Who on the Internet can see your IP address, and what can they do with it?
Browsing the Internet is very similar to driving around with a car privacy wise. People see the license plate of the car which some can use to look up information about the owner of the car.
The IP address of a device works in a similar fashion, albeit not that much in the open.
Whenever programs such as web browsers connect to websites, one or multiple server connections are established by it in the background.
These connections download data from those servers, usually to display the website in the browser. This can be text, images and other media, scripts for advertisement or style information that tell the browser how to style the site.
Each connection reveals the device's IP address to the server it connects to, and in return, you get to see the IP address of the server as well.
The same is true for other types of Internet connections. A mail client like Thunderbird or Outlook connect to mail servers, a gaming platform like Steam to Steam servers and sometimes game servers, and file sharing clients to centralized servers and other users sharing files.
Basically, your IP address is revealed in every connection your device makes.
What can an IP address reveal about you?
Just like the license plate of a car, it does not necessarily reveal the driver but only the owner of the connection. If you connect from home, this may be you but it can as well be a sibling, your parents or room mates. On the go, it can be the owner of a shop for example.
The IP address reveals public information. It can be used to find out about the Internet Service Provider who has registered it, and also the region it is being used in. While that can mean your neighborhood, it cannot be used to reveal your home address usually.
Things are different for law enforcement requests. Providers do store additional information usually including date, time, IP addresses and customers who were assigned those addresses. IP addresses are often assigned dynamically which means that they change over time.
Tip: you can check your IP right now here on Ghacks.
If law enforcement or other legal authorities request information about an IP address, a link between the IP and you as a customer can be established.
- Your ISP: identify your home address and the owner of the account.
- Everyone else: only publicly available information including the ISP and region.
Protection
There are two main methods of protecting yourself on the Internet:
- Use an Internet connection that cannot be traced back to you. This can be a public WiFi in a coffee shop, airport or other location for example. While Internet servers cannot trace you back this way, there may still be ways to identify you. Cameras may record your activity for example, or you may be required to authenticate before you can use the Internet connection in a place.
- Use a proxy or VPN server. This puts a barrier between your own IP address and the Internet so that all connections see only the proxy or VPN IP and not your own. There are still ways to trace the connection back to you if the service you are using records information just like your ISP does. One way to make this difficult is to chain these type of connections.
i sent an application by mistake on a website so i was wondering if they can know my ip address? after i sent it i turned my VPN on so was it too late for that?
They can’t do anything with your ip, if its dynamically it will change every reconnect. And no matter if they have it or not, all routers close the ports by default.If you are up to date the real risk szenario is very low. Nobody crack a home server because for what?
My IP is dynamic .. but it doesn’t change every time i disconnect. I had the same IP for about 2 years (mind you my computer/modem/router are on 24/7 365 days a year – but I do fall offline, I have had power cuts, I even had a 4 days down time because some drunk woman drove into the exchange box 50 meters up the road and demolished it. Since then my ip changes occasionally.
As for IP … well, script kiddies are not going to go after you specifically, but I still remember the days of Back Orifice .. scanning ip ranges, testing ports .. having a little fun .. especially in mIRC with people in the channel .. do a /dns nick .. jump in .. start notepad .. type “You have a virus!”
Kali Linux … try it .. metasploit … Not advocating doing anything nefarious, but there are so many holes to gain access, large swathes of people’s machines are not secure at all. And neither are a heap of routers. DD-WRT or tomato I say :)
!Beertime
, and what can they do with it?
The can use tools to scan your IP for open ports. Then launch attach tools against the open ports. Additional, they might be able to target your modems firmware for infections if your router was one of the numerous ones that recently had vulnerabilities. They can run nessus and other scanning tools against it.
If they find any vulnerabilities they could break in and re-program your router(maybe). The right kind of vulnerability might even allow them to infect the computers behind the modem/router/etc.
Typing IP in Google search reveals your Internet protocol (IP), something I wasn’t aware of until one day, and you could always use What is my IP and if you do DON’T download anything from them telling you about running ping test etc.
https://support.google.com/websearch/answer/1696588
The car registration analogy is fine as far as it goes, but it ignores the fact that IP addresses can be dynamic, they can be spoofed, they can be misdirecting (VPN, proxy, Tor, etc) and most of all they say nothing about who is driving…just my 2p
db
“IP addresses can be dynamic, they can be spoofed”
I keep hearing that but I’ve never seen evidence for this claim? The NSA may be able to do it but they are all-powerful; could an ordinary cybercriminal spoof my IP?
There is also the fact that cookies also tag you like BigBrother and can essentially monitor your activities on the web. Then you got your HTML5 which could do a geolocation (if you don’t have it disabled). Oh and they can track the “make and model” (OS and Browser) of your “car” (ISP connecting).
Tho, with the proper Javascript running, they can get great deal of things about your computer, however the more traceable ones I believe are illegal to do (computer name for example).
“computer name for example”
Never heard that. How then does FB and other services enable notifications of devices
eg : Facebook>Security Settings>Trusted Browsers knows and lists the name of my PC
There are so many items that can leak or be looked up, that a decent entropy rate is nigh impossible. Now add HTML5. Now add your ISP injecting tracking identifiers (not https) and you can do nothing about it. End of the day, the sooner we encrypt the entire internet the better
@David
Can’t resist on this one ip is the same as a car. Just get me some plates and a screwdriver =)
Take Care ;-)
My “car plates” can change as I speed around the corner at 100mph, and my “car” can magically zip around the world and be in any country within seconds, whilst the “driver” can change places with a “pedestrian” without stopping. Actually, I can be driving numerous “cars” all at once ..
also … If I could download a car, I would! =)
You should finish the article.
For my part, I find it very clear.
I’m not a bit advocate of Maxthon browser but this letter about privacy i found to be unique:
http://www.maxthon.com/blog/how-safe-are-you-while-browsing-the-internet-maxthons-got-you-covered/
As far as i know, there are no other that do the same.