UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
July
Su M Tu W Th F Sa
1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31
Sponsored Links
Latest Postings
Latest Reviews
Topic Options
Rate This Topic
#8486 - 02/12/06 02:50 AM A self-imposed Test
snuffy Offline
Junior Member

Registered: 02/11/06
Posts: 5
Loc: New York
Okay, so I found this forum in which people had posted anonymously about me and my friends. A lot of it was very flattering and some of it was not. However one person was so flattering (wink) that I want to try and find out who they actually are.

Now, I've issued myself a personal challenge. I recently have become interested in hacking/programming, but I know nothing about it. I've read the newbie forums, esp secions like "How to be a Hacker" and the like. However, I feel that my technical knowledge is limited. I don't want to learn these skills to hurt or disrupt peoples lives, but just to stretch my own abilities and see what I can do.

So, based on my understanding, even if the post is made anonymously, the server keeps a record of the IP address the user writes from. So does that mean there is a theoretical link to the physical location of the user? Or the identity of the user? If the user is at a public computer, or on a LAN like a school library, then how can I figure out who it is? A keylogger and then cross-reference the time and the keys?

Basically, I want to teach myself about TCP/IP, the logistics and concepts of hacking, and maybe a language like VB, Perl, or C++ (eventually).

Please Help a Newb

Top
Sponsored Links
      
#8487 - 02/12/06 08:17 AM Re: A self-imposed Test
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
Well, I'll skip though all the "I want to learn to..." randomness...

99% of web applications which allow you to do ANYTHING will log your IP address, for tracking or abuse tracking. This is stored with your post, with your user account, and sometimes in a "full access" file which has every visitor of the site in it.

IP's are purchased in "blocks" of IP's by your ISP, these "blocks" can be traced to that isp; most IPS's then allocate these blocks to differant areas, which most also assign a host name.

Now, an example, say 127.0.0.1 (genaric ip for your loopback to your pc) dns' as "localhost" (or for our explanation here, "localhost.com"); localhost.com as the domain can be traced to a registrant who owns the domain, thus pinpointing the address of the institution (if a school); if there is no domain in the reversal you can still track by the owner of the ip address.

Additionally some isp's give a more "pinpointed" hostname for most users, for example i could have: 127-0-0-1.or.comcast.net showing i'm using comcast.net as an ISP, in their Oregon market, with the IP "127.0.0.1".

Some schools assign hostnames to track users in dorms, skull has "skull.hisschool.tld" for his dns (not sure if they gave it to him or if he requested it, but whatever).

On to programming, if you decide to go the route of computer programming, go C++,, it's what i'd recommend.

If you'd like to go Web Programming go with PHP/MySQL/XHTML/CSS, do it well, you make some green.
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#8488 - 02/12/06 08:42 AM Re: A self-imposed Test
snuffy Offline
Junior Member

Registered: 02/11/06
Posts: 5
Loc: New York
Okay, so I feel as though I understood most of that, but how does one practically DO it? What do I actually DO to make that happen?

Top
#8489 - 02/12/06 09:44 AM Re: A self-imposed Test
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
well, you get an IP address... Any user has an IP... Any domain is on an ip...

You then go to a service which looks up IP addresses, SilentRage has one of these available at:
http://whois.dollardns.net/ip.pl

My example:
http://whois.dollardns.net/ip.pl?query=www.undergroundnews.com

shows that our domain us using the ip 65.19.133.39, which belongs to Hurricane Electric (ISP) in California...
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#8490 - 02/16/06 01:05 AM Re: A self-imposed Test
snuffy Offline
Junior Member

Registered: 02/11/06
Posts: 5
Loc: New York
okay, so I've experimented with querying the IP of various hosts, and I think I understand. But how would I find the IP of the user who posts on a site? For example, I might look up
http://whois.dollardns.net/ip.pl?query=www.undergroundnews.com

I would get the IP, the hosting information and what not, but how would I find the IP address of a specific poster, for example, you (please don't take that as an actual threat of some kind). And more importantly how do I get to that point if the user is anonymous?

Top
#8491 - 02/16/06 02:00 AM Re: A self-imposed Test
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
You wouldn't, the forum software which stores the IP stores it for privacy, only the admin and staff have access to addresses; no site should allow public viewing of user ip addresses for as little as privacy concerns.
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#8492 - 02/20/06 03:26 PM Re: A self-imposed Test
snuffy Offline
Junior Member

Registered: 02/11/06
Posts: 5
Loc: New York
so you're saying that there is no legal way that someone could find the user IP on the site?

Top
#8493 - 02/21/06 09:26 AM Re: A self-imposed Test
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
Legality isn't the issue with "SEEING" it, it's mainly FEATURE wise that it'd be near impossible..

It is bad business practice to allow the public display of user ip addresses as it would allow anyone to preform a DDoS on someones IP address (or any other array of things, including attempting to "hack" a user, or threatening to do so as well).

I know of no web forum which archives IP's which allow a public display of the IP in their stock code; well, the UBB DOES have the option, but i know of not one admin who utilises it.

Additionally, it's bad business practice to display ip's as users are not interested in having their information displayed for public use, that can be traced back to them, and only them.
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#8494 - 03/13/06 02:05 PM Re: A self-imposed Test
snuffy Offline
Junior Member

Registered: 02/11/06
Posts: 5
Loc: New York
So the host server would store the IP locally and include it in HTML code available only to the admin? Obviously the host needs to have access to that information in order to ban that user if the need were to arise right?
So if you were to gain admin access to that server you could view it?
By the way, thank you for being so patient/informative

Top

Moderator:  Infinite 
Featured Member
Registered: 03/05/02
Posts: 9
Forum Stats
2145 Members
46 Forums
33155 Topics
68322 Posts

Max Online: 1567 @ 04/25/10 10:20 AM
Top Posters
UGN Security 26318
Gremelin 7192
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Jimmie Menon, fghijk435948, Devo60, ali, lavos
2147 Registered Users
Who's Online
0 registered (), 739 Guests and 365 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!