(Newswire.net — June 2, 2022) — Every computer has a unique identifier given to it by the company that made it. This number called an IP address, tells other computers on the network exactly where the machine is and from where it is connecting. But what if you’re not connected to a network? Thankfully, most modern operating systems have default IP addresses hard-coded in them, primarily for diagnostic and administration purposes that can be checked for public networks. These default private IP addresses are unique to the machine. It includes your computer’s IP address and any other computers that have connected to it.
What is an IP Address Scanner?
An IP address scanner is connected to the same network as your computer being scanned and listens for IP addresses being broadcast by other computers on that network. The scanner then looks for those IP addresses and records them as it listens. When the machine is finally connected to another network, the scanner will be listening for those IP addresses again. This process is repeated repeatedly, with all the recorded IP addresses added to a database.
How Much Can a Hacker Learn From Your IP Alone?
It would take a few minutes to scan through every IP address in your system’s ARP cache. If you never connected to the Internet, it would take less time. All this assumes that IP addresses are not being used for anything else at all, which is only partially true. A determined hacker can find some combination of your hardware and the network it may be on, which will allow them to log into your computer.
Once the IP address database has been obtained, it is much easier for an attacker to move from IP address to password or even from mailbox to mailbox. If the computer is a server, it can be valuable, allowing an attacker to put a virus on your machine and infect vulnerable devices. It also allows an attacker to begin phishing attacks against your clients.
IP addresses are not challenging to obtain from a network, which is legal. For example, all it takes is a Linux box and, in many cases, an online search for the IP address and hostname of the target machine. It does not require any particular skill; anyone can do it.
Many of the IP addresses in your machine’s ARP cache will fall outside your organization’s network. A determined attacker may be able to get in using no more than basic social engineering methods, such as knowing the administrator’s name.
Even if your IP is private and you are connected to your internal network, it still will be helpful to an attacker. If the attacker can get into your computer just by knowing what IP address it’s on, he needs to find a way to intercept any traffic between the two machines, and not even that may be required.
Any hacker who has obtained access to one IP address can discover information about every other computer on that network. If that hacker has access to your network, he can find information about all the computers in your organization’s network.
Like it or not, IP addresses are straightforward to find. The entire Internet is just a big distributed lookup table. If you know the IP address of anything connected to the Internet, you can look it up and get its hostname. And vice versa – if you see the hostname of something on the Internet, you can look up its IP location.
Once inside, the attacker can connect to any other machine on the network by using an IP address from his archive. Using this technique, he can access an entire network without knowing its name or address.
Conclusion
If your computer is on a network and has an IP address, the information in its ARP cache is available to anyone who can detect it. Since even the most basic Internet traffic sends this information broadcast over the whole network, it is only a matter of time before someone can collect some of your machines’ IP addresses. Once that is done, the intruder only needs to wait for you to connect to another network where they will be able to see those same IP addresses again.