Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IP Question - please help! 2

Status
Not open for further replies.

Jackdown

Technical User
Dec 4, 2005
1
US
Hey Everyone,

I hope I can explain my question clearly! A few questions... please read and help if you can! This is my first time on this forum, so I hope I am posting this in the right spot.

I am wondering - if I have visited a website can they find and track my ip address just from me visiting and jumping around on different pages of the website?

Also - to be a little more specific, what if I have blocked cookies, and also if I have blocked that site in my security settings? Does that make a difference?

Can anyone help? Is there a way to prevent certain sites from finding my IP address when I visit their site???

I'm curious because it seems that this might be why I am getting some spam and possibly hacking into my computer. I don't know for sure, but I don't think I have all of my settings set correctly. I don't mind on the major sites, like Yahoo and Google, etc... but I don't want some of the random sites here and there that I visit to be able to track my IP - or is it just standard that in order to visit a website they can see your IP??? One more thing, what type of information can a person get from an IP address, enough to be able to get presonal information on me? I wouldn't think so since I would think it would track my Service provider rather than myself, but is there a way for someone to actaully get MY name and personal information to hack my computer or even possible some type of identity theft???

THANKS - I appreicate any help!!!

Jack
 
This is a long post but to answer your questions in turn:

1. Websites can track your IP address each time you visit their website if they've enabled logging on their website (which most sites will do). However they can decide to dig a bit deeper by performing a RIPE/APNIC/ARIN lookup against that IP address. Now most ISP's allocate dynamic IP which makes it very difficult for a website to determine which customer of that ISP was viewing their website. Any decent ISP's should not divulge who that customer is unless you've been doing something illegal and a law enforcement agency has requested your personal info.

However, if you have requested a block of static IP addresses, the ISP is 'supposed' to update their RIPE/APNIC/ARIN records to reflect you as being the registered user of those IP addresses. In this scenario, the RIPE/APNIC/ARIN databases can hold information such as your name, your postal address, your phone number and your email address.

2. Blocking cookies or the site doesn't stop a site knowing your IP address (for the reason stated above). Cookies, on their own, cannot retrieve info about you from your PC (they can however store information you've previously provided in a web session). Cookies also cannot interrogate other cookies for information they hold. Cookies are mostly harmless but they can be used for nefarious reasons to perhaps reveal more about you than you're comfortable with. Information such as: Computer name and IP address, type of web browser, the OS of your computer, what websites wou've been visiting.

It's probably best you review the following URl regarding how cookies should and can be used. It may help:


3. You can 'hide' your IP address by using an anonymous proxy service. I've used and occasionally still do use a product called JAP exactly for this purpose if I question the integrity of a site I want to visit. Anonymous proxy services like this however invariably slow down your web browsing experience so it comes at a price.

4. If you feel you are under attack from SPAM or even hacking, best advice I can give is to install a good anti virus, firewall, anti spy and anti spam product.

There's a number of products that provide all this out of the box. Norton Internet Security springs to mind as I know Dell include a trial copy of this on all new PC's.

Norton isn't free and there are plenty of free products that can do the above things as well. Personally I use all the following:

(a) AVG for anti virus
(b) Ewido Security Suite
(b) Agnitum outpost firewall
(c) K9 anti spam
(d) Prevx for intrusion detection
(e) Microsoft Anti Spyware
(f) Spy Sweeper Anti Spyware

Some of the above products overlap the others and are all free and findable via Google. No one provider can offer 100% security to you or your machine so I build defence in depth and hope that if one piece of software gets comprised, the other will detect the intrusion.

Hope this helps
 
Think of every packet from your computer as a postcard:

It has the address it is going to, the address if came from and all the content of the packet available for anyone to read. Not only the site you went to, but every hop between you and that site CAN (but usually won't) read your packets and get your address.



I tried to remain child-like, all I acheived was childish.
 
Best thing is to use a router or proxy server so it shows that IP instead of yours.

pc.gif

Jomama
 
This is a dumb question, but how do you know if you have a static IP or not? I use Comcast with a wireless router, and when I check it is almost always the same. It'll change just very rarely, like, when I unplug the modem, or if there is a power outage.

This is good for me because I remote into my machine at least every day.

Is this a static IP? meaning, this is the IP address that the offending website sees when I go to it?
 
If it ever changes, it is not static.
It does not matter how often it changes, if it ever changes, the "officical" records for that number will just be some customer of this ISP, not you specifically.

As an example, if you go here and ask who owns 192.152.176.0, my employer and my name are shown, we have those static IPs

If you type YOUR IP in there it will just show you info about your ISP, not YOUR name.

I tried to remain child-like, all I acheived was childish.
 
You may want to run a quick "Shields Up" scan at:


I hadn't been there in a long time, and find the site extremely difficult to navigate now. There is so much advertisement that it is hard to find things, even if you know what you are looking for. But the scans are relatively quick and pretty painless. It will give you some idea of the vulnerability of your system.

To extend on the comments that have already been made, if you enter any personally identifiable information into your browser's configuration, like email addresses, that information is a mere query away from any web page developer. Typically this information is used to autopopulate web forms, but back to the nefarious purposes.

You may consider installing a secondary browser, like Firefox or Opera (I'm assuming that you are a Windows user) and use that browser for these sites that you are concerned about specifically. If you don't populate information in these browsers, it is more difficult to retrieve your personal information.


pansophic
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top