What can you do with an IP Adress.

For beginners, flames not allowed...(just by the staff :P)
Post Reply
User avatar
Nerdz
The Architect
The Architect
Posts: 1127
Joined: 15 Jun 2005, 16:00
18
Location: #db_error in: select usr.location from sucko_member where usr.id=63;
Contact:
Contact Nerdz

What can you do with an IP Adress.

Post by Nerdz »

Ok, I think this is one of the mostly asked question in this section. I hope I will be able to answer most of your questions and if you are still not sure about what to do after reading this, feel free to ask the questions directly to this thread and I'll try to clarify them in this post for future readers.

So, I guess you are really excited now that you got an IP Adress? In fact, you shouldn't. An IP Adress(Internet Protocol) Adress is like a home adress address. So what can you do with it? There is a lot of things you can do with it.

Know who you are dealing with...
The first thing you might want to do is to know who is the owner of the IP Adress, where is he from? There are plenty of website which offer information about an IP Adress like :

Code: Select all

http://www.arin.net/whois/
http://www.dnsstuff.com
Once you have entered the adress there, you will get the location of the IP Adress owner. So www.suck-o.com seems to be hosted in germany
Country (per IP registrar): DE [Germany]
Using this, you can also get the email of the ISP(Internet Service Provider) if you were abuse by someone who tried to attack you. You can also add this IP to your firewall if you want to be secure...

Ok that's it for the defender part...

But... what if you don't want to report this IP to his ISP and go make your own justice?

Probing
The first thing you might want to do, is to scan the IP to see if there is any vulnerable services(Old IIS version, Old Apache server, etc...) running on it. To do so, go get Nmap and read the info on how to use it and the different scanning methods.

Now that you have scan the IP Adress, you know if there is any open ports on the host and depending of the option you set, you are now able to determine which OS(Operating System) the host is using. If you know that the host is online and you can't find any open ports, the host is mostly using a firewall. There are techniques getting around a firewall but this is not a hacking tutorial...Simply a guide to what you can do with an IP Adress.

You'll read here and there about DDOS. Please, if you don't want to get into trouble, don't use this. The principe is simple, you use a lot of computers to take down a server. This is usually done with botnet. All the computer send request to the server and the server can't handle that much request and stop responding. Try to avoid this kind of attack..

Now that you have all this information, the rest is up to you... You might find interesting reading about these topic:
- Banner grabbing.
- Buffer Overflow(Local/Remote)
- Documentation on netcat.
- Penetration testing.
- Etc..

All your comments are welcome. :wink:
Give a man a fish, you feed him for one day.
Learn a man to fish, you feed him for life.
Top
User avatar
TheZomi
forum buddy
forum buddy
Posts: 16
Joined: 18 Feb 2008, 17:00
16

What about proxy?

Post by TheZomi »

Thanks so much for the info.

But I still have a problem about IP and proxy. If someone is using proxy server?
Top
User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:
Contact DNR

some quick thoughts

Post by DNR »

try tracert, trace route. Trying making a connection to the target via IM application (AIM, YIM) and watch Netstat or a packetsniffer. Try a web-bug on a email send to the target. Try hacking the proxy server for its logs.

just some quick ideas.

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Top
User avatar
Ukn0wn
forum buddy
forum buddy
Posts: 13
Joined: 22 Jun 2008, 16:00
15

Post by Ukn0wn »

Ok I see and could you use SuperScan as well? To scan the IP.
Top
User avatar
bad_brain
Site Owner
Site Owner
Posts: 11636
Joined: 06 Apr 2005, 16:00
19
Location: In your eye floaters.
Contact:
Contact bad_brain

Post by bad_brain »

Ukn0wn wrote:Ok I see and could you use SuperScan as well? To scan the IP.
yep, with version 4 you can do banner-grabbing, etc. too...version 3 is just a portscanner if I remember it right... :-k
Top
User avatar
Still_Learning
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 1040
Joined: 11 Jun 2008, 16:00
15
Location: Trigger City

Post by Still_Learning »

Ukn0wn wrote:Ok I see and could you use SuperScan as well? To scan the IP.
Yes I have also heard of superscan in the CBT nugget certified ethical hacking cert video training/ others that they said work well are TCPtraceroute, and NMap, i guess you would have to try all of them to see which one you like the best. personal preference.
Top
User avatar
Ukn0wn
forum buddy
forum buddy
Posts: 13
Joined: 22 Jun 2008, 16:00
15

Post by Ukn0wn »

SuperScan is what I use for now.
Top
User avatar
Ghosted
forum buddy
forum buddy
Posts: 16
Joined: 23 Jun 2008, 16:00
15

Post by Ghosted »

nmap
+
whois
+
brain
+
default settings
=
rooted!
Top
User avatar
cipher24
Newbie
Newbie
Posts: 4
Joined: 08 Oct 2008, 16:00
15

Re: What can you do with an IP Adress.

Post by cipher24 »

Nerdz wrote:Ok, I think this is one of the mostly asked question in this section. I hope I will be able to answer most of your questions and if you are still not sure about what to do after reading this, feel free to ask the questions directly to this thread and I'll try to clarify them in this post for future readers.

So, I guess you are really excited now that you got an IP Adress? In fact, you shouldn't. An IP Adress(Internet Protocol) Adress is like a home adress address. So what can you do with it? There is a lot of things you can do with it.

Know who you are dealing with...
The first thing you might want to do is to know who is the owner of the IP Adress, where is he from? There are plenty of website which offer information about an IP Adress like :

Code: Select all

http://www.arin.net/whois/
http://www.dnsstuff.com
Once you have entered the adress there, you will get the location of the IP Adress owner. So www.suck-o.com seems to be hosted in germany
Country (per IP registrar): DE [Germany]
Using this, you can also get the email of the ISP(Internet Service Provider) if you were abuse by someone who tried to attack you. You can also add this IP to your firewall if you want to be secure...

Ok that's it for the defender part...

But... what if you don't want to report this IP to his ISP and go make your own justice?

Probing
The first thing you might want to do, is to scan the IP to see if there is any vulnerable services(Old IIS version, Old Apache server, etc...) running on it. To do so, go get Nmap and read the info on how to use it and the different scanning methods.

Now that you have scan the IP Adress, you know if there is any open ports on the host and depending of the option you set, you are now able to determine which OS(Operating System) the host is using. If you know that the host is online and you can't find any open ports, the host is mostly using a firewall. There are techniques getting around a firewall but this is not a hacking tutorial...Simply a guide to what you can do with an IP Adress.

You'll read here and there about DDOS. Please, if you don't want to get into trouble, don't use this. The principe is simple, you use a lot of computers to take down a server. This is usually done with botnet. All the computer send request to the server and the server can't handle that much request and stop responding. Try to avoid this kind of attack..

Now that you have all this information, the rest is up to you... You might find interesting reading about these topic:
- Banner grabbing.
- Buffer Overflow(Local/Remote)
- Documentation on netcat.
- Penetration testing.
- Etc..

All your comments are welcome. :wink:
Very basic, but not bad. Btw i really wouldn't call a ip a (home address) That would be more accurate for a MAC address since it's the physical address.
Ip really doesn't contain the exact ''home'' address, but ISP address.

Not bad though, for newbies.
Top
User avatar
ayu
Staff
Staff
Posts: 8109
Joined: 27 Aug 2005, 16:00
18
Contact:
Contact ayu

Re: What can you do with an IP Adress.

Post by ayu »

cipher24 wrote: Very basic, but not bad. Btw i really wouldn't call a ip a (home address) That would be more accurate for a MAC address since it's the physical address.
Ip really doesn't contain the exact ''home'' address, but ISP address.

Not bad though, for newbies.

Having a mac address to a computer doesn't really take you anywhere, since nodes on the internet will usually replace the mac with their own address. Thus, IP is your "home" address, it leads to your home. As you said yourself, it's for newbies. No need to make it more confusing.
"The best place to hide a tree, is in a forest"
Top
User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:
Contact DNR

the pot calling the kettle black

Post by DNR »

cipher24 wrote: "..Not bad though, for newbies."
Watch the "N" word around here, for someone that has less than 10 posts, you are the "N" :wink:

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Top
User avatar
JohnB
Fame ! Where are the chicks?!
Fame ! Where are the chicks?!
Posts: 191
Joined: 13 Mar 2009, 17:00
15
Contact:
Contact JohnB

Post by JohnB »

Alternative way to get an IP for a site if on windows-

Launch the command prompt (windows key + r then type cmd)
In the prompt type "ping" without quotes and the site address.

This also shows packets sent and recieved to tell if a site is down.
Top
User avatar
Kirk
suck-o enforcer
suck-o enforcer
Posts: 547
Joined: 25 Apr 2009, 16:00
14
Contact:
Contact Kirk

Post by Kirk »

I have a friend allowing me to practice on her so I used wireshark to get her IP address while involved in a IM (yahoo messenger). I then plugged it into Nmap to scan for open ports. I can up with a few. 20, 23, 80, 5050, 119, 8001, 843, 8002. I went to telnet within dos and tried to call port 23. Port 23 being telnet I figured to call from port 23 to port 23 would make sense, not so much. Dos says it's connecting to port 23 at the ip address but nothing happens. That's it...connecting. Am i doing something wrong? Well, obviously I am, but what is it that I'm doing wrong?
Top
User avatar
DNR
Digital Mercenary
Digital Mercenary
Posts: 6114
Joined: 24 Feb 2006, 17:00
18
Location: Michigan USA
Contact:
Contact DNR

Post by DNR »

a desktop PC should not be running those ports, you might be scanning a yahoo server. Some returns by scanners can be false. Remember the YIM/MSN/AIM will run through the server. Servers accept incoming request for port 21, 25, 80 -not a desktop pc.

You can telnet to 21, 23, 25, and even 80 - but the server can be set to 'blackhole' and not give you any banners or response.

Host based firewalls like zonealarm will block unrequested incoming traffic, so it looks like a blackhole.

Try a file transfer to/from her PC while watching netstat or wireshark on your PC.

DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Top
User avatar
computathug
Administrator
Administrator
Posts: 2693
Joined: 29 Mar 2007, 16:00
17
Location: UK
Contact:
Contact computathug

Post by computathug »

As DNR said, you need to make a three-way-handshake or you will only get the YIM server. A three-way-handshake can be accomplished by file transfer or even a webcam connection. :wink:
The devil can cite Scripture for his purpose.
-- William Shakespeare, "The Merchant of Venice"
https://tshirt-memes.com
Top
Post Reply

Return to “Newbies”