out what sort of hardware is attached to it, what the operating system is (Windows, Linux, Unix and if a webserver, if it’s running IIS or Apache, etc.) and what its owner’s stance on security is. eg: are the common ports all hanging out there, wide open, or is everything blocked except for ssh? Or, is it as tight as mine, where it won’t even respond to a ping unless you’re on the same subnet?
It depends. On older IP networks, such as at many universities and government agencies, I might be able to narrow your location down to a particular building or department, depending on how they allocated their IP addresses and configured their routers.
The thing you have to reallize about the IP address thing is that there is no inherent correlation, no matter how rough, between IP address and location. There are tendencies, and that’s what those location lookup things are relying on.
The first tendency is for you to use an ISP that is physically close to you. You get your IP address from your ISP, so you tend to end up with an IP address that’s allocated to be used in your area. However, there’s no technical limitation stopping me from setting up an ISP in my house that provides IP addresses to people all over the world. Those IP addresses would be whatever addresses my upstream ISP provided me.
The other tendency is for your ISP to use addresses that are blocked off for certain geographical areas. If you use Comcast and you’re in WA, Comcast probably has a block of addresses that they allocate to WA folks (and they’re certainly even more precisely allocated than that), but there’s no reason they must do this. It’s more of a convention for the sake of them being able to keep track of the topology of their own networks.
Further, through use of VPN’s, you can effectively move yourself to a network that’s on the other side of the world from yourself. You connect to a VPN, and suddenly you have a new IP address that’s allocated from the net you’re connecting to. I could travel to Australia tomorrow and, through the magic of VPN, connect to the Straight Dope Message Board with the exact same IP address I’m using right now (and I’m quite far from Australia).
The only real thing an IP address tells you is, ultimately, who is giving you network access. That IP address is owned by the ISP who gave it to you, and it was given to them by someone else, and it was given to them by yet another entity, and ultimately, it was given to the first person by some authority that allocates addresses at a very high level. Someone can follow that chain down, and, assuming cooperation from each entity along the way (including your ISP, who might only cooperate if it’s the cops making the request), they can likely figure out who and/or where you are.
So when people say your location can be “roughly” be determined by your IP address, the “roughly” isn’t so much an indication of how accurate the pinpointing is (e.g. within X miles), it’s more indicative of the fact that sometimes your IP address has some relation to where you are.
But for what it’s worth, if you’re a customer of the ntucker ISP (e.g. you live at my house), I can pinpoint you to a specific room based on your IP address. 
Unless you’re wireless. Damn.
BrowserSpy shows a boatload of stuff “they” know about you, or at least your browser.
Your IP address shows that you are a kind and helpful person who is generous to others. You will soon meet a tall dark stranger.
My wife is NOT going to like that.