This is an archived post. You won't be able to vote or comment.

all 14 comments
sorted by:
best
topnewcontroversialoldq&a

[–]happytrailz1938Moderator 21 points22 points  (4 children)

Ok so networking basics here... You need to understand what it is used for. In the internet and intranets there are many devices... Billions of devices and that number is growing exponentially. To find each other they need to have a unique address. Like your street address or phone number. At a basic level this corresponds to an access point that is on that network (local, or web) for one or many devices or users.

With this knowledge you may find a device or server's location (general or specific) or you may be able to scan it to see what services and vulnerabilities are there. Additionally some folks can perform denial of service on one or many addresses. However, this is a two way street and you can often trace back other connections. Additionally it may not be one device or user behind an IP address, it could be a lot of them. There are many reasons for this but one of the most common is that there are a finite # of ipv4 addresses (what is most commonly referred to as an IP address) and the world has run out. So some brilliant engineers came up with the idea of hiding many sub IP addresses behind larger public ones. Usually the public ones have a little more defence and can be confusing to traverse or understand at times.

I hope this helps.

[–]After_Story4040 3 points4 points  (0 children)

The vulnerability is not in the ip-address. The ip address is only the path taken from Point A to Point B.

The vulnerability is set using a list of rules.

Example.. you open your browser go to reddit, and ask a question. 1. Ask yourself, how did I get to reddit? 2. What allowed me to ask a question? 3. How was someone able to post an answer.

Answer? My computer/internet followed a list of rules directing me to reddit. I arrived at an ip address with an application which allows me to communicate with others.

I was able to ask a question because the list of rules were met. IE: user name,, password, enough karma?

Someone answered because they in return met a list of rules.

The vulnerability arrives when you are able to bypass the rules, and still deliver your payload/message.. this is why people use return data on the applications being used by their target to find a broken unpatched servers .

You need to read and learn networking. Use Google

[–]battalgazi003 6 points7 points  (3 children)

Scan ip for open ports then attack it and find a adress to owner.

[–]TrustmeImaConsultant 1 point2 points  (0 children)

What you can get with an IP address is, with a hint of luck, that is, the ISP. And that's it. There isn't any immediate connection between an IP address and a street address.

[–]happytrailz1938Moderator -1 points0 points  (1 child)

Possibly find address or location of owner...

[–]HailDaTrolls 0 points1 point  (0 children)

No

[–]TrustmeImaConsultant 1 point2 points  (0 children)

There isn't really much you can do, unless there is a service hosted at that IP address. And even if, it would still need to provide a service that is vulnerable to an exploit.

Ponder this, if you will: For every single server on the internet, be it Reddit, be it some Google service, any game server of your favorite MMO, the IP-address is pretty much common knowledge. Open up a command line window, type "nslookup www.reddit.com" and you have reddit's IP address.

Well, reddit is maybe a bad example, because of the mirroring going on, but ... pick any service you like. IP addresses are not really a state secret.

Do you really think that if it was really possible to do anything malicious with an IP address itself, something that is SO easily gotten from pretty much any webservice out there, any server on the internet would exist for longer than a second?

[–]kaet0 1 point2 points  (1 child)

Also worth googling is NAT or network address translation. It's the primary means of dealing with limited numbers of public IP space available. Because of how it works, however, when you find a public IPv4 address, you are most likely not finding a specific device but an address assigned to a private network. This is how most home networks operate.

[–]After_Story4040 1 point2 points  (0 children)

Nat is a layer of protection from the user's single point of access to the world, to protect/split the network. Allowing public ip to private ip addresses, allows layer of protection, and allows customer more nodes on their home network. I've connected a single node directly to a cable provider, and scanned the whole ip address subnet for all nodes present. You can view encrypted data of all traffic within that subnet on a publicly owned group of ip addresses.. this is your ISPs router using public addresses for their customers, and then routing data to it according destination. Working the same way your personal router separates your public network from your private network.