Jump to content
Science Forums

Computer Questions

OpenMind5
 Share

Recommended Posts

  • Replies 42
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

alexander
alexander

Whatever C1ay said, i think he put it very well, remind me to add to your rep if you dont see it within a few days please there C1ay :)   and OP5, lets first establish a few terms and their meanings:

Queso Newbie

Queso

Posted
Posted

There are programs that can extract IP adresses from certain people and websites. the only thing i've ever used an IP address for is hacking, it's your computers personal address. Everytime you sign on and off with 56k, your IP changes. when you have broadband, it's constant, unless you have a service that changes it every once and a while for you.

Link to comment
Share on other sites
Buffy Rookie

Buffy

Posted
Posted
1) What can you do with an IP address?
Its a functional replacement for a url. If you're a feind, you can get to Hypography with:

http://65.110.71.143. You can also find out where a server is located (e.g. the ip address that shows in the spam you get. Here's a good place to start: http://www.iana.org/ipaddress/ip-addresses.htm These services will tell you where a particular IP address is.

2) How do you find/locate an Ip address for computers and websites.
Easiest way on windows is to open a command prompt and use the "ping" command with the "server" part of the url. to find Hypography as above you'd type:

ping

 

Hackingly yours,

Buffy

Link to comment
Share on other sites
TINNY Newbie

TINNY

Posted
Posted
You can also find out where a server is located (e.g. the ip address that shows in the spam you get. Here's a good place to start: http://www.iana.org/ipaddress/ip-addresses.htm These services will tell you where a particular IP address is.
somehow the link does not help me. Can anyone tell me where these IPs are from?

218.111.206.247

211.25.50.2

p548080c2.dip.t-dialin.net

Why is it that I get so many 'Unresolved/Unknown' and 'Network' IP addresses from the Webalizer software I'm using?

Link to comment
Share on other sites
alexander Newbie

alexander

Posted
Posted

ok, let me try and explain OP5...

IP adress is an adress assigned to a computer connected to the internet, every time you establish a connection, your computer receives an adress that uniquely identifies it from others, otherwise, how do you know where to send the packets. IP adress(es) can be bound to a Domain Names, hence you can acess http://www.google.com via a URL not the IP of their web server, and there is no huge bank of IPs and URLs on your computer.

Ping is a utility that sends out packets to an IP and listens for "answer" packets coming back. Those packets contain size, time and IP Information about both the host and the receiver, so to anser TeleMads question, it is only a volnurability if someone decides to do a DOS attack on you, it is however a very helpful tool, and if the firewall on the server is configured right, Ping is not harmful at all. Websites like Google have it turned on simply because for exapmle you are trying to see whether or not you have a connection to the internet, because you are trying to configure your network connection, you can easily ping http://www.google.com to check of you win, those packets are insignifficant to googles everyday traffic, but if you get stupid and try a DOS on google, it is very likely that 1, their IDS will detect the attack, and close ping for a while, 2 they will easily track the ping packets to the owners, and notify the ISP of the computer owners, 3 they will can easily call the police or even FBI to go and check out the attacking systems, and you better wish that you are a great hacker and did not leave any traces of your presence on the systems, or else you'd be "screwed to say the least". (and thats aside from the fact that even a few hundred systems connected to DSL could not bring googles dedicated lines down, and that shutting a single google server leave some 70-odd other ones, and that google has many very smart people working for them, that would be more than glad to find and release crackers IP out to the right IRC channels, and then you are really, really screwed...)

And as to what IP is to crackers, it is a destination, not an entry point to the system...

Link to comment
Share on other sites
Tormod Newbie

Tormod

Posted
Posted
I thought it was a security risk to acknowledge pings?

 

Possibly. I don't know how to avoid it on a shared server like the one Hypography resides on, though. :cup:

 

Anyway, the point of not responding to pings is usually to avoid network sweeps for open ports etc. It's easy to check if Hypography is there - just send an http request...

Link to comment
Share on other sites
alexander Newbie

alexander

Posted
Posted

open ports and ping are sort of different, but i wouldnt worry about it Tormod, I'm sure that the server you use is secured well...

Anyway, the point of not responding to pings is usually to avoid network sweeps for open ports etc. It's easy to check if Hypography is there - just send an http request[/quote[

You can ask your host to drop all ICMP packets, but whats the point of you doing that? Look, you are not the one who manages the server you host off of, and people that do manage it, are probably not newbies who are trying to make money, they are professionals who know what they are doing, and thus they log everything and have a bunch of log readers as well as scripts that go through logs each day, and trust me things like portscans on their servers will not go unnoticed, no matter how silent and passive they are, dont worry, most 98% on websites come from volnurabilities in the site engines and web server software (such as Apache and IIS), and the 2% are the rest of the attacks.

And as to just sending an http request, it is easier and faster to type in "ping www.hypography.com" and wait a second for a ping to go through to "control c" out then it is to do "links http://www.hypography.com" and wait for the site to load be found and load and only then to do "q" and enter to confirm to exit... (yes unix people are lazy)

(here is some info about portscan detection: http://www.linuxsecurity.com/resource_files/firewalls/firewall-seen.html)

Link to comment
Share on other sites
TeleMad Newbie

TeleMad

Posted
Posted

Anyway, the point of not responding to pings is usually to avoid network sweeps for open ports etc. It's easy to check if Hypography is there - just send an http request

 

Right, for someone who already knows that there is something on the net called Hypography.net there's no need to hide its existence. But blackhats scan the internet using ping looking for responses (the ping sweep) and they have no idea what IP addresses are valid and which are not until they get replies. Then they add the live IP addresses to their list of potential targets, and continue as they see fit.

 

Also, at a later stage of a blackhat's activities, ping can be used to launch a Smurf attack. If a server will accept and respond to directed broadcast messages, the blackhat can spoof his target and have it flooded by the server responding to pings.

 

Ping is a security risk, both to the server that acknowledges it and any server the attacker chooses to spoof in a Smurf attack. Just a matter of how one chooses to handle it.

Link to comment
Share on other sites
TeleMad Newbie

TeleMad

Posted
Posted
... but if you get stupid and try a DOS on google, it is very likely that 1, their IDS will detect the attack, and close ping for a while..

 

Uhm, why close ping for a while. You said above that if the server is configured appropriately, "Ping is not harmful at all".

 

alexander: ... 2 they will easily track the ping packets to the owners ...

 

Who would use their own IP address to launch a DoS attack? How silly would that be? To flood a server you don't need a response so you can use any source IP address you want. Ever hear of spoofing? Ever hear of FTP bounce scans? There are many methods blackhats can use to cover their tracks.

 

And even if the blackhat is tracked down, they are sometimes hired, not prosecuted.

 

alexander: ... (and thats aside from the fact that even a few hundred systems connected to DSL could not bring googles dedicated lines down ...)

 

So Hypography and most other web sites have the bandwidth of Google? Nope.

 

Even huge bandwidth doesn't save a company from a DDoS attack. Even with the massive bandwidth Microsoft has they were successfully taken down by a DDoS attack less than 2 years ago: and not just once, but twice in a single month.

 

Microsoft Corp.'s main Web site was inaccessible for two hours late yesterday, the victim of an Internet-borne distributed denial-of-service (DDOS) attack, the company said. The company is cooperating with federal law enforcement officials investigating the attack, the second successful DOS attack against Microsoft.com this month. (http://www.computerworld.com/printthis/2003/0,4814,84074,00.html)
Link to comment
Share on other sites
Tormod Newbie

Tormod

Posted
Posted
Ping is a security risk, both to the server that acknowledges it and any server the attacker chooses to spoof in a Smurf attack. Just a matter of how one chooses to handle it.

 

This is argumenting for the sake of argument. Hypography is located in a shared and very secure environment deep inside a high-tech web storage facility in Arizona.

 

Even if it pongs a ping I have so far not heard of a single site in our network that has actually been hacked. There are more to security than visibility. I'd say our biggest problem is the endless rummaging of spiders.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...