Isn't it a bad idea?

[Salacious B Crum]

Isn't it a bad idea to post your full public IP on a forum I thought that opens the door to hacking and other bad things?

[LukeSavenije]

that's stupid. I can ddos you, hack your servers or your router, just to give some examples

[Mira Yurizaki]

For security reasons, it is risky. It's like telling somewhere your home address. But it doesn't mean they can do whatever they want. Your router and its settings are the first line of defense and any competent router should by default outright block most requests coming from the outside that isn't a response to something on your network made.

 

Besides that, knowing the IP address alone isn't enough. Even if the router accepts the request, it may not know what to do with it from there because there could be multiple devices on your network. And unless those are listening for specific requests, they too will usually outright block the incoming traffic.

 

tl;dr, it's still not a good idea to share your public IP address, but it's not like sharing it is the end of the world.

[Salacious B Crum]

6 minutes ago, LukeSavenije said:

that's stupid. I can ddos you, hack your servers or your router, just to give some examples

Agreed!

 

4 minutes ago, M.Yurizaki said:

For security reasons, it is risky. It's like telling somewhere your home address. But it doesn't mean they can do whatever they want. Your router and its settings are the first line of defense and any competent router should by default outright block most requests coming from the outside that isn't a response to something on your network made.

 

Besides that, knowing the IP address alone isn't enough. Even if the router accepts the request, it may not know what to do with it from there because there could be multiple devices on your network. And unless those are listening for specific requests, they too will usually outright block the incoming traffic.

 

tl;dr, it's still not a good idea to share your public IP address, but it's not like sharing it is the end of the world.

So what if for instance you have an FTP server behind your firewall but port forward that port how hard would it be to just enter common port numbers behind his public IP and hit on an open port? am I missing something important? And just for the record he not only posted his public IP but it was a screenshot of his plex servers external port settings

[PeachyUwUSenpai]

32 minutes ago, mrbilky said:

Isn't it a bad idea to post your full public IP on a forum I thought that opens the door to hacking and other bad things?

Lol ddosing is most people can do with a ip unless you fucked up and opened a bunch of ports or have a shitty unsecure router with the wrong ports open. in general posting your ip is fine and wont do much because hackers are probably already looking at your ip if you have stuff thats vulnerable using things like shodan and people are constantly scanning random ips for vulnerabilities or open devices thats how people printed out the subscribe to pewdiepie on 80 000 plus printers because a bunch of idiots left it open and shodan scanned them down. but its usually better not to since if you do have insecure things it will speed up people looking for them due to webscrappers and can let people know the general area you live in 

[PeachyUwUSenpai]

20 minutes ago, mrbilky said:

Agreed!

 

So what if for instance you have an FTP server behind your firewall but port forward that port how hard would it be to just enter common port numbers behind his public IP and hit on an open port? am I missing something important? And just for the record he not only posted his public IP but it was a screenshot of his plex servers external port settings

you dont have to hit theres tools called scanners that hit all the ports checking for common protocols like ftp. one is called nmap but at least for plex if its just the plex port and ip theres not much then can do other then ddos it since in order to use the plex server you have to go through plexes auth system 

[Mira Yurizaki]

24 minutes ago, mrbilky said:

So what if for instance you have an FTP server behind your firewall but port forward that port how hard would it be to just enter common port numbers behind his public IP and hit on an open port? am I missing something important? And just for the record he not only posted his public IP but it was a screenshot of his plex servers external port settings

If this were like an apartment complex, all exposing this does is tell people exactly which building number and apartment number you live in. They still have to know a login to start cracking. At best they might be able to use an exploit if they knew more things like if the person is using outdated software.

 

But at the end of the day, being targeted also depends on how valuable the attacker thinks the system is.

[PeachyUwUSenpai]

3 minutes ago, M.Yurizaki said:

If this were like an apartment complex, all exposing this does is tell people exactly which building number and apartment number you live in. They still have to know a login to start cracking. At best they might be able to use an exploit if they knew more things like if the person is using outdated software.

 

But at the end of the day, being targeted also depends on how valuable the attacker thinks the system is.

the hell no it doesnt it only shows the location of the your isps internet distribution hub in the area which tend to be pretty far from someone's house it doesn't tell you which building and apartment your in

[Lurick]

13 minutes ago, Alaradia said:

the hell no it doesnt it only shows the location of the your isps internet distribution hub in the area which tend to be pretty far from someone's house it doesn't tell you which building and apartment your in

You need to read that again because that's not at all what they said. The analogy, while not perfect, is a decent one. The IP gets you to someone's digital "home" in most cases, barring CG-NAT or anything else. Similar to an apartment complex or street of homes, they might know which "home" someone claims to be in but they still need to know what to do when they get there.

[PeachyUwUSenpai]

1 minute ago, Lurick said:

You need to read that again because that's not at all what they said

so your saying they didn't say "if this were like an apartment complex, all exposing this does is tell people exactly which building number and apartment number you live in."

[Lurick]

Just now, Alaradia said:

so your saying they didn't say "if this were like an apartment complex, all exposing this does is tell people exactly which building number and apartment number you live in."

LIKE

as in, if the internet were similar to an apartment complex.

 

There is no part of that statement that reads "An IP address will give someone your apartment number"

[vanished]

18 minutes ago, Alaradia said:

the hell no it doesnt it only shows the location of the your isps internet distribution hub in the area which tend to be pretty far from someone's house it doesn't tell you which building and apartment your in

 

1 minute ago, Alaradia said:

so your saying they didn't say "if this were like an apartment complex, all exposing this does is tell people exactly which building number and apartment number you live in."

 

There's a distinction between it being the digital equivalent of knowing your home address, and being able to get a specific home address from the IP.  The former was what was suggested, and is true.  I think you're interpreting it as the latter, which you're right, is not true, but that was never said or intended.

[PeachyUwUSenpai]

2 minutes ago, Lurick said:

LIKE

as in, if the internet were similar to an apartment complex.

 

There is no part of that statement that reads "An IP address will give someone your apartment number"

lol i read it as him saying if it was like a apartment complex as in saying that the way apartments do networking make it so that it shows your apartment location and number. probably missed it because its a both a weird and bad analogy. a phone number is a better analogy and then there's dynamic ips so there ip addresses changes and alot of other issues with it 

[Mira Yurizaki]

1 hour ago, Alaradia said:

lol i read it as him saying if it was like a apartment complex as in saying that the way apartments do networking make it so that it shows your apartment location and number. probably missed it because its a both a weird and bad analogy. a phone number is a better analogy and then there's dynamic ips so there ip addresses changes and alot of other issues with it 

The only way I see the phone number analogy work is if you say the full phone number is like having an IP address + port number and a phone number without an area code is like having an IP address. But the problem I have is most people associate with full phone numbers. I don't think dropping the area code is something many people do these days unless they're in the middle of nowhere and aren't expecting to communicate with people outside of the area code's jurisdiction.

 

But most people are at least familiar with addresses down to the street level and people only occasionally have to know anything on a lower level in the hierarchy like apartment number or suite number. Which is why I think that analogy works better when explaining exposing your public IP address.

 

However yes, I'll admit that the break between analogy and reality was sudden in my post.

[LinusOnLine]

21 hours ago, mrbilky said:

Agreed!

 

So what if for instance you have an FTP server behind your firewall but port forward that port how hard would it be to just enter common port numbers behind his public IP and hit on an open port? am I missing something important? And just for the record he not only posted his public IP but it was a screenshot of his plex servers external port settings

This is what a DMZ is for. It gives you the possibility to expose a server to the internet because it has to be open but nothing else on your network.

[Salacious B Crum]

51 minutes ago, LinusOnLine said:

This is what a DMZ is for. It gives you the possibility to expose a server to the internet because it has to be open but nothing else on your network.

Yeah I understand that part but thought if he posted both his public IP and the port that it would be open game I guess if there was still a password its safe?

[LinusOnLine]

3 minutes ago, mrbilky said:

Yeah I understand that part but thought if he posted both his public IP and the port that it would be open game I guess if there was still a password its safe?

Everything connected to the internet is open game to be honest. Just going around posting your IP adress and open ports on forums do not make much sense unless the reason for doing so is to give people access to a website, ftp or whatever is on that machine. 

[YaBoiWill]

On 12/22/2018 at 8:34 PM, M.Yurizaki said:

IP address alone isn't enough

So its kind of like just knowing a postal code? it sends you to the right area but there are like 15 houses to chose from? 

[Mira Yurizaki]

12 minutes ago, YaBoiWill said:

So its kind of like just knowing a postal code? it sends you to the right area but there are like 15 houses to chose from? 

It's more like knowing the street address of a building with multiple, independent occupants. It's still pretty specific, but not specific enough if you want to target an individual.

[beersykins]

5 hours ago, LinusOnLine said:

This is what a DMZ is for. It gives you the possibility to expose a server to the internet because it has to be open but nothing else on your network.

Assuming you're talking about a real DMZ and not the 'DMZ' most home routers provide you with that just allocate all unused ports inbound :P