What can a hacker do with an IP address?

Question

I have an internet connection with a static IP address. Almost all staff in my office know this IP address. Should I take any extra care to protect myself from hackers?

Answer 1

It depends. Think of your IP address as the same kinda thing as a real address. If a criminal knows the address of a bank, what can they do? It completely depends on what security is in place.

If you've got a firewall running (e.g. Windows Firewall) or are behind a NAT router, you're probably safe. Both of these will prevent arbitrary incoming traffic from hitting your computer. This stops most remote exploits.

My suggestions:

• Enable Windows firewall, or whatever firewall is available on your OS of choice.
• Keep up to date with patches for your OS. These are critical!
• Keep up to date with patches for your browser and any plugins (e.g. Flash)
• Keep up to date with patches for your applications (e.g. Office, Adobe PDF, etc.)
• If you're running any internet-facing services (e.g. httpd) on your machine, keep those up to date and configure their security appropriately.
• Install a basic AV package if you're really worried. Microsoft Security Essentials (MSE) is a great choice for Windows, because it's free, unintrusive and not much of a performance hog.

Answer 2

Knowing, or not knowing, an IPv4 address is nothing special. Every publicly addressable host on the Internet will be attacked regardless of who knows it. The entire Internet is scanned by malicious software so frequently that an old OS install without patches will be compromised in minutes or in seconds.

In total, unless the people who know the address consider your company to be a high value target (as in APT target), the fact that your address is known is a relatively small issue. Having an unknown address doesn't offer extra protection.

The protection you have on your machine should correspond to what it does. In any circumstances, make sure your services are configured securely, patched, and limited.

Answer 3

While Polynomial has a good answer, I think it may be better to illustrate how hacking actually works to put your mind at ease. Keep in mind for this I'm talking about WAN (internet) IP's.

Firstly as has been pointed out there are IP addresses, which is simply a way to look at your router. Everyone on the internet has one, and you can imagine that if simply knowing an IP address allowed us to hack people we'd have pretty big problems! Secondly an important thing to know is each IP address has ports associated with it. Think of them as a door into a building. They number from 1 - 65535, and if you are running a program that faces to the internet, typically the relevant port number will be open, allowing people to 'come in' and interact with the program. (Relevant common ports: http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers). Finally we have programs which run behind these doors. It may be a FTP server, mail server, any of the programs that interact with the internet. Think of these like self contained rooms, even if someone gets to your address, goes in the door, they can only play in the little self contained room, they don't have access to all your house.

So we have IP addresses, ports and programs. Think of them as a physical address, doorway into a room, and a room itself respectively. Now the vast vast majority of non-commercial connections will not have any programs running that are facing the internet. Combined with the fact that almost every non-commercial connection out there will be using a thing called NAT, it means essentially you don't have any doors in your address facing the public, and hence you're for all relevant purposes you're completely safe. This is what people talk abuot when they say firewalls, essentially something that blocks the ports from the public. Let's say however that you enjoy being able to send files to your home computer so you have an FTP server running on your PC, with port 21 open to the internet so you can connect to it.

Using this involves you finding your IP address (physical address), going to the relevant door (port 21), and then using the program (mucking around in the room). Most of the time this room will be completely safe for people to play around in, they can't go anywhere else. Sometimes though it may have a vunerability in it, which you can think of as a weak wall somewhere. What a hacker does is look for an IP address, see that a port is open and find out what program is running behind it. They then try and find a vunerability for it, and if they exploit that they can essentially break down the wall and wreak havoc in your house. That, in a very over simplified sense, is how hacking works.

So - let's look at the all the things you need in combination in order to be worried.

• IP Address
• Open ports (Because of the prevalence of NAT, very few home connections have this)
• Vunerable programs running (This is why it's important to patch if you do have things running, as security flaws are found patches are released to fix them up)

You are most likely only satisfying 1/3, as are the vast majority of other internet users.

Hope it lets you sleep easier.

Answer 4

You asked 2 different questions:

Question 1:
If a hacker knows you and your IP, then he can gain enough information to slowly penetrate into your network from the outside. Knowing what Operating System you use, what kind of router, and what kinds of passwords you tend to use, he has an advantage and can work on your static IP to break in to your systems.

Question 2:
You should always take measures to protect yourself from hackers, whether you have a static IP or not. Period.

The Real Risk:
But if you are worried that a staff member might hack you, he isn't going to try your IP address for very long. He might try to see how easy it is, but will likely switch to a far more successful route: you.

The easiest hack by someone you know is with an email. By sending an attachment or a link, it is possible that he could gain access to your computers without ever needing to know your IP address.

What to do:
Protections are the same for all these situations:

• patch everything (OS, browsers, programs)
• good firewalls and AV that are set up correctly
• very strong passwords that you change regularly
• backups
• locked down router
• using good phishing recognition
• periodic review of all of the above

Searches on http://security.stackexchange.com will give you tips on all of the above.

Answer 5

One aspect not mentioned in the existing answers is the privacy aspect.

When your IP address doesn't change often and is not shared with any other users, it can be used to trace you between websites. When these websites cooperate with each other, they can link and cross-reference any data they have about you to create a common profile with all the combined data they have. This can be a quite complete picture of your online- and offline life.

That online shop knows your name and address, that online radio knows what music you like, that Q&A site for programmers knows what your technical skills are, that dating site knows your age, that career portal knows who you work for, that discussion forum knows your political opinion, that porn site knows your secret fetish... When they all cooperate and find a way to link their profiles to each other, they know quite a bit more about you than you might be comfortable with.

Having a static IP address can be a common key which can be used to link accounts on different websites to each other.