Forum Replies Created
-
AuthorPosts
-
March 24, 2006 at 12:49 pm in reply to: Can you track who is instant messaging you to see if they are a scam #140630zhugeliangMember
No, not really. However, there are obviouse ways to tell if htey are scamming. Anything to do with you giving/getting money, or information such as phone numbers, names, addresses, etc. are sure signs of a scam. Also, be wary of any personal questions they ask, and make sure you check up on your secret question to see what it is, and make sure you never answer that question if asked by another person. Other than that, there isn’t much yuo can do.
zhugeliangMemberI have to agree with stupidisasstupiddoes. People have gotten all they need out of this particular thread and the questions/answers are just getting redundant. That, and no one is really contributing to the issue with anything useful.
zhugeliangMemberI think the problem actually happens to be an “exploit” with the yahoo voice chat. People have figured out how to use raw voice chat sockets. That’s how they dodge being ignored on voice. At least that’s how I understand. i happen to chat with a few people who have figured this out, and one has written a program to do it. I’m not 100% sure on all of the details, but this seems to be how they are doing it. I’ll post on this again if I find more information about it.
zhugeliangMemberThat doesn’t seem possible considering how clients (and their ignore system) work. Third party clients, if using the YCHT protocol, don’t ignore the user on the server side, they just ignore them on the client end (they write the usernames to a text file when ignoring a user, and check that text file when a username enters the room to to see if that user should be ignored. The client then just blocks their posts from being seen, however, they may still log all of the conversation, YmLite does this, but I don’t know if any other cleints do). There would have to be an “exploit” that affects all clients, or at least those present in the room you were in, (highly unlikely). The most likely scenario is that you were chatting with a user who had several ID’s in the room (or he was just bringingthem in and out) that were a clone of the ID that you ignored. Thus, making it appear as if he were unable to be ignored.
zhugeliangMemberYou would actually be suprised by the amount of people that actually dont’ know that IP addresses are tracked and recorded by the sites/services you visit/use. I’ve seen many people freak out about Yahoo posting that they are recording their IP.
zhugeliangMemberNotice I said “go to start>run and type cmd…” Please do read the answers to your questions thoroughly and actually try what is said, instead of just assuming it’s wrong. :rolleyes:
zhugeliangMemberYahoo has been recording the IP address of it’s users for a very long time. In fact, probably when they started the service. They have just recently started telling people that they are doing it. This is most likely to avoid any kind of possible lawsuite that could be brought about due to some stupid idiots thinking that their privacy is being invaded. Nothing has changed other than the fact that they are telling you that they are doing it.
zhugeliangMemberAll you have to do is go to Start>Run and type cmd (if you’re on Windows 2000/XP that is. If you’re on Win 98 or earlier, it’s command) and then press “OK.” Then in the Command Prompt, just type netstat -n. If you need more help with it, refer to google. However, you should note that you can’t just grab IP addresses from chat rooms, you can only get them from people who you have a direct connection with. I still don’t understand what makes people want to get IP addresses from people on yahoo. :rolleyes:
zhugeliangMemberThat is very true cutiecrazy. Plus, programs are blocked by companies due to security policies, and it’s best to abide by them for several reasons. They are also probably going to be monitoring what you do at work, if not now then most likely somewhere in the near future. You can also try talking to your Security Admins about it and see if you can work out some kind of comprimise, but don’t be suprised if they just blow you off (they can be snooty like that).
zhugeliangMember… No. It never did exist, and still does not exist. There are a lot of rumors about the existance programs, such as those that you can use to view webcams without someone’s permission, or see their alliases or whatever, but they are all false. :rolleyes: Now that I go back and read Johnson’s post, I wish I had said something about all of what he said earlier, but I didn’t (dont’ know why either). I’m not going to get into that now cause it’s in the past. The answer to your question, again, is: the program never did exist, and never will. Yahoo doesn’t work like that and never did. The most that “hackers” can do on yahoo is steal an ID, and that’s not hacking, it’s cracking. Anyone who says otherwise is… well they’re stupid. >_>
zhugeliangMemberWell bugsy, technically the wrong question was asked. The “correct” question would be “Can one obtain an IP address of the people one chat with on yahoo messenger?” Which the answer is yes, but not directly. It has been mentioned many times in this thread as to how this can be done, so I won’t go into that. Now, as for Polax’s statement (still not sure why he/she said what they said), this is only true for the most part, however it’s a huge waste of time. Why use a proxy when the most someone can get out of your IP address is a general location of where you are. Just under half of the people that try to trace my IP address can’t even get any closer than 4 hours from the town I live in. For most, it’s an hour and a half. You can’t obtain any personal information from an IP address, and you can’t gain access to a computer via an IP address unless that address specificially allows it. All these “hacking” attacks that have been all over the news are related to “worms and viruses” not hackers actually attacking anything, and 90% (according to the SANS organization) of hack attempts come from the inside.
I’m sure a lot of you have been asking this question because you worry about someone being able to hack you (you’ve probably had someone on yahoo tell you that they can hack you or get your IP) but it is all false (if you follow the advice of the rest of the thread. If not, then they can get your IP, and that’s it).
zhugeliangMemberMy guess is that he’s trying to access the computer with this TightVNC. From what I’ve gathered, he just wants to be able to access any computer with it. Unfortunately for him VNC doesn’t quite work like that. First of all Mikepelletier23, the computer you’re connecting to must have a VNC server on it. Second, you’ld have to know the username/password for that computer to be able to access it. Obviously not all computers run a VNC server because that would just be stupid. If you are trying to access one of your computers with it, then put a server on that computer and then connect to it’s IP (by checking how mikeysnipa said to) and have at it. Otherwise, you might just want to let this alone and not bother. If my hunch is correct, you want to use it for malicious purposes and that’s not condoned on this forum or by me in any way.
July 14, 2005 at 12:02 pm in reply to: London Varient on Nigeria ID theft scam. trace yahoo IM IP address. #125204zhugeliangMemberThe easiest way to distinguish between who is trying to scam you and who is legitimat is to use a different name for chatting with from the one you have listed for contacting on a dating service. This way those who chat with you don’t know your dating name and can’t possibly IM you regarding that service if they are in a chat room with you. As far as tracing the IP address goes, don’t bother. There are much better ways to get around figuring out if they are scamming you or not than by trying to figure out where they are from.
For example: they will ask you for information you ought to know you shouldn’t give out (ie. Credit Cards, Bank accounts, Usernames/Passwords, Social Security, Address, Phone Number, etc.) If they ask for any of those just ignore them and move on, or tell them that they don’t need to know that at the present time. IF they are a legitimate contact then they will chat with you more than once (I’m pretty sure they would, I mean why wouldn’t they) and scammers will not.
zhugeliangMemberThe last several posts about IP addresses are not all entirely correct so I’m here to set the records straight.
1). ISP’s do not “drop” a user because someone said that they are doing something illegal. ISP’s must have proof before kicking you off.
2). Spoofing an IP is rather easy but all that is good for is sending spam/doing a DoS attack. There really isn’t much else that is good with spoofing an IP. Also reporting that IP as doing illegal activity (ie. a yahoo user recording the IP and telling that IP’s ISP about it doing illegal activity) will do nothing. ISP’s only do something to a user (ie kick them off) if they are deffinately doing something they shouldn’t. They won’t kick someone off with no proof of illegal activity or any activity that violates the agreement made with the ISP. And an ISP can tell if a user is or is not doing illegal activity.;)
3).
If you’re on a constant connection, leave your computer on, and run Windows OS…they’re already 90% of the way in.
That statement is very far fetched. Yes Microsoft is somewhat insecure but you pretty much have to do something to make yourself that insecure. Windows as it stands (which goes pretty much unchanged by most non-advanced users) isn’t necessarily vulnerable to a “hacker” trying to gain access by means of just “using the IP address.” If there isn’t a trojan already on the system then chances of someone getting in are not that great. Not to mention, DSL/Cable modems have a built in firewall that is on by default.
You have to realise that most insecurities with Microsoft involve Internet Explorer and how vulnerable it is. Most break in attempts made against an operating system are based on the use of Trojans not on just someone trying to hack in. You also have to keep in mind that anyone with any capability of doing so wouldn’t waste their time hacking people on Yahoo! You don’t have anything important that they would need/want so why would they bother?
Also, just because you are on a Broadband connection with a static IP doesn’t mean that you are any more vulnerable than someone on Dial Up who’s IP changes.
Why dont you try netstat before sending an IM and after sending an IM, that way you will see a new IP add. the new one will be the direct connection you have made.
IM’s don’t necessarily establish a direct connection. In fact, the chances of it doing so are probably 100/1. Not to mention they have to be on your buddy list. You’re most likely to just get the yahoo servers.
anyhow, i have a netstat question. i typed netstat after private messaging a buddy in yahoo. I’ve noticed several hosts names pop up in the list. How do i know which one is the persons using netstat to find their ip addres? i noticed dos prompt doesn’t support DNS lookup to find ip that way. If you can help let me know, i wanna scare some lamer who got my ip address and visualroute his ip to his address to scare him off. thanks.
Try netstat -n. That shoes the IP address rather than the hostname. Also, you can’t tell if someone is using netstat to find someone’s IP. If you’re worried about someone trying to get yours, don’t use direct connections. Also, don’t bother with scaring some lamer by doing a visual route. It won’t do you much good. Chances are he/she knows about that too and thinks you can get a home address from the IP address. Just ignore him and forget that he exists.
Well, that’s it for my ranting and raving for now.
zhugeliangMemberFirewalls don’t protect from booting. Well, it protects (in theory) from being booted from voice if you don’t allow udp connections on port 5000 (or whatever the port for vc is). If you dont’ allow UDP, it uses TCP which supposedly isn’t bootable. However, that is besides the point, hardware and software firewalls don’t help because the problem isn’t technically a network problem, it happens to be a flaw in Yahoo. Booters mostly (all except server side) try to cause your Yahoo to have a Buffer Overflow by sending lots of PM bombs, file transfer requests, Pm’s that request voice and/or buzzing, and so on and so forth. Those cause your Yahoo program to fill up it’s alloted amount of memory fairly quickly and thus causes the program to crash. So firewalls won’t help. You would be best using a chat client like Ymlite or Yahelite, or one of the many others that are out there. Hope this helps you guys out. Oh, and btw, the server side boots are rare (in fact, i’ve never run into them and I go in and out of the booter rooms and fight rooms and have yet to run into one or at least one that works). Not only that, but Ymlite and yahelite (and many others I’m sure) provide the option to use the YCHT protocol, which is a pretty stable protocol, so you won’t find many server side boots that work on it… if you do at all. You really have to be looking for someone who has one to actually be able to find one. Well, hope this clears some things up for you guys.
-
AuthorPosts