I do not want to know HOW, but it is possible for someone to determine my (or anyone's) IP number and utilize it to say post to this site as me? (Given they had ascertained my password).

I am very computer illiterate so let me put it one more way in hopes of getting you to understand me.

When I log in here I am sure my IP # is stored somewhere. Now lets say one of you wants to log in as me how easy is it for you to also make it look like the same IP was used to do so??

Let me know if I am even close to making you understand. Apologies if in the wrong area.

Thank you!

They would only need your user name and password to fake being you on the forums. There would be no need to fake the ip address too.

GH is right (of course).

What uniquely identifies you here is your username and password. Protect them carefully. Your email address is also important.

Where IPs come in is in verification. IPs are logged when forum activity takes place. If you were to claim that someone had hacked your account I could check to see if your IP address suddenly changed, which might be an indicator of abuse.

Now let's say GH (example only) has my userid, and password, and logs in as me to this forum(example only)now:

When he/she does that an IP is listed somewhere, how hard would it be for GH to log in and be able to have that IP number listed as well?

In other words CAN one mimic another person's IP number very easily?

I do not want to know how or anything like that, just if it is possible and how hard is it to do?

In other words CAN one mimic another person's IP number very easily?


First GH doesn't poop where he eats :)

Second it would be very,very hard to do, not impossible but hard. It just wouldn't be worth the trouble since I would already have the login information. I have nothing to gain by faking your IP too so why bother??? :)

>>I have nothing to gain by faking your IP too so why bother<<

What if you wanted it to look like I did the posting (let's just say it was a malicious post) and you knew I was going to raise heck so you wanted it to look like hook, line and sinker, it came from me, so I guess my questiion is can you fake my IP without possessing my 'pute in some capacity?

I will stop bugging you over this, I just so appreciate your info.

If I know what your IP address is, then yes I might be able to fake it. But it might not work at all, I would need to do other things besides just knowing your IP. (Just editing the "logged" IP wouldn't work because the web server's logs would still have the real IP used to access the tread.)

Ghost_Hacker and ixl, you have been most helpful. I appreciate very much the time you take to help us "computer challenged" folks out.

Also you have to look at the fact that the same user can different IPs depending upon whether he logs in from home, the office, a library or a laptop on the road using a portable internet account. Even if you log in from home on a dialup connection your IP changes...it is called a dynamic IP, yes it will be within a certain range but it could be different every time you log in.

Let's say that the number you are connecting to has a pool of 512 possible IPs you coul be assigned, well every time you dial up your ISP you can get a different one of that 512 possible IPs.

The key here is that the userid and password are the same, no matter where you log in from. That is how the server knows you are you, and if someone else has those then the server will think that person is you, and the IP wouldn't really matter.

Now, if you log in mostly from somewhere in California, and suddenly your logins are coming from Nigeria then the IP would matter.

On a web forum, something malicious was posted under a users name and password. The person says no I didn't post that someone has my password. Webmaster checks IP listing and it is the IP that the member uses all the time.

Question what is the likelyhood someone else could login, use the password and have the IP show up as if it were the member themself?

You guys are the greatest!!!!!!:)

Well, There is the possibilty that the user has his passwords saved in IE. Then if someone else used his computer they could then use his Login info to post to the forum. In fact that happened here to some guy once.


I don't know the whole story but it's something else to consider.


Good Luck :)


EDIT Just remembered you said without using the guys computer.....Oh well,nevermind :D

Question what is the likelyhood someone else could login, use the password and have the IP show up as if it were the member themself?



Ok, there is a way for it to happen. At the office where I work we use a proxy server to get access to the internet. If any of my co-workers came to this site they would have the same IP address logged that I do because we go thur the same proxy.( It's the proxies ip address that is seen on the outside and gets logged)


That's the only way I can see how someone might have my loggin information and also by chance get the same IP logged.


Anyway hope I haven't confused you. :)

What is being talked about happened on my board this weekend. A user claims that someone logged on with the IP that he uses, got into his wife's account and posted a false news report about him being killed.

Now, the only way I know that this could have happened is if possibly, the person who did it does in fact have the same ISP, it is not a local internet provider, so the possibility is there.

He claims that someone can make themselves look like they are under his IP address.

Also, his wife did not change her password after this supposedly happened. Wouldn't that be the first thing you would do? One more thing, no errors were genetated by someone trying to guess a password.

Thanks guys. And Girls...

All the trouble of forging an IP for a fake news story?

Unless there is some sort of financial gain, it is probably not worth the effort...

That, said, there are stranger things that go on.

And without knowing some details it would be hard to say if in deed it was forged. If he/she connects with a dial-up account then their IP will change practically every time they connect. If the have a static IP then that would be easier, but still why? It isn't exactly the easiest thing to do.

There are also many multi-user systems still in operation -- UNIX boxen that have people telnet'ed into them, such as I use every day.

All of the above is why IP addresses are logged on BBSes like this one, but rarely used for much.

Ghosh Hacker is right if you're using same proxy server you might get the same IP like what we have in the office.
Now my question is when Im using dial up and got connected with my particular IP is it possible for me to changed my IP while online??
Another one is How I will know the IP of the person whom Im talking to particularly in chat room or any other messenger.

Now my question is when Im using dial up and got connected with my particular IP is it possible for me to changed my IP while online??

In order for your IP to change you'd have to " release " it, then " renew " it, basicly you'd have to log off your connection and log back on-since by the very act of signing on to a dial up ISP you're getting a dynamically assigned IP address.

There are ways to mask an IP, but that doesn't do you any good, since as GH has pointed out above, your very own ISP would know who you were and the true IP assigned to you.



Another one is How I will know the IP of the person whom Im talking to particularly in chat room or any other messenger

Easy, simply ask them. :D If they are foolish enough to tell you, then you've got a possible link to their PC; { but take into account ISP's use proxy server's and firewalls so you probably won't be able to do anything more than PING them }

With dial-up your IP should not change if you are connected, I can't think of a way it could be done. As far as the IP of someone your talking on a messenger that is entirely upto the messenger software. Some allow it to be seen(ICQ) while others I am not sure about. Please be more specific and refer to the documentation/web support for the IM software you are talking about.

Anubis

Im talking about Yahoo Messenger and MSN. SUpposed you're chatting with someone how can I get their IP (with out asking them like iisbob said).

I heared some storied that some guys are managed to used IP another user is it true and possible??

In chat software there are some ways of finding the IP of another person, but the proxy and firewall rules still apply. With some software everything goes through a proxy so you would basically end up finding the IP of the proxy, with most lookup tools, unless someone is actually foolish enough to divulge their true IP.

Another one is How I will know the IP of the person whom Im talking to particularly in chat room or any other messenger

You can do it by using the file transfer facility in messengers. You may find out his/her IP address by either sending or receiving a file.

As per my knowledge it's not possible with yahoo messenger 'coz it uses a proxy server while transferring files.

It's pretty easy with MSN messenger. Send a file by clicking on file>send and just as the transfer begins, start command prompt, and type netstat. The IP add of the receipient will be clearly shown .... mostly at the end of the list.

How about on emails.. Is there any way I can trace them what is their IP address, I know some emails idicate their IP but most of them are just a plain messege.. Like Hotmail,yahoo and other free web mails.

Every email contains the IP information, but not all of that info is accurate, it can be forged and rather easily at that.

The information is contained in what are known as headers, and by default most email clients do not display that information. You can select in most of them to show the headers (some call it the message source).

Here are some links on reading and interpretting headers....

How do I get my email program to reveal the full, unmodified email? (http://spamcop.net/fom-serve/cache/19.html)

Reading Email Headers (http://www.stopspam.org/email/headers/headers.html)

How to Interpret Email Headers (http://help.mindspring.com/docs/006/emailheaders/emailheaders.php3)

Thanks its really a great help for me.. Its very interesting thing to know all of these.

...you may use email tracker pro (http://www.visualware.com/emailtrackerpro/index.html) to find out the country from which the email was sent.

... You may also use Visual Route (http://www.visualware.com/visualroute/index.html) to :

Quickly analyze and identify the source of Internet connectivity problems
Identify the geographical location of an IP address
Identify the source of Spam email
Troubleshoot email problems
Provide students with an visual tool to help demonstrate how the Internet works


...ofcourse, if you learn to read email headers, then you don't need above tool. Thx goodness, software coders care for lazy people like me :p ... but only for fortnight or a month :D as both are trial softwares.