What can you do with ip address?

jhyukkang

Distinguished
Sep 1, 2007
562
0
18,980
hi, i just got my FTP setup, and working fine. but this one thing is holding me back. Hacking
i told few people my ip address so that they can get into my FTP folder. so im curious if anyone can do ANYTHING just with my ip address.
i have port forwarded 20 and 21 with AT&T Uverse modem. and i believe i selected this certain pc for outside connection. not other pcs.

so basically, can anyone come in through our modem and do ANYTHING, such as taking informations, ruins the whole hard drive, etc,, to any of my computers when i have my FTP running with port 20, 21 forwarded. i didnt do anything other than that to create my FTP server. i have windows XP home, and 4 other computers connected to this router
i know people can remote control other pcs just with ip. but that requires pc that is being accessed need that feature checked on in the control panel.

i dont feel secure with my FTP on right now. or am i just overly worried?
 
well its always good to be a little worried.. But if you gave people your IP address than those are people you trust right.. ?

To ans your question yes they can do some damage to you from your IP, Not only from your FTP server they can exploit your router and then breach your network.. This doesnt mean your frineds are going to hack you someone from austrial can type random IP and it happins to be yours and they pwn you.

Just make sure your AV updated as well a system updates (Really your best Def)

If you are really nervous about having your FTP open you can change the ports. Than only give those ports to known users(people you trust)

I had a Filezilla FTP with default 20 &21 open and i notice random IP trying to brute force there way in, I changed the ports and those attacks went away
 
so even if i turn off the FTP and close those 20 and 21 ports( back to normal state, no port forwarding or anything) can people do something with my ip?
i gave my ip to close people, but still im trying to look at all cases that can happen
 
of course.. They can run ping sweep and figure what type of router your be hide and try exploit it..

Having port 20 and 21 just increases the risk of an attacker that's all.

Because when they run a ping sweep or port scan they can see port 20,21,80 etc are open and they know ok FTP port is open i can exploit with ftp or something to that nature that's all.

Also idk if you static your IP from your ISP if you didn't your IP changes every certain amount of hours so ya.

Be honest dude you are never safe (unless you have no internet) so best ans is just make sure your have your system updated and AV updated and your Router updated to latest firmware and if see that your computer acting weird can check IP logs and see whats going on
 
yes, most servers you can log who connects to the server.

as far as the original question, no one should be able to hack your PC with just FTP ports. Probably. But giving out your address isn't the limiting factor - even 10 years ago when I was watching firewall logs, there were CONSTANT pings and hack attempts logged, from all over the world.
 
If you give your friend a key to your house, but you leave the door unlocked with a sign on it, saying "my door is unlocked" - and this sign is visible around the world - giving the key to your friend is not the problem.

Criminals/hackers regularly scan entire IP address ranges. If you have open ports, they will find it. You can help some by using different ports (security by obscurity is the term) but that is a little extra help, not true security.

Again, FTP probably isn't a door into your entire PC, but you want GOOD passwords on it, esp the admin pwd. I managed an FTP server, and at least once per hour someone was trying to log in as "admin" or "administrator" - maybe even don't have an account with that name.
 


indeed and don't use a simple words from the dictionary, try using letters, numbers and symbols because there are programs that use every word in the dictionary as brute force attack.

gtvr I agree with you 90% but if he has his FTP server as his local machine and has all his personal stuff on that machine but not on the FTP part, So say for example his has a drive X with all his stuff as the FTP if an attacker brakes his FTP and see's he using X he can cd into C and install something nasty since he has admin rights.

Correct me if i am wrong, but If he makes that admin of FTP only have rights to his X drive it might be a little difficult but if that attacker still gets in can he place like a logger or something into X and wait for his local admin creds?
 
He is using a 3rd party FTP server, not the FTP service that windows has.

http://www.tomshardware.com/forum/30569-42-please-server

The FTP admin account should not have access to his whole system, unless like many people he used the same username/password combination to make it easier to remember. If anyone gets in this will probably be the first thing they try to access the rest of the system. I would strongly recommend that your usernames/passwords for your Windows admin account, FTP admin account and router admin accounts all be different.

Even with nothing running I used to see people trying to access my router on a regular basis. I rarely see it now with a different ISP though. If you are connected, expect it.
 



ok so that ans my question, I use FileZilla and it doesn't have access to the whole system by default.. As long as he didn't apply the admin to have full control
 
wow, little confused, so basically FTP, and open port can be a way to connect the whole pc (not just FTP folder), but as long as i have different user names and pass for everysingle accounts in my pc, it will be harder for hacker to "get into" my pc?

sorry i got LOTS of questions..
this pc is like my internet surfing and doc pc, which i use emails, bank, other important stuff. and i have other pcs connected to same AT&T Uverse which other family members use.

is it possible for outsiders/hackers to get accesss to all computers thats connected to same router through FTP/ open ports? easier to get control over when port is open?
 



Yes and no.. Yes bc Basically if you log into your computer with the user name "BOB" and password is "123" BOB has access to everything on your computer hence local admin.. Now when you create your ftp say you make a user called "BOB" with pw "123" technically that the local admin account so therefore he can access your whole machine. We are trying to tell you use something different like Bill as admin account for your ftp . And try to keep your local admin out of it..

Now its impossible attacker can access other computers on your network from just the ftp port.. But if he manages to get in he can then see network. For example lets just say he does get in he can run ipconfig and see you have an address of 192.168.1.50 he can then ping sweep from 192.168.1.2-254 and find what clients are online and then run vulnerability test to see what security holes are on those pcs or he knows local admin password because you never changed the BOB account
 
That's not 100% correct.

When someone connects to a computer via tcp/ip, they connect on a specific port. There is a program that listens for traffic on that port, and assuming it is the right protocol, it will communicate.

So, I send network traffic to your computer, on tcp port 21. If I send a remote desktop request, it won't work. If I send an HTTP request, it won't work (as in, the listener - filezilla - will ignore it). If I send an FTP request, the program will talk to me. If I send the right username and password, it will let me upload, download, etc. (there are steps to an FTP connection, if you set up a detailed log you can probably see them).

So even if I connect to your ftp server with your PC admin username/pwd, there's not really much I can do. You should set up the root folder of the FTP site as something like d:\ftpfiles\ (not c:\ ) - assuming no one comes up with a security flaw in filezilla, they can then only access files in d:\ftpfiles that you grant access to, from within the filezilla program. Of course, you shouldn't use your PC admin username/pwd as an FTP account pwd - use something different. And you shouldn't run your PC logged on as admin, but that's a separate issue.
 
**Edit: Well I see they both replied while I was typing and explained it a little better than I did.**

Every port is a possible pathway into your system. The more you open the more vulnerable you are. That's why firewalls exist. Your router has a firewall and now most operating systems have them as well. These close off communications over those ports and reduce your vulnerability. The only thing that will eliminate those vunerabilities would be to disconnect completely from the outside world. Of course then you still have vulnerabilities just a different type. Someone can still break into your house and steal your computer for example. What you need to do is determine if the risk is worth it. Typically a home user isn't going to be targetted like businesses and government are. Their information just isn't worth as much, but it does still happen. Using strong passwords makes it harder to guess or break into. Changing/disabling the default administrative accounts also helps because those will be the first things someone will try to access your system. Using different usernames and passwords for different devices and services helps because if they do happen to gain access to one thing they won't be able to use that same information to gain access to everything.

Make your friends log in with a username and password, preferably a strong one.

I'm not trying to scare you, but this is reality. There are always risks in anything you do. I could get hit by a car walking across the street, but I can reduce the risks by deciding when and where I cross.

I have opened several ports in my firewalls for various reasons over the past few years and I haven't had a problem yet.
 



http://www.untangle.com/
is a good hardware firewall. Used it for 3 months now love it!
But it does take FOREVER to boot up 7min+, but it is running on a old computer so that might not be a fair test
 





i have problem with my ip when i send message nobody will receive my email why what can i do now