Question:
How do hackers gain unauthorized access to computers, only knowing the computers IP address?
Alex Mills
2012-12-12 06:47:44 UTC
How do hackers gain unauthorized access to computers, only knowing the computers IP address?
Six answers:
►τhε hα¢kεr δüδε◄
2012-12-12 06:58:53 UTC
Hello Dude,



There are several ways, like having open TCP/IP ports,default passwords,etc etc



they can gain access even if they don't know your IP Address, by sending a link to your email, if you don't have proper security, then they will gain access to your system instantly when you click on that link, there are tons of exploits that are used to gain unauthorized access , you need a understanding of the exploit and payload,

Some tools for Hackers are Backtrack , MSF [metasploit Framework], Nessus Vulnerability Scanner, nmap, .....................



To stay away from them,

1) do not open attachments from unknown people (even if it is a PDF file )

2) do not click on links that come from unknown people

3) Using Linux or Mac REDUCES your chances of getting attacked by a hacker (maybe 20%)

4) Use McAffe Antivirus for your Windows PC.

5) Do not turn Remote Desktop Sharing on (by default it is off)
Bill R
2012-12-12 16:17:18 UTC
First off, IP addresses are hardly secret. Unless you use a VPN, every website you visit knows your IP address. Even if you use VPN, you IP address is still perfectly guessable. Figure there are about 3 billion IP address total. Your ISP probably uses less than 100,000 those. They also probably issue the IP addresses by region. So if someone knows where you live and what service provider you use, they only have to guess through about 16,000 or so IP addresses before they find you.



Most hackers however, don't care who you are. They just span across all the IP addresses they can reach and try known security holes. Sadly I can't find the article right now, but I remember reading one last year, that said the average time to the first attack once machine is plugged into the network is under 15 minutes. So it means if you just install an old version of windows and plug your machine into the network, you can expect within 30 minutes or so, your machine has been broken into.



The way they break in is just using security holes in the operating system and services. For example, must computers respond to ping requests. There are known exploits on some computers where if you send a corrupt ping request, the computer will treat part of the packet as a program to run... Your best defence is good security software. Also since most attacks are under Windows, you are better defended if you user Linux or Mac OS X. I personally recommend Fedora, as SELinux makes it a very difficult version of Linux to compromise.





Now, once
adaviel
2012-12-12 16:06:10 UTC
By exploiting some stupidity or vulnerability in a service running on the computer.

I.e. the computer is acting as a server. This is actually less likely on a Windows PC, as home versions are set up as content consumers, not creators or servers.



By stupidity I mean things like having a root password of "root" and an open telnet port. I thought such things only occurred in the distant past but found an ARM development kit with that only a few weeks ago. Apparently there are a lot of modems and routers based on this and there's a worm which will find them in a few hours/days.



Sometimes a service, or even the operating system itself, is vulnerable to an exploit - typically sending some "illegal" data value that the designers did not allow for. Some years ago I was bitten by a vulnerability in RealNetworks media server, then running as root, and before that millions of systems were vulnerable to the "ping of death" - an illegally-long ICMP data packet. Modern systems are generally proof against such things, and services usually run as a non-privileged ID which limits the possible damage.



There are also application-level attacks such as SQL injection or cross-site scripting attacks against badly configured webservers, password-guessing dictionary attacks against e.g. SSH (don't use "12345" or "letmein" as a password, and don't allow root password logins at all), and denial-of-service attacks trying to overwhelm the network capacity of the system.



Having said all that, there's not a lot of extra danger in someone knowing your ip address. Your machine will be found anyway by scanners, if it's on the public internet (not behind a firewall or NAT), as there are only so many IPv4 addresses and hackers try them all.
anonymous
2012-12-12 14:52:11 UTC
It's extremely hard to gain access to other person's computer by just knowing their IP address. The victim would have to have some certain ports open so the attacker could connect to his/her computer. An advanced port scanner would do that trick, but it needs some mighty good luck that the certain port is open on the victim's computer.



The more likely reason is that the attacker phishes for information, possibly with the help of your IP, like your email or account names and sends you a malicious file that provides him/her access to your computer.
josephz2va
2012-12-12 14:59:26 UTC
There's many ways to gain access to someone else's computer. Two of them are:



1) You installed unintentionally a trojan horse. Be sure to run the latest malware, trojan, virus scanner to detect any threats added to your computer.



2) You have open ports that you don't even use and you have an insufficient firewall added. Be sure to run the latest firewall software or a better one, ask it to scan for open ports and close the ones you aren't utilizing at all.
prince rachit
2012-12-12 14:53:22 UTC
They try to access the open ports of computers by scanning the open ports. Although it isn't so easy as it looks, crackers also sometimes us the viruses which sends your detail to them.


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...