How much information is revelaed about you and your location by your IP address? Is it a problem if it is placed in the public arena?

Well, I've been tracked all the way to the buildings firewall which makes it possible to potentially track down my adress.
To use that as an example, the fact that the firewall/gateway is on a fixed ip means that I'm greeted by danish commercials even on american sites. Annoying.
On a direct search, a RIPE search on my ip tells me which ISP I'm using (and that I'm a broadband user, not that I could tell...).

It is, theorectically also possible to track me all the way to the adress of my appartment complex if I'm canny enough, but it would involve sweet talking the ISP.
If you want to know how much info your ip gives away, try this (http://www.mediacollege.com/internet/utilities/show-ip.shtml) tool, then go to something like ripe.net and test out exactly how much info is available on you.

You can for example click this webpage http://www.dnsstuff.com/ and read what it says at the very top of the page. Or have a look at http://www.dnsstuff.com/tools/aboutyou.ch

In other words: Darat can easily figure out from where we are posting :eek:

Vestsjalland?! I'm in jutland!!!!!!!!!!!

ETA: Still only getting my ISP..

You can for example click this webpage http://www.dnsstuff.com/ and read what it says at the very top of the page. Or have a look at http://www.dnsstuff.com/tools/aboutyou.ch

In other words: Darat can easily figure out from where we are posting :eek:

That depends. Barring use of proxies, yes. Not sure he can figure anything out other than the proxy if one is used though.

You mean he can tell I'm on the sofa?

You mean he can tell I'm on the sofa?

Only because your webcam is on. put some pants on man!

I used to telnet or just plug IP addresses into a web browser (usually port 8080) back in the day. Surprising how many people never changed the default password. But since I was convicted and fined for doing this I tend not to anymore. The person that caught me on their network also tried to get the court to force me to buy them a new router (same exact make and model) because I now knew their IP address. I had to explain very carefully to the judge why this would have absolutely no bearing on anything whatsoever. He was leaning the other way until I used the analogy that if you tear down a house and build a new one on the same spot it still has the same address. (In the hall I told the admin to just request a new address from their ISP and he said, "they'll do that?) Explaining to the judge that even a new router of the same model will still have the same default password helped too because that's when the judge realized that the network admin should have changed this in the first place. Didn't help my case, because I still browsed their network unauthorized, but the admin sure looked stupid when the judge asked him why it wasn't changed.

Anyway, someone knowing your IP isn't too big a deal because they're easy to find, just make sure the firewall is properly configured. Unless you have nuclear strike codes or credit card numbers there's not many people who'll spend the effort to get past it. Of course if they try a few simple tricks and get through, they'll mess with things just because they can.

Only because your webcam is on. put some pants on man!

As if you should talk. Oh my Ed, the things I've seen on your webcam!

As if you should talk. Oh my Ed, the things I've seen on your webcam!


Did you catch the night I had the orangutan over?

Yes. I had to scrub my eyes with bleach.

Yes. I had to scrub my eyes with bleach.

What? He was quite gentle with the coinpurse!

Did you catch the night I had the orangutan over?

Over what?

People can trace IPs down to the servers that internet users connect to. Several towns surrounding where the server is at may very well use the same location to connect to.

The only way someone can get your EXACT address, is if they ask the hosting company that you subscribe to. You can't trace someone's IP and go, "Oh, they live at 32 Mockingbird Lane, Miama Florida." but they could very well deduct that you live in, Miami Florida.

Although, with a lot of researching and detective work, someone could potentially find out EXACTLY where you are if they have their mind set to it. Otherwise, just looking at somone's IP address is not going to give them anything other than a general location.

Got as far as my ISP and that's all. Not even the same location in the city as my connection server, nor even my IP address correctly. All proxied to the max, of course. Then there's my NAT plus bastion firewall...

Normal HTTP queries can rteurn all sorts of stuff about the browser you are running, but that doesn't help much - you've got a 70% chance of getting the same result by chance, really!

Zep - watch you don't spill that drink.

Try this one:

http://ip-adress.com/

Yes, it has only one d.

Did you catch the night I had the orangutan over?

Dude, It wasn't that great don't, flatter yourself.
;)

With my IP address, the link above comes up about 20 miles off from where I am, and a pretty good miss for the actual location of the ISP too. Oddly enough, Shoreham.net is in Shoreham, not Middlebury, VT. If you have a static IP address on a network, it might come up closer, even right to your door. If you're on a college network, for example, it might get your user name, and it often isn't hard to correlate that with the on line student or faculty directory and get the address right down to the dorm room number.

It depends on the ISP. Generally they can only get the name of the ISP you're using. At that point they can then ask the ISP who had the IP at a particular time and date. Most ISPs will provide that, although some require a subpoena to release that info.

If you are behind a NAT firewall or proxy server the best they can do is get to the ISP hosting the firewall/proxy. If the NAT firewall is in your house, then again they can go to the ISP. If, like I am at the moment, behind a corporate firewall then the best they could do is get the name of the company (or the companies ISP.)

If you have a static IP address from your provider (some DSL providers do this, most don't. I'm unaware of any cable company that provides these by default. If you buy a business level service you can usually get them.) then some providers will tie a name to the IP address right in the reverse DNS lookup.

Southwestern Bell does this (oops AT&T now). If you have DSL from AT&T with a static IP address they may tie your name straight to the lookup record.

But since I was convicted and fined for doing this I tend not to anymore.

Ouch.

I learned my lesson differently... I was on a cable network before they understood that neighbourhoods were 'shared' networks, and they weren't filtering ports yet. I started poking around in my neighbours' PCs and found one guy was into such bizzarre porn that I went and had a Lysol shower.

That pretty much scared me out of the temptation to poke around anymore.

Oh: one other 'gotcha'... I had shared hosting of a website down in Vermont, and was new at Linux, so I was navigating the directories on the server and discovered I could read other users' mail! Got caught somehow. Nasty email from the sysadmin.


To the original question: IP address can be used to find out exactly who you are, but it might require a court order. Even on dynamic IP setups, there would be a logfile of which ports were assigned to which IPs when, and they know which port is yours, so they can figure it out with the assistance of your ISP.

Even with dialin, they know which IP was assigned to the modem during the connection, and probably have the Call Display from your phone, so they know your number. If you're dialling in from a payphone or a friend's house (some friend you are), then Interpol will swoop down on this address instead.

there are some websites that have a whois for ips but it doesnt give out your address besides city&state. the address given probably belongs the isp.

Do be aware that if someone has enough information on you they can usually 'social engineer' their way into getting more of it through calling your isp customer service, this is very much true for telephone accounts too. If there is a password option for calling in on your accounts it should be utilized if you are concerned about the security of your information.

ICAN can tell you what ISP owns what IP, but it is a violation of privacy to reveal personal information by way of IP, so any information garnered from an ISP without a subpoena is invalid. We have subpoenaed Verizon on two occasions after tracking down an IP by way of ICAN.

http://www.ip2location.com/free.asp
Here's another.