What are the possible threats if internal IP address is publicly revealed?

security networking ip internet

Solution 1:

Giving out your public IP address simply makes you a target. It is like posting your email address. Malicious people will then be able to use your IP and target your computer. Whether they will be successful or not depends on the way you've set up your machine but in any case, the first step will be getting your public IP.

Now, posting your internal IP, is not dangerous at all. For example, my current internal IP is 192.168.0.37. There are certainly thousands of computers all over the world that are connected to their local LAN using the exact same IP. Internal IPs are just that, internal, they have absolutely no meaning outside your own network and sharing them is not dangerous.

The same goes for the rest. All of the information you mention is specific to your local network (assuming you mean the broadcast address of your internal IP, not the public one) and there is no danger in sharing them whatsoever. In fact, please make sure to use real addresses when you ask questions since they can help us understand where the error lies.

In summary, you don't really want to share your public IP or the MAC address of your network card but internal IPs, broadcast address, subnet mask, default route (that's just the internal IP of your router) and DNS servers can be shared with no risk. DNS servers are public anyway and all the rest are internal to your local network and have no meaning outside it.

Solution 2:

Some qualifications to terdon's answer about public IPs.

A public IP for most people these days is actually the IP of their router, not a computer. That may go on to give people access to other stuff on your computer and network but it's a layer of resistance. Most routers won't let people through by default so you're relying on the straight security of that.

Additionally, many people's public IPs rotate around between customers at their ISP. This is exactly to prevent this sort of targeted attack. A customer might rotate around hundreds of thousands of IPs, or more.

In short, direct attacks for an IP address you posted probably aren't going to be any more a problem than the waves of automated scans hackers already do.

But an IP address isn't just a number. You can whois an IP to learn who owns it. Depending on the sort of network this provides:

  • Country (usually correct)
  • ISP or network owner
  • Location of the network owner. Only a problem if you're in the same building (eg it's your corporate network, or a hotel or something)

You can also get a very approximate location via advertising networks.

You might be able to use this sort of information with the context it was posted, past posts, links to other profiles, random Wayback-logged content saying where you went to school. Deep digging information like this can be dangerous, but how much of that is really relevant to the IP address you posted when you posted it?

I guess that really depends who's after you.

Related

Missing libssl3.so when trying to install Flash Debug Player on Ubuntu 13.10
Unable to install Apache OpenOffice 4.1 on Ubuntu 14.04
Why is Samba not adding a new user with "samba-tool"?
Ubuntu asks for Wifi password during startup even though it remembers it
GUI to mount disk images (iso, etc) in Xubuntu?
Update fails. Can't install any software ! [duplicate]
What do you call a person with 'polar' views or preferences
Politically correct way of saying "perceived by others as better"
Idiom for tinkering and then returning to what you had at first?
Are "gadfly" and "gadabout" related? [closed]
A phrase that means “feigning being violated”
How to pronounce “locale”?