Jump to content

How to protect your IP address


Petrovic

Recommended Posts

What if everyone in the world knew your home address? It would be terrifying, right? People could use your address for any number of indiscretions—posing as you, sending products, people, and services to your house, even adding your house to a burglar’s checklist. What if I told you that cybercriminals can essentially do the same things by finding the “address” of your digital devices?

 

This “address” is your IP address, or Internet Protocol address. It’s a unique combination of numbers that identifies computers or devices from one another to allow them to communicate through the Internet. It might look like this: 192.168.10.10.

 

Your digital devices work much the same way as your physical address—your device needs an address in order to send an email to another device’s address. But here’s the issue: Your network’s public IP address is accessible to everyone on the Internet.

 

What can someone do with my IP address?

There are many reasons why cybercriminals might want your IP address, ranging from just messing with you to future larger-scale, targeted malicious attacks. Three of the main reasons they’re on the hunt for IP addresses are to do the following:

 

Download illegal content under your IP address’s identity: They can download pirated movies, music, and videos—even child pornography or content that threatens national security. This puts an unnecessary target on your back for law enforcement to come after you. For example, in 2012 online threats to local police in Indiana were traced back to an IP address. After a SWAT team busted down the door and threw flashbangs into the entry, they realized they had the wrong place.

 

Hunt down your location for larger-scale attacks: When given an IP address, attackers either know your home coordinates or your Internet Service Provider’s (ISP). They might want to know what region you’re in to decide if your area is a worthy target for future attacks. For instance, they may be looking for IP addresses in wealthier locations or less security-literate areas to receive more payoff from an attack or penetrate a system more easily.

 

Hunt down your location for direct attacks: Criminals can not only use your IP address for larger-scale attacks, but also to directly target your network and launch a variety of assaults. One of the most popular is a DDoS attack (distributed denial-of-service). This type of cyberattack occurs when bad guys use previously infected machines to generate a high volume of requests to flood the targeted server or servers (using IP addresses to locate). By doing so, it creates too much traffic for the server to handle, resulting in a disruption of services. Basically, it shuts down your Internet, which in turn blocks you from accessing vital resources.

 

Online gamers are at particularly high risk for this, as their screen is visible while streaming (on which an IP address can be discovered). They accounted for over half of all of the DDoS attacks last year, according to Akamai’s Q3 2015 State of the Internet—Security Report. If someone’s IP address is known by other gamers, they can launch a DDoS attack, kicking them off of the game and Internet. Even worse, it could lead to a SWATTING attack, where an attacker pinpoints the location of their victim and deceives authorities enough to dispatch an emergency response team to the victim’s house. Imagine them barging through your door unannounced!

 

How do criminals find my IP address?

Just as they do to find personal info online in order to target users for malware infection, cybercriminals can be awfully crafty to find your IP address. Here are some of the ways attackers drill down to see that magical number.

 

Attackers can use For example, they can find you through Skype and other instant messaging applications, which all use IP addresses to communicate. If you happen to chat with strangers using these apps, it’s important to note that they can see your IP address. Attackers can even use a tool called Skype Resolver, where they can find your IP address when all they know is your username.

 

In addition, criminals can track down your IP address by simply following your online activity. Any number of online activities can reveal your IP address, from playing video games to commenting on websites and forums.

 

After finding your IP address, attackers simply go to an IP address tracking website, such as whatismyipaddress.com, type it in, and then BAM—they have a location. With a little elbow grease, hackers can cross reference if they want to validate whether or not the coordinates are your home. They can use LinkedIn, Facebook, or other social networks that show where you live, and then see if that matches the coordinates given. For example, the IP address coordinates I found for Steve Smith are located in Seattle, WA, but on his Facebook account it says he lives in Portland, OR, so I know that the coordinates I was given are his ISP’s location.

 

How can I protect my IP address?

You are assigned either a static (constant) or dynamic (changes periodically) IP address by your ISP. There is some debate as to which is safer, though it is arguably more secure to have a dynamic IP address because “there isn’t a constant target for the attacker,” says Steven Burn, Lead Malware Intelligence Analyst at Malwarebytes. “However, if there’s something vulnerable to attack on the IP, the fact that it’s dynamic isn’t going to help much. It’s already game over.”

 

It all boils down to the steps you take to secure your IP address. Here’s how you can keep your IP address out of the hands of criminals.

 

Use a Virtual Private Network (VPN): This protects your data online by the use of encryption. It hides your IP address and redirects your traffic through a separate server, making it much safer for you online. VPN services are without question the best practice for hiding your IP address, says Burn. They can be found online with monthly service charges, however, the price might not be worth it for every home user.

 

In addition, you could run a proxy, which acts as an additional hub through which Internet requests are processed, all while hiding your IP address. It can determine legitimate over non-legitimate requests.

 

Update your router and firewall rules: Your router forwards data between networks, and your firewall prevents unauthorized access. Ensure that the administrative password you received at the time of purchase is different now. Each default password provided by your ISP is the same and can be easily searched online. Also, set your firewall rules to not allow any ping requests from the Internet. This makes sure unauthorized visitors won’t get through.

 

Change privacy settings on instant messaging applications: Only allow direct connections from contacts and don’t accept calls or messages from people you don’t know. Changing your settings to private makes it harder to find your IP address because people who don’t know you cannot connect with you.

 

Update your antivirus solution and add security layers: Making sure you are caught up on all of your security software’s updates ensures you’re protected from threats. Adding additional security on top of your antivirus further protects you. For instance, Malwarebytes Anti-Malware blocks malicious URLs from emails and offers web protection. If an attacker tries to send you a known malicious link that, when clicked on, will disclose your IP address, it will block the connection to it. The attacker wouldn’t receive anything.

 

Protecting your IP address is protecting your identity. Securing it through these steps is one more way to stay safe against the wide variety of attack vectors cybercriminals are using today.

blog malwarebytes

Link to comment
Share on other sites


  • Replies 9
  • Views 1.3k
  • Created
  • Last Reply
Quote

Use a virtual network(VPN):

 

 
I understand that when you are connected to the internet through a router, you are protected by a hardware firewall which provides a good first line of defense against would-be hackers(NAT). The problem with using a personal VPN service, however, is that the encrypted VPN tunnel between your PC and the VPN server also tunnels through the NAT firewall (which cannot read the packets headers, as they are encrypted). This means that you lose the protection afforded by the NAT firewall, and malicious IP packets can enter your system from your public, visible IP address. 
:dunno: 
Link to comment
Share on other sites


Skype resolver is a joke..which resolver actually works for you?

 

tried my own username and a couple more when they're online with a dozen so called resolvers on the internet, none worked. not that I need such thing for that to find but it's stupid...

Link to comment
Share on other sites


JeffDunhill

Tor can work out or a good security assuring VPN can do the trick good enough I guess. Both at the same time can also work. And if you are too damn insecure then double VPN is a thing. I used to do double with Zenmate and PureVPN back in the day, but I'm satisfied with one now!

Link to comment
Share on other sites


I think you only need a double VPN if you can't trust your VPN provider and if you do some real critical thins = don't do it from your one computer (no protection gives you 100%) and please don't think you can use your one computer on a WiFi hotspot - its not your IP but you have always the same MAC address and that is enough to identify you if you are a target  

 

Trust no one. Trust nothing. Assume everyone else is a malicious actor

Link to comment
Share on other sites


Just now, flash48 said:

I bet paranoid people have the best internet security.

i would assume that a truly paranoid person would be scared to death of the internet :dunno: 

Link to comment
Share on other sites


JeffDunhill
23 hours ago, Togijak said:

I think you only need a double VPN if you can't trust your VPN provider and if you do some real critical thins = don't do it from your one computer (no protection gives you 100%) and please don't think you can use your one computer on a WiFi hotspot - its not your IP but you have always the same MAC address and that is enough to identify you if you are a target  

 

Trust no one. Trust nothing. Assume everyone else is a malicious actor

But as much as i know it has nothing to do with mac address? does it?

Link to comment
Share on other sites


Media Access Control Address (MAC address)

The MAC address may also be known as ethernet hardware address (EHA), hardware address, adapter address, or physical address of a computer or networking device. Common tools display the MAC address of a device, or of devices present in the same local network. The MAC address is 24 bit long, formatted like 00-0C-29-20-99-07 and uniquely identifies the manufacturer of the network card/device.

  • For example 00-0C-29-20-99-07 maps to VMware, Inc., USA

 

on Airports, Hotels, Internet cafes (open WIFI hotspots) is a risk that the MAC addresses are logged

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...