Results 1 to 19 of 19
  1. #1

    What's the point of knowing someone's IP address?

    I use hostgator and in the cpanel web stats (Awstats) i see a list of IP addresses. I understand that I could use this info to block certain IP addresses but what else could I use data for?


    Thanks!

  2. #2
    Join Date
    Dec 2002
    Location
    Novosibirsk, Russia
    Posts
    1,710
    IPs can be resolved back to geographical location of the computers the visits are paid from. That may include country/regions/town, HSP/ISP - do whatever you wish with that data.

  3. #3
    Join Date
    Feb 2002
    Location
    New York
    Posts
    1,156
    Well when anyone has an IP address with shared hosting account this makes him in one or other way more independent from other web sites on the server and from the server IP. The Ip is the real address of the web site... domain is virtual. So the IP addresses show that you got real unique visitors, not repeated visits from one IP/User.
    DawHB.com - Web Hosting Blog | VPSHostDir.com - VPS Hosting Media

  4. #4
    Join Date
    Jun 2006
    Posts
    1,767
    You can trace the route from your server and your clients

  5. #5
    Join Date
    Nov 2007
    Location
    New Jersey, USA
    Posts
    4,740
    It's much better to check for FRAUD orders. For example If a person registers with address :
    123 Street ave.
    United States
    And i check the IP where he registered from and the address is:
    123 Street ave.
    RUSSIA or ANY OTHER COUNTRY THATS NOT THE US then there is something wrong. Thats another thing

    - Daniel

  6. #6
    Join Date
    Jan 2005
    Posts
    326
    Quote Originally Posted by TmzHosting View Post
    It's much better to check for FRAUD orders. For example If a person registers with address :
    123 Street ave.
    United States
    And i check the IP where he registered from and the address is:
    123 Street ave.
    RUSSIA or ANY OTHER COUNTRY THATS NOT THE US then there is something wrong. Thats another thing

    - Daniel
    If a person lives in the US but they are away in Germany for business or any other matter and they want to order something online that doesn't mean that it is fraudulent. You still want to be careful about it though and check it out. There are some countries that are known to have more fraudulent orders than others. That is where knowing where the IP Country is can help out. Some businesses have a dial verify where an automated system calls to verify the order. Very helpful in preventing fraud!
    Charles

  7. #7
    Join Date
    Nov 2007
    Location
    New Jersey, USA
    Posts
    4,740
    Quote Originally Posted by Neosmith View Post
    If a person lives in the US but they are away in Germany for business or any other matter and they want to order something online that doesn't mean that it is fraudulent. You still want to be careful about it though and check it out. There are some countries that are known to have more fraudulent orders than others. That is where knowing where the IP Country is can help out. Some businesses have a dial verify where an automated system calls to verify the order. Very helpful in preventing fraud!
    Yes I know that. I don't suspend the account's or mark them as fraud right away. They need to email me a couple of things so i can verify and thats it.

    - Daniel

  8. #8
    Quote Originally Posted by TmzHosting View Post
    Yes I know that. I don't suspend the account's or mark them as fraud right away. They need to email me a couple of things so i can verify and thats it.

    - Daniel
    I'm just curious what extra things do you ask for?

  9. #9
    Join Date
    Dec 2002
    Location
    Novosibirsk, Russia
    Posts
    1,710
    Quote Originally Posted by TmzHosting View Post
    It's much better to check for FRAUD orders. For example If a person registers with address :
    123 Street ave.
    United States
    And i check the IP where he registered from and the address is:
    123 Street ave.
    RUSSIA or ANY OTHER COUNTRY THATS NOT THE US then there is something wrong. Thats another thing
    I may have an office in the USA and use it to register for services, while staying in Russia.

    I may be on business trip and register for services while residing in another country.

    IP addresses mismatch doesn't mean fraud alert by itself. I agree, automated phone verification is what you need. Just have the address match the country phone is from.

  10. #10
    Join Date
    Feb 2004
    Location
    Your Screen
    Posts
    3,999
    Knowing someone's IP address also gives you the ability to make them really paranoid.

    Not that you can actually tell much of anything from it, or do anything with it, but it still wigs people out... it's the funniest thing.


    Sorry, the cold meds are making me punchy.

    Bailey
    Let's Connect on Twitter! @thatsmsgeek2u || Fighting mediocrity one thread at a time.

  11. #11
    Join Date
    Dec 2007
    Location
    Copenhagen, Denmark
    Posts
    12

    *

    Quote Originally Posted by masterbo View Post
    I may have an office in the USA and use it to register for services, while staying in Russia.
    no need to go that far...

    several companies use proxies from there HQ, so a Portuguese company when see the IP that cames from USA... There are so many with this because it's cheaper for offices to have everything connected to the HQ and "get out" from there.

    having the IP does not mean a thing!

    if a user has xDSL connection, it's dynamic IP so, if you block an IP you are not preventing him to access your website/account, but other "honest" person!

    IP's are good for stats only, so you can track the region where the user is, but once again, not looking to a proxy or a gateway...

    EDIT: getting the RIPE info, you will know that IP is assign to witch ISP/Company.
    Last edited by balexandre; 01-10-2008 at 09:53 AM.

  12. #12
    Join Date
    Jul 2007
    Posts
    522
    Quote Originally Posted by balexandre View Post
    no need to go that far...

    several companies use proxies from there HQ, so a Portuguese company when see the IP that cames from USA... There are so many with this because it's cheaper for offices to have everything connected to the HQ and "get out" from there.

    having the IP does not mean a thing!

    if a user has xDSL connection, it's dynamic IP so, if you block an IP you are not preventing him to access your website/account, but other "honest" person!

    IP's are good for stats only, so you can track the region where the user is, but once again, not looking to a proxy or a gateway...

    EDIT: getting the RIPE info, you will know that IP is assign to witch ISP/Company.
    Ah, but in the right hands with the right knowledge it could mean a whole lot more than just for the whois or traced information. You can portscan ip addresses, and you could fuzz them, and pretty much using those techniques if you found a vulnerable system application, you could get shell access.
    Looking for Work level 1-3 Support Tech, Sales/billing tech, Odd management Jobs, and PHP/Mysql small jobs.
    PM me or drop me an email at mm(AT)gotannex(dot)com
    http://monitor.gotannex.com/

  13. #13
    Join Date
    Feb 2006
    Posts
    5,393
    Quote Originally Posted by bithost(NET) View Post
    Knowing someone's IP address also gives you the ability to make them really paranoid.

    Not that you can actually tell much of anything from it, or do anything with it, but it still wigs people out... it's the funniest thing.


    Sorry, the cold meds are making me punchy.

    Bailey
    You can actually "do something with it" if the circumstances are right.

    For example,

    crook john doe steals a credit card,

    he then goes online and buys the most expensive yearly hosting plan he can find,

    he uses a fake address and phone number (he'll look for a host that doesn't phone verify),

    The host then gets contacted by the credit card company regarding the fraud order,

    The host then turns over the IP used, and agrees to a full refund,

    The credit card company, (if there feeling really inclined to get John) will contact the ISP who's IP address was used,

    The ISP can then trace that IP to the specific user, based on records of who was using that IP at the given date and time,

    John Doe gets busted, because he used his own internet connection to make the purchase.

    A pro will always use a hot spot or borrow a neighbors WiFi, so it rarely is useful. But if the thief at hand isn't the sharpest, or the most experienced the IP can be useful information.
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

  14. #14
    Join Date
    Dec 2007
    Location
    Copenhagen, Denmark
    Posts
    12

    *

    as you said and very right ... for that to happed, has to be a very noob thief

    an online thief always know that part, and there are sooooo many ways to "hide" or "change" an IP Address, this last mostly used in websites like bet.com to see live football

  15. #15
    Join Date
    Feb 2004
    Location
    Your Screen
    Posts
    3,999
    Quote Originally Posted by whultra View Post
    You can actually "do something with it" if the circumstances are right.

    For example,

    crook john doe steals a credit card,

    he then goes online and buys the most expensive yearly hosting plan he can find,

    he uses a fake address and phone number (he'll look for a host that doesn't phone verify),
    Most kiddies use an overseas proxy, although the last 2 we've had did use a regular ISP's IP. (Stupid or lazy, I don't know which, but neither matters, and I'll explain why in a sec.)

    Regardless, the key in this fun picture is "fake address and phone number," I know of no host that won't catch that. Reverse telephone look-up (even as simple as verifying the area code) and AVS matching aren't cutting edge anymore... nor is identifying that the IP address doesn't match up closely to the credit card address. These are the bare basics of fraud-checks. I haven't heard of this stuff getting through in years ... we've been catching it since 2002 ... ???

    Result: the site is never set up, and the fraudster's IP gets added to the host's firewalls. End of story.

    Bailey
    Let's Connect on Twitter! @thatsmsgeek2u || Fighting mediocrity one thread at a time.

  16. #16
    Join Date
    Dec 2007
    Location
    Copenhagen, Denmark
    Posts
    12
    love this talk ...

    a lot of "if"'s

    just like everyone's life, eheheh

  17. #17
    Join Date
    Feb 2006
    Posts
    5,393
    Quote Originally Posted by bithost(NET) View Post
    Most kiddies use an overseas proxy, although the last 2 we've had did use a regular ISP's IP. (Stupid or lazy, I don't know which, but neither matters, and I'll explain why in a sec.)

    Regardless, the key in this fun picture is "fake address and phone number," I know of no host that won't catch that. Reverse telephone look-up (even as simple as verifying the area code) and AVS matching aren't cutting edge anymore... nor is identifying that the IP address doesn't match up closely to the credit card address. These are the bare basics of fraud-checks. I haven't heard of this stuff getting through in years ... we've been catching it since 2002 ... ???

    Result: the site is never set up, and the fraudster's IP gets added to the host's firewalls. End of story.

    Bailey
    I was only showing an example of the thought process behind the IP recording often associated with online purchases. Obviously if the billing address and phone number provided don't match what is on file at the CC company everything is a mute point anyway.

    It is important NOT to put much faith in the ability to match an IP address "up closely" to the credit card address. As cable internet has become more popular, this form of fraud protection has grown more and more obsolete.

    By design cable companies will route traffic through the nearest available "super hub" and pass over smaller local loop connections. For example if your living in Florida all three of the major cable providers available in the state (Time Warner, ComCast, and Knology) will route you through Atlanta.

    Similarly if your in Oklahoma using a cable internet solution, you'll likely be routed through Texas.
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

  18. #18
    Join Date
    Feb 2004
    Location
    Your Screen
    Posts
    3,999
    Huh, that's interesting, because I haven't observed this issue with sign-ups. Almost all of our sign-ups the last 6 months have been through cable providers, and the geographical trace has always routed to within 70 miles of their location -- usually less.

    Similarly, when the latest stolen CC attempt with a physical address of NJ "mysteriously" routed to Iowa, you can bet that account didn't get set up.

    Bailey
    Let's Connect on Twitter! @thatsmsgeek2u || Fighting mediocrity one thread at a time.

  19. #19
    Join Date
    Feb 2006
    Posts
    5,393
    Quote Originally Posted by bithost(NET) View Post
    Huh, that's interesting, because I haven't observed this issue with sign-ups. Almost all of our sign-ups the last 6 months have been through cable providers, and the geographical trace has always routed to within 70 miles of their location -- usually less.

    Similarly, when the latest stolen CC attempt with a physical address of NJ "mysteriously" routed to Iowa, you can bet that account didn't get set up.

    Bailey
    I guess it depends upon the local cable affiliates. The growing trend in Cable is definitely to route from the bandwidth hot spots instead of the local loops.

    The examples I used were from personal experience, I live in Florida and have used all of the cable providers I mentioned. I was routed through Atlanta every time, and always issued an Atlanta based IP. I have a backup DSL connection, that connection does route through Tampa.

    My brother in Oklahoma is always routed through Texas, generally via Dallas or Houston.
    WHMEasyBackup.com - Take Control Of Your Backups!
    Complete Backup Solution For WHM Reseller Accounts

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •