26

I was chatting to a guy on a site, and the chat went wrong when I wrote a few wrong words by mistake. He then threatened that he will send my every detail to the vigilant team and soon my address will be known. He then showed me my IP address, the Windows version I am using, the browser, and other stuff.

What should I do now to save myself?

Peter Mortensen
  • 877
  • 5
  • 10
mnm
  • 301
  • 3
  • 3
  • 6
    What's "other stuff"? Was this guy just another user of the site? Or is he an admin/site owner? – MrWhite Mar 21 '15 at 00:42
  • 27
    This is just [FUD](http://en.wikipedia.org/wiki/Fear,_uncertainty_and_doubt) to scare you. A real attacker that would actually do something (not that you can do much with just an IP and user-agent) would never tell you anything and secretly do his business to not scare you nor raise your suspicion. –  Mar 21 '15 at 06:20
  • 10
    Simple, turn you computer off and go read a book. – Petah Mar 21 '15 at 11:11
  • 35
    You've given your IP address, version of Windows, browser, and every thing else to every single website you've been to. Not only that but most sites include content from other servers for ads, JavaScript libraries, and other things. If there was something to worry about with this information, you should unplug your computer and never use the internet again. Basically, don't worry about it. – Brad Mar 21 '15 at 16:55
  • 4
    Just make sure he doesn't get your _real_ address. "Fighting" over TCP/IP is relatively safe… – Display Name Mar 22 '15 at 09:10
  • 2
    All the answers already explain that every website you visit has access to the information you mentioned. However it concerns me that this information should be visible to other users of the website. That normally should mean he either has administrative rights to the site or perhaps tricked you/your browser into accessing a resource from a site he controls, ie a [tracking pixel or web bug](http://en.wikipedia.org/wiki/Web_bug). – Axel Mar 23 '15 at 08:03
  • 1
    Long story short: IP addresses are _intended to be_ public. Someone you're communicating with on the Internet knowing your IP address shouldn't be a serious concern, unless you're trying to hide from law enforcement or someone with similar capabilities. In that case, use [Tor](https://www.torproject.org/). When you're not using some sort of proxy, having your IP address is a required precondition to sending data to your computer, including responses to your own requests. – reirab Mar 23 '15 at 11:52

8 Answers8

63

Don't worry about it, those are things that any website you visit can obtain. The OS and browser info might help them develop a more targeted attack, but as long as your home firewall is secured these are likely empty threats.

They could target a botnet at you to DDoS your connection, but many ISPs will notice this traffic and might block as much as possible (flood detection) or might assign you a different IP address anyway.

If you're paranoid, try powering your modem off for about half an hour. You will usually get a new IP address assigned to you from your ISP.

armani
  • 2,658
  • 19
  • 20
  • 8
    That's good advice, but the IP change depends on the ISP DHCP atribution policy. It might not change like that. – nsn Mar 20 '15 at 21:17
  • 16
    Right, that's why I said "usually." In the three ISPs I've used in recent years (all major players), that has worked for assigning me a new IP every time. – armani Mar 20 '15 at 21:36
  • 4
    Unplugging your modem will not work for static IP addresses, making the advice too localized. I haven't had a dynamic address at home for years. – Mast Mar 21 '15 at 08:31
  • 6
    @Mast: The vast majority of home connections don't have static IP addresses; you're the outlier here. In fact, "regular" Comcast won't even give you a static IP address: you have to be on their business-class service to get one. (Or so they told me over the phone...) – Reid Mar 21 '15 at 16:25
  • Same goes for Time Warner. No static IPs allowed unless you pay for business class service. – armani Mar 21 '15 at 18:53
  • 5
    @Reid That statement is too localized. It's mainly true in the US, but I'm in the EU. Different zones, different customs. – Mast Mar 21 '15 at 19:45
  • 4
    @Reid I have Comcast residential Internet in the US and my IP address has never changed since I first got service about two years ago, even after power outages and such. Even if it's technically dynamic, it changes so infrequently that it might as well be static. – tlng05 Mar 21 '15 at 21:00
  • 1
    @Mast Same here in Canada. No change in IP since I got my account, even after moving twice. – schroeder Mar 22 '15 at 00:44
  • Good notes about various IPs that aren't as dynamic as I would have guessed. Regardless, the discussion detracts from my main point, which is to let the OP know that he's facing empty threats and pointing out how easy it is to obtain that IP info he's concerned about. – armani Mar 22 '15 at 00:56
31

All of the information he presented is part of the user-agent presented by your browser, example:

"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)"

This does not necessarily indicate either a high level of knowledge or sophistication on the part of the third party, nor does it imply that you can be easily compromised.

He then threatened that he will send my every detail to the vigilant team and soon my address will be known.

Your IP address can lead them to a geographical area or a service provider but not to an individual address without the cooperation of your ISP.

TL:DR, I wouldn't be worried.

ref.

http://en.wikipedia.org/wiki/User_agent

oBreak
  • 470
  • 3
  • 5
  • 1
    In addition, the IP address is less important than your phone number. An important similarity: No one can simply hack your phone and life with your phone number, same for IP. Majority of websites you are visiting are collecting your IP address. Also, ping yahoo.com to get their IP. – Kousha Mar 21 '15 at 23:03
  • @Kousha Well, technically that should be their load balancer, and `dig yahoo.com` (unix) wouldn't bother to send them any data... – Riking Mar 22 '15 at 03:40
  • @Riking Well, technically Yahoo load balancer is still up online on Yahoo IPs and servers. We are talking about IPs, not Yahoo!s infrastructure. Isn't it an Yahoo IP address? Can you compromise their load balancer using this IP? – Kousha Mar 23 '15 at 06:16
  • @Kousha Or just use `nslookup`, which also doesn't send them any information. – reirab Mar 23 '15 at 11:50
6

I wouldn't be concerned. Your Internet client information (browser, Flash, JavaScript, Java, WebKit, and OS) and IP address are all things that can be easily obtained by any website you visit. With most web based programming languages, a single command is all it takes to pull this information from a visitor.

It does not indicate a high level of information gathering ability from the perp. Nor is it a gateway for a subsequent attack. Worst case scenario they attempt to throw a DDoS attack at you. It would cost an individual a lot more resources and time to bring up a botnet and attempt this. And there are easy countermeasures.

Seph
  • 158
  • 5
2

What should you do now to save yourself?

In addition to all previously correct answers ensuring that there is no secret at all, I just would like to insist:

Keep your system up to date!!!

This is the first real protection against specific attack to specific version of your system, browser and tools like players.

For vulnerable OS, keep your anti-virus up to date too!!

(Or switch to OpenBSD or even Debian, and keep away from installing wine, java, flash or any proprietary software ;-)

and

Backup your stuff!

Stay ready to switch off and even change your IP by restart your connection or ask your provider.

F. Hauri - Give Up GitHub
  • 4,597
  • 2
  • 19
  • 32
1

Apologize to the other user; explain that you wrote a few words by mistake. (If he/she refuses to communicate with you, perhaps an moderator/admin will relay your excuse to him/her.) Reconcile your differences or agree to disagree.

Having enemies for something as trivial as "a few words by mistake" is not necessary; save conflict and making enemies for the more important parts of your life.

(Of course i don't know your situation, but "I wrote a few words by mistake" sounds like some insults over a petty issue that you now regret.)

Kasper van den Berg
  • 275
  • 1
  • 8
1

If your case were interesting enough for crime investigation authorities, in principle that person could persue you: Depending on your local legislation, the police may request your access provider (from whom you have your ip) to hand out information telling which of their customers was assigend specifically that ip address at specifically that moment in time. Part of that information will typically be a postal address (and be it a billing address), where the SWAT team can find you.

This procedure gets technical problems, if several providers are involved (e.g., e WLAN hotspot provider having a contract with your mobile carrier) and even worse legal proceudral problems as soon as jurisdiction boundaries are involved. Also, the police won't get active for minor offences such as saying a few regrettable words in a chat. The effort is spent only for major offences, such as when a life is at stake or a popular song was downloaded.

Hagen von Eitzen
  • 1,098
  • 8
  • 19
0

Here's what you should do:

  1. Turn off your modem
  2. Wait 10 minutes
  3. Power it back on

This will most likely force you to obtain a new IP address since you probably haven't purchased a static IP Address from your ISP. Now with the anonymity provided via your new IP Address, go download the latest security updates for your OS.

Joel B
  • 109
  • 1
  • 3
0

You have nothing to worry about

The person you were talking to was looking to scare you.

Your IP address is simply a way for other computers to find you on the internet, for the most part your IP says little about your location. Maybe the attacker could find what city you are in but that is just about it.

Knowing what version and type of operating system and browser may help the attacker locate an exploit for that particular piece of software, but you usually would have to click a link or download something for the attack to work.

These are everyday concerns while browsing the net, this would-be-hacker has no more information about you than each and every website you visit.

So next time this happens, sit back and laugh at the "attackers" idiocy.

BAR
  • 243
  • 1
  • 8