How, pray tell, are you going to dox someone with their IP address? They're inaccurate as fuck and barely even accurate enough to point to the correct country in a good percentage of instances.
And, I have no ulterior motives - just a desire to educate. Your IP address isn't private. It isn't even good at determining where you live. It may not even list the correct country.
To demonstrate this, we can use me as an example:
My public IP address:
216.227.92.163
I live way over outside of Rangeley, Maine. I'm NNE of the village.
Go ahead and look it up and tell me how you're gonna dox me for that? You're a victim of someone spreading misinformation for the reasons of FUD.
Again you seem to be replying to things I didn't say, not sure why? I never said you can dox someone with their IP. What I said was "one of the steps to their unholy grail -- doxing.".
Your IP for example gave me your country, state and approximate area (within 100 miles of where you said you live) which also leads to your likely ISP which I could use as a start. That gives more information to target someone vs. anonymous random guy on the Internet.
As I'm sure you well know doxing is not a one shot one kill endeavor. It requires meticulous gathering of data and rereading everything a user has posted for clues. The IP address is just one clue in that puzzle.
I'm not going to argue with you about whether it is smart to protect your IP address on the Internet. We'll have to agree to disagree.
Cheers
It seems to me that one should be willing to defend their PSA.
My point is if you're using their IP address as a step in doxxing someone, you're going about it all wrong. That's a horrible way to get someone's identification.
If I wanted to dox you, I'd browse your comment history and get a picture of your preferences figured out. I'd build up a profile that seemed to like similar content. I'd log into it often and use it frequently. Then I'd say something like, "I have a couple of copies of Mein Kampf original prints and I want them to go to a good home. Leave a comment if you're interested and we'll work something out." I'd leave that as a submission and tell everyone by PM that someone already claimed it, except you.
Then, I'd just get you to give me your address and name. I'd tell you stuff like, "Hey, don't give me your real address. Just use one of those drop box shipping places." Chances are, you'd think, "Fuck, I might as well just give him my real address. He seems legit."
If you did use a drop shipping place, I'd just set up a camera, have a buddy observe, or observe myself - if it were remotely important. There's a reason I'll have wrapped your package in bright red wrapping paper. Then, it's pretty damned trivial to find where you really live.
Or, I'd just put together your comments and (maybe) deduce where you work from there, call your job, and use social engineering to get the information from your employer. When I did find you, I wouldn't tell you (or anyone else), I'd continue to use social engineering to find out what your local preferences are - what you display to friends and family. People love to give information and generally like to think they're helping.
IP addresses?
Man, you need to go watch some DefCon talks. Wait until you see how mobile IP addresses work. You'd be better off scripting something to see if you can get a DeviceID leak.
I'm pretty legit about offering to help you learn. If you want to dox someone, start with social engineering. Their IP address is pretty useless for doxxing.
(post is archived)