?
Solved

IP security

Posted on 2004-04-25
9
Medium Priority
?
214 Views
Last Modified: 2010-04-11
I chat a lot in MIRC and someone told me yesterday that he runs a program that ''captures'' your personal data. Your name hour phone number etc. Is it possiple just using my IP address or any otner information from my MIRC connection? I have a university connection and he asked me what is the name of the responsible for the internet connections in my university...I think that he was just jocking, but I am a bit anxious! Can he find my name? And I he can do it, why did he ask me this name? Isn't he capable of finding my name by his onw means? Thank you in advance for your response!
0
Comment
Question by:escape_23
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 32

Accepted Solution

by:
LucF earned 172 total points
ID: 10911349
Hi escape_23,

Unless he has installed a keylogger or something like that on your computer, the answer is simple:
No, he can't do that. He's just talking way beond his knowledge :)

But that's what you allready figured out yourself:
>>And I he can do it, why did he ask me this name? Isn't he capable of finding my name by his onw means?<<
He told you he was able to find out, and now he isn't able to find it out???

Greetings,

LucF
0
 
LVL 5

Assisted Solution

by:Droby10
Droby10 earned 164 total points
ID: 10913089
there's not an absolute yes/no answer for this.  he's not going to be able to automate this process with any form of 100% certainty, but using an IP obtained from irc as a gateway for further manual exploration, could eventually yield exactly such info.  barring any form of remotely installed malware, computers loaded with a network capable OS generally provide the necessary functionality to take advantage of an unsuspecting user remotely.  at times this is due to misconfiguration, other times from service/system/application flaw.  another possibility would be through infrastructure tampering.  ie. dns poisoning, dhcp packet injection, route manipulations, etc.  i would be willing to bet that most of these are safeguarded well in a university network, but it wouldn't be the first time.

0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 164 total points
ID: 10914101
There have been exploits in mIRC for sometime now, and depending on the version you run, you may or may not be vulnerable. Here are a few:
http://securityresponse.symantec.com/avcenter/venc/data/w32.gillich.mirc.html (october 2002)
http://securityresponse.symantec.com/avcenter/venc/data/w32.fruit.mirc.html (2000)
http://securityresponse.symantec.com/avcenter/venc/data/w32.lxd.mirc.html (2000)

http://www.irchelp.org/irchelp/mirc/exploit.html
http://www.mondoirc.net/forum/topic.asp?TOPIC_ID=1789

many applications suffer from exploits and security holes very similar to these. Typically people who know what they are doing, will not tell you, unless they are script kiddie newb's who think they are cool because they DL'd a tool and know how to use it. So what I say is ignore this fellow, get a firewall and AV if running M$, update all your software regularally.
-rich
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 1

Expert Comment

by:tr1cksho7
ID: 10916200
Well, once he got ur ip, he can do a whois with a whois program n he can find the name of ur ISP. he can know wat ISP u r using.

Hope this helps!!
0
 
LVL 24

Expert Comment

by:SunBow
ID: 10918450
I agree with  richrumble, that you cannot make any assumption that you are secure, especially if using "chat a lot in MIRC "

Fortunately you are not at home and do have a few protections while at school.

>  Is it possiple just using my IP address or any otner information from my MIRC connection?

No. Exploits like that need a little more help, and we won't post any 'how-to' concerning that.

>  he asked me what is the name of the responsible for the internet connections in my university.

The answer to that question is very trivial, indicating your 'chat friend' is not very knowledgeable if he has to ask.

> Question Title: IP security

IP is networking, which is never really perferctly secure. Keep that in mind, behave well, and do not offer personal information easily
0
 
LVL 11

Expert Comment

by:PennGwyn
ID: 10923483
> i would be willing to bet that most of these are safeguarded well in a university network, but ...

and

> Fortunately you are not at home and do have a few protections while at school.

IT department efforts to secure university networks tend to run headlong into tenured faculty who believe that any attempt to filter or monitor network traffic infringes upon their "academic freedom".  Even if the university has staff who understand what should be done (most do), DO NOT assume that they are actually permitted to do it!

0
 

Expert Comment

by:mgbyrne2004
ID: 11498463
*** advertising removed by Netminder, Site Admin ***
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question