Hostip.info – Forum

[peep]

From what I am understanding from studying about IP Addresses, if someone is a good enough "hacker", they will always be able to get my IP Address and therefore, my residential address, home phone number, etc. Is this correct?

Do forum moderators and admin.'s have the complete ability to become corrupt in using their status? or do they simply have the same ability that anyone has in finding out my IP address, home address and telephone number just by visiting their website?

I would like to enjoy posting in some forums and chatting, but, if I cannot be anonymous and could be potentially stalked or hacked, why bother?

If I have DSL, and a "dynamic" IP, it doesn't really matter because each new IP address that changes still leads back to me and my home address?

I have posted on a forum similar to this one and the admin. seems to like me and has told me who I am and what my street address is. I thought posting with a nickname was supposed to be confidential.

Is my only alternative just to stop surfing the net, stop posting, stop going into chat rooms and even getting rid of my computer?

I hope not.

If anyone can help, it is greatly appreciated.

[robocoder]

This isn't the place to discuss this.

That said, if you were talking to a web site's admin, chances are they have your IP address. That alone won't give anyone (except your ISP) your name or address. You would have to have, at some point, divulged some personal information.

If you're paranoid enough:

• Use a proxy for your web browser.
• Use a disposable email account (not associated with a small/local/regional ISP).
• Use a different pseudonym/nickname for every site you visit. In particular, don't use parts of your real name.
• And lastly, don't reveal anything about yourself -- not your name, your spouse's, your phone number, your address (not even the zip code), your credit card info, your social security/insurance number, what city/state/province/country you live in or near, rare/unique places to where you live, organizations you're affiliated with, your timezone, domains names you own, web sites you frequent, interests/hobbies, work you do, ...

Better yet, stop using the Internet.

[peep]

Thank you for the info robo. I meant no disrespect.
Appreciate your help.

[peep]

Just wondering why everyone wants to know where IP addresses are from if they really cannnot lead you to a particular individual ? Is it to simply trace where certain customer's are coming from for a personal business? Otherwise, what is the point?

Again, I am not intending any disrespect, in fact, quite the opposite. I am really trying to comprehend the purpose of IP Addresses. And I have been told by several that I should protect mine if I begin a home computer business to avoid identity theft. How can someone steal my identity if my IP Address does not lead to me unless I divulge personal information about myself? Ugh.

[robocoder]

No problem. I should have added that the appropriate forum for your inquiry is Internet Privacy. (Perhaps one of the moderators could move this thread...)

IP addresses are fundamental to the operation of the Internet. You can't visit a web site without disclosing your IP address ... the web server (or proxy) needs your IP address to be able to return pages, images, etc back to your browser.

Knowing where an IP address comes from has many applications, including these oft-cited ones:

• automatic localization (currency, language, etc); example: someone from Quebec visits an e-commerce site in the U.K., so the system automatically adapts by switching to French text catalogs and prices in Canadian dollars; or pre-filling forms as a user convenience
• targeted advertising; example: based on your location, the site pushes ads in your vicinity (increasing the likelihood of clickthrough), or points you to e-flyers for your area
• fraud prevention; example: based on your current location (e.g., Nigeria) and your registered address on file, a banking site (e.g., in the U.S.) prompts for additional information to confirm your identify
• analytics - knowing where your visitors are coming from; example: suppose an analysis of your traffic shows increased interest from Canadians...you might decide to start offering international shipping (instead of limiting yourself to the continental US)
• digital rights management; example: a legal music download service may automatically block visitors from a country where piracy is rampant
• network intelligence; example: you might be redirected to a mirror site closer to your location (e.g., faster downloads)

For examples of identity theft (scams, alerts), check out idtheftcenter.org.

[peep]

Absolutely fascinating. Thank you robocoder, very much, for taking the time to explain. (it must certainly be nice to know so much) This has helped me alot and I appreciate it.

[peep]

Forgot to also say, sorry to have posted in the wrong forum. If the moderators move it, I'll look there. (thanks again)

[Jack]

The best way to mask IP address is to use TOR. It is free, and you can download it from this link below:

http://tor.eff.org/

Alternatively, you can use TORPARK, which is a stand alone Firefox browser pre-install with TOR. It runs even from a thumb drive. Go to this link:

http://www.torrify.com/

You can check your IP address (using Google Search) to verify that it works.

However, this will protect you only with normal surfing. If you want to mask your IP address while downloading from P2P, the only way is to configure Opera browser using TOR, then download the torrent using Opera browser. Yes, the speed is very slow. But that's what we have got at the moment, that is, until Mozilla release the open source extension Moztorrent.

[puckhead]

ive set up opera, and installed tor. how can i tell if my IP is now hidden when i use opera to download a torrent? is there a check or test i can make?

[mecdarkend]

Hi, peep,

From what I am understanding from studying about IP Addresses, if someone is a good enough "hacker", they will always be able to get my IP Address and therefore, my residential address, home phone number, etc. Is this correct?

You've already gotten some good information, but let me try to explain it my own way.

There are two separate issues here:

1. If you are using a webforum like this one, most likely the IP of the machine which you used to connect will be logged (if you are using Tor, the IP which is logged would belong to the "exit router" in the chain constructed by Tor for a particular transaction), Some websites discard logging data after a certain time has passed.

2. If someone has obtained your correct IP address, they can use "whois" to lookup up information about that IP address in a public database. If you are logging on from home, most likely the information which comes up when someone requests the ARIN record corresponding to that IP address will describe your ISP, not yourself. But if you are using a computer at your business, and if you registered a domain name yourself, the information which comes up might indeed include your home address and telephone, if you provided that information when you registered the domain name. However, even if the information which comes up describes your ISP, someone who knows your IP address can still use databases like hostip.info to try to "geolocate" your computer. These databases are by no means 100% accurate, though.

Do forum moderators and admin.'s have the complete ability to become corrupt in using their status? or do they simply have the same ability that anyone has in finding out my IP address, home address and telephone number just by visiting their website?

I am not quite sure I understand the question, but when you are using a forum like this one, generally only sysadmins would be able to see your IP (or the IP of the exit router for the chain constructed by Tor, if you are using Tor). Generally speaking, sysadmins would have the same ability or lack of ability as anyone else in getting from a numerical IP to your true name and address, with one caveat: if a sysadmin can document criminal misdeeds (like trying to break into his system), he can legitimately report this and police agencies may then be able to discover your true name and address in connection with a criminal investigation.

There is one notable exception I can think of to what I just said about IP addresses of participants in some web forum only being accessible to the sysadmins of this particular forum: if you edit the Wikipedia without logging into a registered user account, your edits are attributed to your numerical IP address in the "history page". If that numerical IP address corresponds to a domain name which you have registered, and if the ARIN record for this domain name gives your name and address, then anyone in the world can verify that someone using a machine at this domain made the edits in question. This kind of reasoning has been used at Wikipedia to identity numerous miscreants; in one of the more amusing cases, U.S. congressional staffers were caught vandalizing the biographies of the candidates opposing their bosses in an upcoming election!

I have posted on a forum similar to this one and the admin. seems to like me and has told me who I am and what my street address is. I thought posting with a nickname was supposed to be confidential.

Your correct name and street address? I'm curious about the context of that conversation--- he seems to like you? Or was he accusing you of misbehavior? Either way, if he knew your correct name and address, that was probably because the ARIN record corresponding to your true IP gives that information because you registered a website in your own name and gave the domain name corresponding to the IP address in question. (The domain name is just the "IP address translated for humans".) Or if not, he presumably combined other bits of information to arrive at your true identity. This is often much easier than most people would guess. For example, perhaps when you registered at that forum you provided the url of your blog, and perhaps in the blog you posted enough information about yourself to make it easy to determine your name and the city where you reside. Then perhaps your local telephone directory could provide your street address and phone number.

If anyone can help, it is greatly appreciated.

Tor is a good resource, but I feel that someone should point out two important facts:

1. Tor is supported by EFF, but EFF says that using it with bittorrent is potentially "highly unethical" (their words), and if you are planning to abuse this tool, you endanger the community who wish to use it for legitimate ends, such as safe websurfing.

2. The EFF stresses that the anonymity provided by Tor is not yet very strong, certainly not strong enough to safely use if you live in some politically repressive country and wish to speak out about some topic which your government doesn't want its citizens to discuss. (That can be hard to judge; American antiwar activists may have some cause to wonder whether this might apply to them.)

[mrLenin]

The best way to mask IP address is to use TOR. It is free, and you can download it from this link below:

http://tor.eff.org/

Alternatively, you can use TORPARK, which is a stand alone Firefox browser pre-install with TOR. It runs even from a thumb drive. Go to this link:

http://www.torrify.com/

You can check your IP address (using Google Search) to verify that it works.

However, this will protect you only with normal surfing. If you want to mask your IP address while downloading from P2P, the only way is to configure Opera browser using TOR, then download the torrent using Opera browser. Yes, the speed is very slow. But that's what we have got at the moment, that is, until Mozilla release the open source extension Moztorrent.

I have TORPARK, but it wark so slowly, that I reconnect to common Firefox. But' I am not shure this soft are able to remove all traces from log files on servers. Can anybody help me with this confuse?

[mecdarkend]

I have TORPARK, but it wark so slowly, that I reconnect to common Firefox. But' I am not shure this soft are able to remove all traces from log files on servers. Can anybody help me with this confuse?

So you simply wish to surf the web, right? Not to do something the developers of Tor frown upon, like use it with bittorrent?

If so, Tor doesn't scrub log files or anything obnoxious (and generally illegal) like that. Rather,if you are using Tor, then when you request an html page, rather than the request going directly to the webhost (which would then log the IP address of your computer as the address of the computer used to request this page), Tor creates a mostly encrypted chain; the last machine in this chain connects to the webserver and requests the page, so that the IP address which is logged belongs to this Tor server. Even administrators of intermediate servers in the chain cannot determine what machine lies at either endpoint of the chain. (At least, if you make certain assumptions!)

In principle, Tor should be fairly secure, but as the EFF website warns, this software is still experimental. "Reading between the lines", I think they mean that if you live in country with a highly repressive political regime, you probably shouldn't use Tor to say something which is likely to make you disappear, because Tor might not be as secure as you hope. (The "certain assumptions" I mentioned might well be invalid in countries which intensively monitor the internet activity of their citizens, for example.)

The good news is that as more people around the world begin to operate Tor servers, blogging may become a bit safer.

[mrLenin]

Thanks for explanation of the main principles of work. That was I was asking about. I thought finally the most anonimous broser is discovered. Ok, good idea to write such one by myself. The question is how long long will it take?