How to use an IP?

For beginners, flames not allowed...(just by the staff :P)
Post Reply
User avatar
THX
Newbie
Newbie
Posts: 7
Joined: 03 Oct 2007, 16:00
16
Contact:

How to use an IP?

Post by THX »

Hi, I have a small website but someone enter and left a "warning" to me but he is so dumb that when he wrote it he left his IP :D ; Now i just need ideas please what to do with it I just want to give him a "warning" too, like tell him his name or his adress I dont want to hack his PC because knowlege takes too much time and also 90% of these kind of people If you scare them a little theyll disappear.
I will appreciate all your ideas.

pd: I used IP locators in google but only gave me location in map of the user ,thats it no more details , and I really want to scare him.

User avatar
Nerdz
The Architect
The Architect
Posts: 1127
Joined: 15 Jun 2005, 16:00
18
Location: #db_error in: select usr.location from sucko_member where usr.id=63;
Contact:

Post by Nerdz »

Hmmm what if the IP is something similar to 198.81.129.100
Give a man a fish, you feed him for one day.
Learn a man to fish, you feed him for life.

User avatar
Oppconsulting
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 205
Joined: 05 Aug 2007, 16:00
16
Location: Wheres Waldo
Contact:

Post by Oppconsulting »

Last edited by Oppconsulting on 15 Oct 2007, 21:17, edited 1 time in total.

User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:

themantalksamileaminute

Post by DNR »

Damn Opp I like you, but you got to slow your roll. You didn't even put a period in all that talk.
:lol:
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.

User avatar
Oppconsulting
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 205
Joined: 05 Aug 2007, 16:00
16
Location: Wheres Waldo
Contact:

Post by Oppconsulting »

Last edited by Oppconsulting on 15 Oct 2007, 21:16, edited 1 time in total.

User avatar
computathug
Administrator
Administrator
Posts: 2693
Joined: 29 Mar 2007, 16:00
17
Location: UK
Contact:

Post by computathug »

Hey Opps, a little tip which works for me :

Write or type what you have to say then go back to it when you have finished and read through it slowly. For now forget fullstops and just use comma's and read through your posts and think of the words as how you would say them. You wouldnt try and say all of that with out a breath, just just add a " , " into the place where you would breathe and when that is done read again and when the point of the vocabulary where the sentence has actually ended "as though you were speaking this" replace the comma's with a full stop.

Your paragraphing is getting better and in the few month that i have read your posts i will say the grammar has way improved so keep it up matey.

User avatar
Oppconsulting
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 205
Joined: 05 Aug 2007, 16:00
16
Location: Wheres Waldo
Contact:

Post by Oppconsulting »

Last edited by Oppconsulting on 15 Oct 2007, 21:15, edited 1 time in total.

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11636
Joined: 06 Apr 2005, 16:00
18
Location: In your eye floaters.
Contact:

Post by bad_brain »

go to http://www.centralops.net and enter the IP in the domain dossier function...a lot of info to get there. but you will not be able to get sth like the address of the user, that data is only available from his ISP...and ISPs usually don't give away such data to private persons...you would need a lawyer for that. all you can do is contact the attacker's ISP and complain about the attacks, make sure you can provide some logs.

the question is also if the IP is a dynamic or a static one, the lookup on centralops also gives you at least a hint about that. if it's a static one you can block the IP, if it's a dynamic one you could block the whole IP-range of the ISP. but this is just an obstacle for a beginner, using a proxy would evade this ban.

what is you website btw? if we can take a look at it we could give you some advice to make it more secure.. :wink:

User avatar
THX
Newbie
Newbie
Posts: 7
Joined: 03 Oct 2007, 16:00
16
Contact:

Post by THX »

actually the IP is 85.120.231.1 , the user is located in romania 8O could be a proxy? maybe, now the attack was only general like: this is your last mistake... etc. nothing that the police pay attention, nothing specific.
My site is a game online site www.freewebs.com/theclanthx i just started to work in it, sorry is very basic now. i want to finish it like my old one this one http://koeoth.csmsites.com this one i like it more.
And nerd i read about goverment IPs so im sure is not one of them

PD: if you check freeweb guestbook youll see the "warnings" :lol:
Last edited by THX on 05 Oct 2007, 18:52, edited 3 times in total.

User avatar
THX
Newbie
Newbie
Posts: 7
Joined: 03 Oct 2007, 16:00
16
Contact:

Post by THX »

and thank you all of you for your ideas. what about to "nuke" their IP's i saw that in ytube is that possible?
PD: oppconsulting, dude i just want ideas not someone else who be a detective or something like that, as i said: just one little ear pull could be enough... TY anyway

User avatar
Oppconsulting
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 205
Joined: 05 Aug 2007, 16:00
16
Location: Wheres Waldo
Contact:

Post by Oppconsulting »

Last edited by Oppconsulting on 15 Oct 2007, 21:14, edited 1 time in total.

User avatar
zeus_zf
forum buddy
forum buddy
Posts: 21
Joined: 10 May 2006, 16:00
17
Contact:

What would zeus do?

Post by zeus_zf »

If someone left me a warning, and their IP. I have had run into similar situations. I mean hosting Mount Olympus (chat room) I always tend to drag in a odd person who thinks he can take it down, or certainly try. Of course they tend to do the deeds when I am not around, as for my staff they are not exactly sure how to handle a loose cannon yet.

Anyhow, a guy would come and do his ranting, how he will crash everyones computer, he will do this and that. There is an old adage, "A lost ship, blows his horn." Simply put, he is just making noise and has no idea what they are saying. So far I have been lucky to only get the guys that really have no clue.

Now you must remember, just because they left their IP, you have to determine if it is their's or a proxy address. That is fine and dandy.

(Trivia: Anonymous proxies leave the IP's of that proxy box, whereas High Anonymous Proxies may leave, question marks or *'s.)

Now, I will tell you a general case, down to a more specific one. I love Opp's way of doing things. I am not as clever, but I like to think I put the fear god back into them after a while.

See what I do with the IP again, determine the Origin, since you cannot log on to Mount Olympus with a proxy server, that means automatic IP snatching. Do not get me wrong, I do not do this to everyone. But I know if a guy came to this site with warnings and such the admins will not take it lightly. If a guy knew he was going to be robbed soon he would prepare to defend his house.

Anyhow, The IP I use to trace it. But like the other guy said there is a site that gives you a bunch of information on various IP's.

Usually though I tend to get lucky, because a citizen would rattle and say well he has yahoo, or msn, or aim, icq...Or something else.

So the accounts are nice to have, but the ip tells me about the account of this person.

Even if it is a child, and usually because of ignorance they use real information alot. So you just do a reverse look up like Opp said, and you get some more stuff, I also see where he or someone from his house hold would use the number in a form. Or the real address.

Each scenario is different from idiot to idiot, but a few cases I am sure they I scared the shell out of them, dropping 1's and 0's in their trousers.

What I done was with all this info gathering...Which if I done a good 30-60 minutes worth of searching I can have tons of stuff. Now, let us keep this in perspective...Mount Olympus is a 2-d graphical chatroom. So they are in their avatar, and I in mine as they say it. So this is kind of our look of each other.
This is when I would take a screenshot of the moment, to show them later.

Again, I would find out as much goodies as I care to possibly find, and at first being new to hacking and with no real skill I learned some stuff fast, and so I would find some sites they signed up at which has weak security and getting the admin account I would get their password.

Only to find that they use the very same password for everything else, such as: yahoo, msn, etc...Depending on how far I want to go. Sometimes the work is really a huge factor and say skip it I am done and do not care anymore.

But when they see me at their favorite forums, and recieving e-mails from me with that screen shot, listing all sorts of their information. like Opp said, when they see you have more stuff on them, boy talk about being scared.

I have not found one that returned yet. I tell everyone what I did, and they all think it was so hilarious.
<strong><a href="\\\\\\\http://the-gatesofolympus.tk\\\\\\\" title="\\\\\\\My Site\\\\\\\">THE GATES OF OLYMPUS</a> </strong><hr>
I am putting together a team of hackers and gamers for fun and profit. We are looking for awesome people such as yourself

User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:

hey a writer!

Post by DNR »

Zeus, welcome to the forum,

I liked your post, thanks for taking the time to write a detailed post.

Well, I suppose the controversy has two sides, passive defense or active attack on IPs that get picked up in logs and IDS.

I guess you could also do both. On a server or network I would likely make it passive defense, to hide the computers and network in a blackhole. Servers and networks are a lot of work and you want to build them to be self-reliant. I am not going to sit on a network 24/7 for real-time monitoring, so you build a decent firewall and maybe automated script to block IPs misbehaving. Simple assed stuff like editing your network to hide the NOS and versions, not to respond to pings or port queries should be the standard for any security analyst. Blackholes are frustrating for both neos and elite hackers.
](*,)

On my own personal box, If I am surfing a chat room or even get a automated attack on a website I might go to active attack because it is happening in real time. Spoofing IPs can still happen real time and I don't want to turn into a remote attack proxy on a victim's IP. These are rare and performed carefully, so I don't consider my behavior at risk 8-[

Again welcome to the forum zeus =D> , check out some of the recent threads and see if you want to respond.

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.

User avatar
THX
Newbie
Newbie
Posts: 7
Joined: 03 Oct 2007, 16:00
16
Contact:

Post by THX »

ty again but i was reading forums and i find this one (after3 hours of some none sense posts) http://www.suck-o.com/modules.php?name= ... ight=yahoo very interesting and also put me in the path.. 8) , almost everything is inside but hide into other topics..... :wink:

PD: thanks Lyecdevf it was posted in 2006 but is still a very nice tut.

Post Reply