Solved

IP security

Posted on 2004-04-25
9
211 Views
Last Modified: 2010-04-11
I chat a lot in MIRC and someone told me yesterday that he runs a program that ''captures'' your personal data. Your name hour phone number etc. Is it possiple just using my IP address or any otner information from my MIRC connection? I have a university connection and he asked me what is the name of the responsible for the internet connections in my university...I think that he was just jocking, but I am a bit anxious! Can he find my name? And I he can do it, why did he ask me this name? Isn't he capable of finding my name by his onw means? Thank you in advance for your response!
0
Comment
Question by:escape_23
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 32

Accepted Solution

by:
LucF earned 43 total points
ID: 10911349
Hi escape_23,

Unless he has installed a keylogger or something like that on your computer, the answer is simple:
No, he can't do that. He's just talking way beond his knowledge :)

But that's what you allready figured out yourself:
>>And I he can do it, why did he ask me this name? Isn't he capable of finding my name by his onw means?<<
He told you he was able to find out, and now he isn't able to find it out???

Greetings,

LucF
0
 
LVL 5

Assisted Solution

by:Droby10
Droby10 earned 41 total points
ID: 10913089
there's not an absolute yes/no answer for this.  he's not going to be able to automate this process with any form of 100% certainty, but using an IP obtained from irc as a gateway for further manual exploration, could eventually yield exactly such info.  barring any form of remotely installed malware, computers loaded with a network capable OS generally provide the necessary functionality to take advantage of an unsuspecting user remotely.  at times this is due to misconfiguration, other times from service/system/application flaw.  another possibility would be through infrastructure tampering.  ie. dns poisoning, dhcp packet injection, route manipulations, etc.  i would be willing to bet that most of these are safeguarded well in a university network, but it wouldn't be the first time.

0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 41 total points
ID: 10914101
There have been exploits in mIRC for sometime now, and depending on the version you run, you may or may not be vulnerable. Here are a few:
http://securityresponse.symantec.com/avcenter/venc/data/w32.gillich.mirc.html (october 2002)
http://securityresponse.symantec.com/avcenter/venc/data/w32.fruit.mirc.html (2000)
http://securityresponse.symantec.com/avcenter/venc/data/w32.lxd.mirc.html (2000)

http://www.irchelp.org/irchelp/mirc/exploit.html
http://www.mondoirc.net/forum/topic.asp?TOPIC_ID=1789

many applications suffer from exploits and security holes very similar to these. Typically people who know what they are doing, will not tell you, unless they are script kiddie newb's who think they are cool because they DL'd a tool and know how to use it. So what I say is ignore this fellow, get a firewall and AV if running M$, update all your software regularally.
-rich
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 1

Expert Comment

by:tr1cksho7
ID: 10916200
Well, once he got ur ip, he can do a whois with a whois program n he can find the name of ur ISP. he can know wat ISP u r using.

Hope this helps!!
0
 
LVL 24

Expert Comment

by:SunBow
ID: 10918450
I agree with  richrumble, that you cannot make any assumption that you are secure, especially if using "chat a lot in MIRC "

Fortunately you are not at home and do have a few protections while at school.

>  Is it possiple just using my IP address or any otner information from my MIRC connection?

No. Exploits like that need a little more help, and we won't post any 'how-to' concerning that.

>  he asked me what is the name of the responsible for the internet connections in my university.

The answer to that question is very trivial, indicating your 'chat friend' is not very knowledgeable if he has to ask.

> Question Title: IP security

IP is networking, which is never really perferctly secure. Keep that in mind, behave well, and do not offer personal information easily
0
 
LVL 11

Expert Comment

by:PennGwyn
ID: 10923483
> i would be willing to bet that most of these are safeguarded well in a university network, but ...

and

> Fortunately you are not at home and do have a few protections while at school.

IT department efforts to secure university networks tend to run headlong into tenured faculty who believe that any attempt to filter or monitor network traffic infringes upon their "academic freedom".  Even if the university has staff who understand what should be done (most do), DO NOT assume that they are actually permitted to do it!

0
 

Expert Comment

by:mgbyrne2004
ID: 11498463
*** advertising removed by Netminder, Site Admin ***
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question