It lets someone gain some information about you, but it’s not inherently damaging by itself.
The address can give a general idea about your geographical location (city or region). This doesn’t pinpoint an exact address but can still provide a vague idea of where you are.
They can overwhelm your IP address with traffic in a DDoS attack, which can make your internet connection temporarily unusable.
They could scan open ports associated with your IP address to reveal what services are running on your device which could have known vulnerabilities.
If they have other means to monitor network traffic they could determine what websites you’re visiting or who you’re communicating with.
These days not much
If someone knows your IP they can scan your home network and try to find devices like your computer or printer and either attempt to break in or harass you.
But If you use a common wifi router it blocks all the incoming unsolicited ports to your home (it acts like a firewall) so a port scan shouldn’t find anything.
You can use an IP address to trace someones movements online to a degree, but you need access to those types of logs which are not publicly available. IP addresses are also shared by multiple people in a home or a business and tend to change frequently so you can’t really equate an IP address to specific person.
These days if a script kiddie (amateur hacker) learns your IP address they are more likely to conduct a Denial of Service Attack (DoS) which means sending so much garbage traffic to your IP that you can’t use your internet.
I’ve had that happen to me before and quickly learned which 14 year old was doing it as it was a kid at school. One phone call to the parents and threatening to call the police solved that problem.
The problem is if some script kiddie on a video game learns your IP and gets angry with you it’s a lot harder to make them stop harassing you. You basically have to wait until they get bored.
It is much like a real address in that respect.
It isn’t a secret, and a lot of people have it. You need to give it out for many purposes.
However, if someone you do not want to have your address gets it, they might send you threatening messages, egg your house, knock over your trash cans, try to spy on you, or break into your house and try to murder you in your sleep.
With an IP address, most of this is limited to the digital world. It is difficult to get a full address from an IP address and, if a person is that determined to get your address, probably easier to do another way.
So they might use it to ping flood your connection to make your Internet slow or crash your router. They might hack your router or your computer. They might use it to determine your general location, but this usually only gets to within several blocks to several miles.
The upside is that it is much less potentially dangerous to you for angry strangers to have your IP address than your physical. It is difficult to beat someone up or shoot up their house online. The downside is that, unlike a physical address, people with your IP address can harass you from another continent.
Whenever you are contacting any service on the Internet, they will get “your” IP address — in reality this is assigned by your ISP from a pool. This is so that they can send data back in response.
There is nothing inherently bad in this. In fact the Internet could not work without it.
It can be a scare tactic though. “Look! A hacker has hacked your machine, they know your IP is 123.456… pay up now to stay safe!”
Every website you visit knows your IP address unless you use a VPN. Nothing ever happens from it.
Years ago, I administered a corporate server and web connection back when the internet was new. I needed a vendor to come on the system and debug something. I has set up a firewall to only allow in specific IP addresses. I asked him for his IP address. He stammered and said corporate policy would not allow him to give that out. I think he made that up.
But I told him to telnet into my system. He said it failed. I looked at the firewall logs. I told him he was coming from 123.234.1.2, and to try again, because I added that to the allow list. He sputtered, but logged in and fixed my problem.
Practically nothing unless the person actually knows what they’re doing. Which at that point, if you’re a target of somebody like that, you have enough assets to just hire a cyber security team.
And if you found a way to become a target of somebody like that and you don’t have any assets, you made them mad somehow and you’re screwed anyways.
In many cases, with your IP address, I can at least narrow down where you are in the world. Even if I can only narrow down that you’re in Utah, I’ve eliminated 49 other states. If I can get additional information, even if it’s not specific, if I have reason to find you, I probably can. If I know your license plate is UGH IDK and an IP address puts you in the vicinity of Orem, UT, I have a good chance of finding you just with those two pieces of information. Without your IP address, UGH IDK could be anywhere in UT.
Are there better data sources? Yes. Can IP locations be wrong? Absolutely. I was having this argument with someone a few months ago. He said he’s in, like, Virginia, but his IP would show him in Minnesota. That may be, but in other cases, IP addresses — especially for major commercial IPs — will put you into a relatively accurate geographical area. If your IP can be associated to a company’s IP block, then you at least know the person is somehow affiliated to the company. Even if that person was just using guest wireless.
In and of itself, an IP doesn’t tell you much. But it gives you a way to narrow things down. That’s why it’s considered PII (personally-identifying information) under HIPAA.
It’s not bad. It’s like how people blur out license plates. Your IP is meaningless to most people and at worst it can give out your approximate location (usually an entire city at best)
You know those scambaiting videos where they coax the scammer into clicking a link that reveals their IP? All they’re telling from that is what country the scammer is in, to prove they’re not in America or wherever they claim to be located. That’s it. The ones who can reveal an active building where they’re located are doing it differently, because they’ve gotten access to the scammer’s computer and can check the Wi-Fi connections around them.
Here, [try it yourself](https://iplocation.com/)
That’s all anyone is able to find from your IP address.
Now, say you piss someone off in a video game. They can start sending ping requests to your IP, from multiple different computers at once, this is known as a dynamic denial of service attack or DDOS. The goal is to break your internet connection by overloading your router, as it would try to reply to all the requests.
These days, most competent routers have mitigation for this sort of thing. So unless you’re browsing the internet with a router that’s got its firewall disabled, you really don’t need to worry about it. It’s one of those things movies love to play up as if finding someone’s IP makes you an expert hacker.
When your computer is interacting on the internet it is assigned an IP Address, which is basically its ‘location’. For example 0.0.0.1
When you are interacting with a website you’re basically saying hey example.com, please send ‘x’ information to me at 0.0.0.1!
The way this is can be exploited in a DDoS attack is that a malicious person can say “hey example com, send me this gigantic file or many different files to me”, but fake the address, perhaps to yourself at 0.0.0.1. This garbage traffic will take up your entire connection not letting anything else through crippling your connection.
Also they can use a bot farm, which is basically just a load of computers which can be told to all send information simultaneously and continuously to the victim
Latest Answers