IP Address Security

[caireen]

I KNOW there is info in this forum somewhere[ but I couldn't find anything in a search, so if someone could link me if this has already been posted...


How many of you use "off-MFC" email addresses? I have a g-mail account I use (with none of my real information, of course), and I'm aware that it's possible to find my IP address through this. But I always thought that IP address gives a pretty general location. For example, when I search my IP address I discover that I'm in Barcelona, which is probably not news to anyone that's in my room anyway. But today a member told me that people can find my specific apartment address from my IP. Is that true? I'm so confused about IP addresses now! What's the deal?

(and wait, if it's true- I guess it's safe to use my g-mail account from like.. a Starbucks or something?)

Thanksssss

 

[RedHerby1]

one other risk when your ip is know is that possible other websites did record your ip, many forums, guestbooks, show the ip of the poster.

maybe you did post with your real name in the guestbook of your local knitting club, and a google search for your ip shows that posting ...

go to a site like below, and then do a google searh to check if this is the case.

http://www.whatismyip.com/

please don't kill your hubby after this check ...

 

[Zoomer]

He could find your actual address if....

...He worked at your ISP and had unrestricted access to data records of which IP matched which customer ID at what time. However, he'd know your name, telephone number and probably your banking details at that point. As long as he knew the IP and the time then potentially, yes, he could know your address.

After that he'd need to be a bent judge who issues court orders and would lose his well paid job to know where you live. Or a bent law enforcement officer who'd likewise quickly be busted.

Basically... he's full of shit.

 

[Belgian]

hi,

If you send people email they can see your ip address in the headers of the email though it is impossible to find your real address with nothing but an ip so yes whoever told you that is trying to scare you if you own any domain names beware your personal information can be viewed by anybody who wishes todo that unless you do a private registeration assuming the tld (top level domain eg *.es for spain) allows this people cannot use this data in any way this is covered by the privacy laws

 

[caireen]

He could find your actual address if....

...He worked at your ISP and had unrestricted access to data records of which IP matched which customer ID at what time. However, he'd know your name, telephone number and probably your banking details at that point. As long as he knew the IP and the time then potentially, yes, he could know your address.

After that he'd need to be a bent judge who issues court orders and would lose his well paid job to know where you live. Or a bent law enforcement officer who'd likewise quickly be busted.

Basically... he's full of shit.

yes... that's what i thought. thank you!

 

[SoTxBob]

:-D Dont ya just love the full-o-shit guys on the net trying to freak out the girls for some unknown reason? :lol: :lol: Reminds me of a certain person that said he had software to allow girls to tell who was recording them...

 

[BlueViolet]

How many of you use "off-MFC" email addresses? I have a g-mail account I use (with none of my real information, of course), and I'm aware that it's possible to find my IP address through this. But I always thought that IP address gives a pretty general location. For example, when I search my IP address I discover that I'm in Barcelona, which is probably not news to anyone that's in my room anyway. But today a member told me that people can find my specific apartment address from my IP. Is that true? I'm so confused about IP addresses now! What's the deal?

(and wait, if it's true- I guess it's safe to use my g-mail account from like.. a Starbucks or something?)

Thanksssss

I'm pretty sure G-Mail IP addresses only are traced back to a Google IP address instead of your own. If not, it's really hard to locate a personal IP address through G-mail because the only IP addresses I found on the header/footers traced back to a Google server in New York or something. And I read in a lot of places when researching that all G-mail IP addresses trace back to Google and not the original sender's IP, but they and I could be wrong. I know it's much safer than say, Yahoo, though.

IP addresses DO NOT show your personal address, just the city in which your ISP (Internet Service Provider) is located. No specific details of your address. So that member is stupid. Like Zoomer said, the only way to find your address through an IP is to have a court order taken to your ISP. A regular person cannot find you this way, I think that's only used in criminal cases where the police need to know the exact address, they can talk to the person's ISP and get their address that way.

I did a long post about how to not give away your location. I had to correct myself in it to clarify that some random person cannot use your IP address to locate your personal home address, whereas geotagged images can.

viewtopic.php?f=17&t=4731&hilit=geotagging

It's a good idea to read all of it, but your questions pertains to "Can you send me that through email, please?" If you are still worried about them even knowing your city in case I am wrong about G-mail hiding your personal IP address, you can only send emails when using a proxy server which I explain in that post what a proxy is and how to use one easily. :-D

 

[Human]

This is probably excessive, given the minimal risk, but ...

You could go through a proxy server that would mask your IP address (even if static) and even mask your country. People who do a lot of bit torrent piracy or who need to mask their IP for political activist work use these routinely. I personally like BTguard (http://www.btguard.com) in Canada, but there are plenty of other proxy servers.

This will probably slow down data transfer, and it's probably not suitable for camming. You can use it for everything else. Proxy services aren't all that expensive.

Best wishes. Stay safe.

 

[CallMeWilliam]

He could find your actual address if....

Basically... he's full of shit.

Actually he is not, if your ISP offers a home phone service they pretty much have to supply an e911 service which is basically mapping ip addresses to street addresses, these list are updated every time the ISP changes the mapping, they also sell these lists to companies that sell GeoIP databases or implement map services that integrate with location services ( like google).

Also when you send an email most mail clients include your IP address in the message header along with your computer name in some cases.

I know this because I have been under contract with a company to develop software where they bought such lists to implement location services for clients. The lists are accurate to the postal code/zip code, the more detailed ones (for certain cable companies) are street address specific.

You can buy the lists under a subscription model where you from 6-12 months of updates. They usually update the lists weekly & bi-weekly for the most part.

 

[Jupiter551]

This will probably slow down data transfer slow all online activity drastically, and it's probably not suitable for camming. You can use it for everything else. Proxy services aren't all that expensive.

Using a proxy is connecting everything you do through a server in another location, and if you're trying to mask your own location the proxy server will likely be fairly distant. You know when you try to play an online game and you end up on a team of Russians who all have a lightning fast ping and you're lagging like crazy? Same thing, except you'll be filtering every piece of data to and from your connection through that distant, laggy server.

Protect yourself from stalkers and crazies by all means, but let's not get ridiculous - even if someone knows what city you're in that's not the same as locating you.

 

[BlueViolet]

Protect yourself from stalkers and crazies by all means, but let's not get ridiculous - even if someone knows what city you're in that's not the same as locating you.

Ahhh. I must politely disagree, my good sir. You must not know the lengths through which true stalkers go, knowing a city is a gold mine of information for them.

Sure, they will not know your home address. But the crazies will be crazy. They have your picture and know your city. There are so many ways to get additional information from that.

Facebook? Craigslist? Twitter? Google+? Etc.

Say they try the Facebook route. (Even if the girl doesn't even have one.) They can sign up for a fake account in her city under a legit looking name (or generic) and use a fake profile picture that looks about her age. Then add as many people as they can that are her age. Then start messaging every girl and guy saying, "Hey, I think we both went to high school with this chick, I met her at a bar/this party the other night and she posed for a picture for me and gave me her number but I think I left it at the bar/party. If you got any information that would be great, I don't want her to think I'm a dick for not calling." Or something to that affect, however better worded.

Or post to Craigslist in her area for "missed connections" saying about the same thing with her picture posted. It's a small world, someone is bound to recognize her eventually whether it's well-meaning friends, family, old teachers, etc. Then if you get a name, especially a full name, there's nothing you can really not find out if you look hard enough.

I almost like I shouldn't post this and give anyone ideas, but I think the crazies that intend on trying those things out already know that, and the non-crazies have no intention. That's why I personally don't believe you should even give out your home state but I'm overly paranoid about that stuff. Even having your picture up online isn't safe honestly. :-D (Especially if you have your location services on and take the picture with your phone and post it online, but that's a whole different story and that gives exact coordinates. Thanks geotagging!)

 

[Miss_Lollipop]

Dakota..... you are like a pro-stalker girl!

I hope you never stalk me.

Actually, feel free to stalk me. You're pretty fucking hot

 

[BlueViolet]

Dakota..... you are like a pro-stalker girl!

I hope you never stalk me.

Actually, feel free to stalk me. You're pretty fucking hot

:-D Aw, thank you!

I'll definitely keep that in mind, hehe :whistle:

 

[Jupiter551]

Protect yourself from stalkers and crazies by all means, but let's not get ridiculous - even if someone knows what city you're in that's not the same as locating you.

Ahhh. I must politely disagree, my good sir. You must not know the lengths through which true stalkers go, knowing a city is a gold mine of information for them.

Sure, they will not know your home address. But the crazies will be crazy. They have your picture and know your city. There are so many ways to get additional information from that.

Facebook? Craigslist? Twitter? Google+? Etc.

Say they try the Facebook route. (Even if the girl doesn't even have one.) They can sign up for a fake account in her city under a legit looking name (or generic) and use a fake profile picture that looks about her age. Then add as many people as they can that are her age. Then start messaging every girl and guy saying, "Hey, I think we both went to high school with this chick, I met her at a bar/this party the other night and she posed for a picture for me and gave me her number but I think I left it at the bar/party. If you got any information that would be great, I don't want her to think I'm a dick for not calling." Or something to that affect, however better worded.

Or post to Craigslist in her area for "missed connections" saying about the same thing with her picture posted. It's a small world, someone is bound to recognize her eventually whether it's well-meaning friends, family, old teachers, etc. Then if you get a name, especially a full name, there's nothing you can really not find out if you look hard enough.

I almost like I shouldn't post this and give anyone ideas, but I think the crazies that intend on trying those things out already know that, and the non-crazies have no intention. That's why I personally don't believe you should even give out your home state but I'm overly paranoid about that stuff. Even having your picture up online isn't safe honestly. :-D (Especially if you have your location services on and take the picture with your phone and post it online, but that's a whole different story and that gives exact coordinates. Thanks geotagging!)

Yeah I never would have thought of that stuff I admit...that facebook thing is kinda brilliant, in an evil genius kinda way.

 

[Zoomer]

He could find your actual address if....

Basically... he's full of shit.

Actually he is not, if your ISP offers a home phone service they pretty much have to supply an e911 service which is basically mapping ip addresses to street addresses, these list are updated every time the ISP changes the mapping, they also sell these lists to companies that sell GeoIP databases or implement map services that integrate with location services ( like google).

Also when you send an email most mail clients include your IP address in the message header along with your computer name in some cases.

I know this because I have been under contract with a company to develop software where they bought such lists to implement location services for clients. The lists are accurate to the postal code/zip code, the more detailed ones (for certain cable companies) are street address specific.

You can buy the lists under a subscription model where you from 6-12 months of updates. They usually update the lists weekly & bi-weekly for the most part.

Yikes that's a tad bit fubar :shock:

In the UK, the application of the Data Protection Act means that geolocation will only yield the physical address of the ISP. Any further tracking (e.g for criminal tracing) has to be carried out by getting the ISP to check their logs.

 

[bodisha]

I KNOW there is info in this forum somewhere[ but I couldn't find anything in a search, so if someone could link me if this has already been posted...


How many of you use "off-MFC" email addresses? I have a g-mail account I use (with none of my real information, of course), and I'm aware that it's possible to find my IP address through this. But I always thought that IP address gives a pretty general location. For example, when I search my IP address I discover that I'm in Barcelona, which is probably not news to anyone that's in my room anyway. But today a member told me that people can find my specific apartment address from my IP. Is that true? I'm so confused about IP addresses now! What's the deal?

(and wait, if it's true- I guess it's safe to use my g-mail account from like.. a Starbucks or something?)

Thanksssss

Whenever it comes to technical questions about computers & security I feel the need to qualify my background by saying I've worked in IT for 20 years and IT Security for 4 1/2 years so I'm not lumped in with the know-it-all's.... But your IP is NOT included in an e-mail header... the IP in an e-mail header is the IP address of the e-mail server you connected to when you sent the e-mail... Which could give an indication of someones geographical location because you will connect with the closest available server... but i wouldn't expect that to be accurate to anything but a state level though... Someone could narrow down your location if they identify your IP to the city you live in... but finding someones apartment numbers or street address is not realistic

Web site will log the IP's of anyone that view them... so the best bet to maintain your anonymity on MFC is not never click a link a member sends you unless you are 100% certain you know what it goes to... like youtube or something like that

 

[bodisha]

:-D Dont ya just love the full-o-shit guys on the net trying to freak out the girls for some unknown reason? :lol: :lol: Reminds me of a certain person that said he had software to allow girls to tell who was recording them...

have there been any AgeofTim sightings lately? he must still have my home state blocked because he doesn't appear on my friends list and i haven't heard anything about the sleazy bastard since his huge goodbye a cpl months ago

 

[Jessi]

Maybe its a dumb question, but can I just use a proxy IP from any of the proxy list websites? (I know chrome and firefox allow you to manually put in a proxy)
Does it affect your internet speed at all?

 

[bawksy]

Maybe its a dumb question, but can I just use a proxy IP from any of the proxy list websites? (I know chrome and firefox allow you to manually put in a proxy)
Does it affect your internet speed at all?

Public proxy lists are often woefully inaccurate in that only a small fraction of the proxies will still actually work. You basically have to go down the list and keep trying and trying until one works.

Once you do find one that works, your web browsing speed will indeed be limited by the lesser of your internet speed and the proxy's speed. I'm aware of no public proxy that can afford to give away for free to everybody a connection speed that is anywhere near "fast", so yeah, your connection speed will probably suffer.

Also, make sure you don't do anything over a HTTP connection when you're connected to the proxy, or the owner of the proxy will be able to sniff your entire web browsing session, including passwords sent in the clear and such. Make sure you use HTTPS:// whenever possible. Same as when browsing over open WiFi.

If you're really going for anonymity, the best option is a paid, full-speed proxy/VPN service.

 

[RedHerby1]

... But your IP is NOT included in an e-mail header ...

err, that is so wrong to give as a fact, Google talks about "may hide ... in some circumstances" , thats far from a guarantee

http://mail.google.com/support/bin/answ ... swer=26903

ok, ok, ok, Gmail does indeed currently not add your IP address when you use the web based mail client, eq gmail.com

thats not something technical, thats policy, at least in the past Hotmail and Yahoo did add a extra header, "X-Originating-IP", I have no idea what the current situation is, but I would not be surprised if there are still web based mail services that add your ip as a extra header to your email.

And if you send your Gmail email not from your browser, but with a 'normal' email client, Thunderbird, Outlook , Apple Mail, iPad mail, iPhone mail, etc, etc, then your IP is in the email headers ...

 

[RedHerby1]

Maybe its a dumb question, but can I just use a proxy IP from any of the proxy list websites? (I know chrome and firefox allow you to manually put in a proxy)
Does it affect your internet speed at all?

stay away from proxies on those list websites, they are sometimes runned by criminals fishing for passwords and so.

listen to bawsky ( fuck me for writing those 3 words )

 

[bodisha]

... But your IP is NOT included in an e-mail header ...

err, that is so wrong to give as a fact, Google talks about "may hide ... in some circumstances" , thats far from a guarantee

http://mail.google.com/support/bin/answ ... swer=26903

ok, ok, ok, Gmail does indeed currently not add your IP address when you use the web based mail client, eq gmail.com

thats not something technical, thats policy, at least in the past Hotmail and Yahoo did add a extra header, "X-Originating-IP", I have no idea what the current situation is, but I would not be surprised if there are still web based mail services that add your ip as a extra header to your email.

And if you send your Gmail email not from your browser, but with a 'normal' email client, Thunderbird, Outlook , Apple Mail, iPad mail, iPhone mail, etc, etc, then your IP is in the email headers ...

Perhaps i should have qualified my statement better... but as a whole an IP address won't be included in a e-mail header when someone is connecting to a publicly available e-mail server like gmail or yahoo ... what information that does get passed along with an e-mail header has less to do with which client that's being used to send an e-mail with than how the server is configured and what it's been configured to be sent in the e-mail header... but if you're connecting to a gmail or yahoo e-mail server your IP address is not included due to privacy issues that have come up over the last 5-6 years and this information is removed when you send an e-mail

And a proxy service like TOR will affect your speed... you can configure a service like TOR to isolate a circuit within a specific country like the US to try and speed things up... but the fact that it is still being passed between various relay nodes... it will add latency to your connection and it will affect you're speed... to what degree is up for debate though and it would probably vary.... also a relay circuit can go down due to nodes going offline... which has the potential to disrupt service while a new circuit is created

And bawksy is correct that if you're passing http packets your information is visible to the person that operates the node... And using https is no guarantee the data you send/receive is secure if the person running a node is using a software application like cain & able... which enables sniffing and Man-in-the-Middle attacks

Bottom line... you're anonymity is most likely secure with the e-mail service you're using

 

[BlueViolet]

Perhaps i should have qualified my statement better... but as a whole an IP address won't be included in a e-mail header when someone is connecting to a publicly available e-mail server like gmail or yahoo ... what information that does get passed along with an e-mail header has less to do with which client that's being used to send an e-mail with than how the server is configured and what it's been configured to be sent in the e-mail header... but if you're connecting to a gmail or yahoo e-mail server your IP address is not included due to privacy issues that have come up over the last 5-6 years and this information is removed when you send an e-mail

It's true that G-mail doesn't include YOUR personal IP address. Most others email servers do such as Yahoo, Hotmail, etc. still.

That was me testing it on Yahoo! Mail when I made my security post. I sent an email to myself to see if it would show my IP address. It did, note the fact that I had to clear out some numbers. It was my exact IP.

Also see:

http://en.wikipedia.org/wiki/X-Originating-IP

The X-Originating-IP (Not to be confused with X-Forwarded-For) Email header field is a de facto standard for identifying the originating IP address of a client connecting to a mail server.

ETA:

When I made the security post, I actually tried out several email servers. G-mail and Yahoo being the top ones. I tried a few others as well. Then I went through all the emails sent to me from my current job at the time, emails sent from relatives in other states, etc. I found the X-Originating-IP address in each email header and was able to trace it back to their city almost every time. Specifically a relative in another state, it traced back to their city.

Just saying. Be careful, and girls here especially: don't ever think "oh, it's fine, the chance is slim, I'll be safe." without doing your research on it. If someone is trying to get your location, it's a game to them and if they are given any sort of leads, then they definitely aren't going to give up. If they aren't finding any information within a long period of time, they'll most likely give up and move on to someone else. You can never be too safe especially when putting yourself out there on the internet.

 

[bodisha]

Perhaps i should have qualified my statement better... but as a whole an IP address won't be included in a e-mail header when someone is connecting to a publicly available e-mail server like gmail or yahoo ... what information that does get passed along with an e-mail header has less to do with which client that's being used to send an e-mail with than how the server is configured and what it's been configured to be sent in the e-mail header... but if you're connecting to a gmail or yahoo e-mail server your IP address is not included due to privacy issues that have come up over the last 5-6 years and this information is removed when you send an e-mail

It's true that G-mail doesn't include YOUR personal IP address. Most others email servers do such as Yahoo, Hotmail, etc. still.

That was me testing it on Yahoo! Mail when I made my security post. I sent an email to myself to see if it would show my IP address. It did, note the fact that I had to clear out some numbers. It was my exact IP.

Also see:

http://en.wikipedia.org/wiki/X-Originating-IP

The X-Originating-IP (Not to be confused with X-Forwarded-For) Email header field is a de facto standard for identifying the originating IP address of a client connecting to a mail server.

ETA:

When I made the security post, I actually tried out several email servers. G-mail and Yahoo being the top ones. I tried a few others as well. Then I went through all the emails sent to me from my current job at the time, emails sent from relatives in other states, etc. I found the X-Originating-IP address in each email header and was able to trace it back to their city almost every time. Specifically a relative in another state, it traced back to their city.

Just saying. Be careful, and girls here especially: don't ever think "oh, it's fine, the chance is slim, I'll be safe." without doing your research on it. If someone is trying to get your location, it's a game to them and if they are given any sort of leads, then they definitely aren't going to give up. If they aren't finding any information within a long period of time, they'll most likely give up and move on to someone else. You can never be too safe especially when putting yourself out there on the internet.

well... never let be said i wasn't able to admit when i've been wrong... hotmail (And i assume yahoo) does in fact have the ip adress info included in an e-mail header

 

[RedHerby1]

but if you're connecting to a gmail or yahoo e-mail server your IP address is not included

WTF !!! May I suggest you do some testing in the present time instead of talking about 20 year experience !

I did send 3 emails today, and checked the headers, in 2 cases my IP was added ...

1) Connection to a Yahoo mail server from the web is NOT safe
2) Connection to a Gmail mail server from the web is safe
3) Connection to a Gmail mail server from the iPad mail app is NOT safe.

I did just send a email in my browser with my yahoo account, that email did contain my IP ....

Received: from [xxx.xxx.xxx.xxx] by web121014.mail.ne1.yahoo.com via HTTP; Fri, 25 Nov 2011 15:19:33 PST

and earlyer today, to make sure I was right when saying Gmail adds your IP when using a SMTP client, I did send a email from my iPad with the default mail app, that mail did also contain my IP

Received: from [xxx.xxx.xxx.xxx] ([xxx.xxx.xxx.xxx])
         by mx.google.com with ESMTPS id xxxxxxxxxxxxxxxxxxxxxxxxxx
        (version=TLSv1/SSLv3 cipher=OTHER);
        Fri, 25 Nov 2011 11:10:33 -0800 (PST)

btw, I have 25+ years experience in the IT business, but I do fucking test things and do some research before I post hard facts in a forum, does'nt matter if that is a forum about wanking or a forum that is about my job.

 

[RedHerby1]

well... never let be said i wasn't able to admit when i've been wrong... hotmail (And i assume yahoo) does in fact have the ip adress info included in an e-mail header

haha, ok, now you make me look like a fool by attacking you

 

[RedHerby1]

It's true that G-mail doesn't include YOUR personal IP address. Most others email servers do such as Yahoo, Hotmail, etc. still.

That was me testing it on Yahoo! Mail when I made my security post. I sent an email to myself to see if it would show my IP address. It did, note the fact that I had to clear out some numbers. It was my exact IP.

see bodisha, its not about having 20 years (or me 25 years) experience, its about being smart ! (and she is hot to)

 

[tonyxtreme]

It's true that G-mail doesn't include YOUR personal IP address. Most others email servers do such as Yahoo, Hotmail, etc. still.

That was me testing it on Yahoo! Mail when I made my security post. I sent an email to myself to see if it would show my IP address. It did, note the fact that I had to clear out some numbers. It was my exact IP.

see bodisha, its not about having 20 years (or me 25 years) experience, its about being smart ! (and she is hot to)

So true. I love fucktards that throw around oh I have CISSP ZSYDY PHD after my name, and don't know jack about jack. I'll sum it up fairly quickly for you Caireen. Yes your IP of your machine (computer and name) is transmitted in the header information of your outgoing emails. Can someone use this information to stalk you, ABSOLUTELY! It again depends on how proficient they are and what resources they have access to.

The best bet would be to use a VPN (preferably) if you are concerned about someone finding out your general location. That would be a very good basic start. While it's never fun to deal with stalkers, being aware of your vulnerabilities and how to protect yourself is a good step forward. While many threats that fucktard stalkers will use, are baseless, you should always be in a position where you feel SAFE.

 

[schlmoe]

I love fucktards that throw around oh I have CISSP ZSYDY PHD after my name, and don't know jack about jack.

My thoughts exactly! "Self-anointed" experts in any field are usually exposed as fools fairly quickly.

I'll sum it up fairly quickly for you Caireen. Yes your IP of your machine (computer and name) is transmitted in the header information of your outgoing emails. Can someone use this information to stalk you, ABSOLUTELY! It again depends on how proficient they are and what resources they have access to.

The best bet would be to use a VPN (preferably) if you are concerned about someone finding out your general location. That would be a very good basic start. While it's never fun to deal with stalkers, being aware of your vulnerabilities and how to protect yourself is a good step forward. While many threats that fucktard stalkers will use, are baseless, you should always be in a position where you feel SAFE.

Very good advice. The only thing I can add is to beware of all the "free" solutions out there. Sometimes you get what you pay for.

 

[LilyMarie]

I don't really want to start an extra thread for this....

Does anyone know anything about the reliability of statcounter.com???
I use it on my profile and noticed that someone from Germany - in a city near my university - was on my profile on Friday, even though I blocked the country.