Determining client IP address of other residents

There are SL companies (3rd parties, not LL) who are able to track the client IP addresses of avatars visiting a certain region/parcel. As LSL does not offer this function, I suspect that a streaming media URL, directed to a server run by the company, is used to capture the IP addresses of requesting clients. Am I on the right track here?

If so, anybody concerned with the privacy implications of this disclosure will have to disable receiving audio and video media streams on other parcels to be on the safe side, correct?


PS: I don't really mind that, but some people might. Most won't even be aware of that functionality.

I don't know for certain, but my guess is you're probably correct. It would be interesting to find out.

Yes. Incidentally, this is exactly why LL advised people to turn off streaming if they chose to run old viewers without the recent security patches. The vulnerability that was fixed required knowledge of the victim's IP address, and streaming media was the way to get it.


Yes.

Remote Monitoring of Residents and their personal info is Against TOS . maybe you should report them.

But it can be done if you have an empty region. as soon as someone connects using their stream it is easy to get IP.. but as long as you don't play the stream i doubt it can be collected

The recent "Security update" Does not deal with Streams and IP adresses. I can Still see Ip adresses connected to my stream

Can you elaborate on this please?

I don't see how it's possible for this kind of IP address grabbing to be circumvented via any patch to the viewer. And media streaming has been off by default in every viewer I've ever downloaded.

If a sim owner has access to the server logs from where the media is being streamed, then all they have to do is log the time that every avatar entered their sim, and compare the two logs. No viewer patch can circumvent this.

The only way to protect yourself is to disable media streaming... whatever viewer you're using.

You misunderstand. The recently patched flaw in the protocol required the victim's IP address to pull off an exploit, and that flaw has been fixed. Addresses are still obtainable. though, that has not changed.


It prompts the user to enable it when it first turns up. Users tend to click OK on anything.

Correct
.
.
.
.

Remember that the web tab on the profile also hits a 3rd-party server directly, so you're giving away your IP that way too. If you have "Always show web profile" checked (or whatever that checkbox is named; I'm not inworld right now), it'll load as soon as you open somebody's profile, regardless of whether you view the web tab or not.

Putting a web page on a prim is also a way to acquire IP addresses. But there's nothing insecure about others knowing IP addresses. It's given to every website you visit.

An IP address is just one more piece in the puzzle. At some point you have enough pieces to carry out an attack, like the recent client vulnerability.
Deny any one piece, and you deny the entire puzzle.
That said, as Phil points out, the IP address is not exactly the most top-secret information in the first place, so relying on that being hidden for security in general... well, pull out the Internet cable.

ETA: Just to be clear, the recent client vulnerability required doing a hell of a lot more than just knowing the IP address.

When I'm in a good mood, I'll host my own music stream for the classes I teach. Doing so advertises my IP address to anyone who arrives in the parcel. (^_^)

Meh... Meh... Meh... There are a billion other ways to get it. (=_=)y

if a person is trully paranoid about their IP address, it's very simple to set SL up with a proxy, which is just another machine for your messages to filter through between you and SL, or more generally, you and the internet.... and then it's the proxy's IP that shows up, not yours.

the drawback, is that It's one more extra trip for your data, increasing ping times, possibility of data loss, etc... and can translate into extra lag, more dicsonnects, and slower connections to media...

I was at a place the other day and was checking profiles. One person had one of those defensive profiles an included a warning that they had a port scanner, which I'm told is software that can trace other peoples' IP addresses.

You have to have the IP address already to run a port scanner. All the port scanner does is send requests to different ports of an address to see if it gets a response. The person would still have to know how to exploit an open port. You can download portscanners pretty much off any freeware site. If the person was touting it as some piece of uber-software then they probably don't have much of a clue as to what they are doing.

ya you can even go to credible places .give your ip address and have them scan your ports to see if they find any holes..
the holes are the problem not people getting your ip..
If it were all about the IP address we would be hacked all the time and it would probably get boring for a lot of hackers lol

heck hacking would be something everyone could do then.

I think the main point here is not so much security of your computer but privacy of your alts. If they collect IP's and match them to avatars they can compare IP's with avatars and see who is alts of who...

Every website logs IP's and most forum software makes it easy to compare usernames with IP's. So don't register your alts to the same forum and expect the website/forum admin doesn't know who your alts are.

exactly..if you use the same static ip..if it changes each time they would have to look a little harder.but thats mostly dialup that changes each time anyways.

In my experience as forum admin, most DSL connections, even if they assign IP addresses dynamically upon connection, draw from a rather small pool of IP addresses.

Hence alt identification is a definite consideration.

Anybody got a sculpted tin foil hat?

very true..and as soon as the other account happens to use that ip they group together in the logs when you look up a persons Ip..i used to admin a few gaming forums myself and it was pretty easy to find people you have already banned heheh

Except that isn't combined (usually) with someone who may be stalking that person, RL or SL (or both).

Thanks to the OP. I think it's very important to tell this to as many people, especially 'newbies' as possible. "Come on over to my island" seems harmless enough until you realise, the IP plus some 'social hacking' may be all that's needed to track someone down in RL, and that recent story about the SL stalker who tried to kill someone, makes this possibility very serious indeed.

I would bet that the vast majority of people that are stalked from any online venue into RL have already given the stalker enough info for them to gather the rest on their own. Many people do not realize just how much can be found out about a person on the internet. If I have your real name and a few other pieces of info, I can very likely trace the average internet user.

My local yellowpages will give you my address and Phone number. No hacking required. See how that works?

Some names are more common than others and some cities are big. Just saying.

In every case that I have heard of where internet stalking went into RL, the person being stalked had given out much more info than just their real name and general geographical location. The had also given out phone numbers or an email address that they use for many other things (many people would also be surprised at what can be found out from an email address).

I have known of a couple of cases of SL stalking and harassing that stayed inworld, and it was the direct result of matching alts to IP addresses. So, yes it can happen, but I do not think it is very common - especially since so many of the folks that I meet in SL really do not have the computer knowledge or equipment to be able to do so.


For the most part, SL is like RL in a couple of very important ways -- always be cautious and try not to really really piss others off.

very true..
their whole game is to trick as much information out of you as they can to put together an attack.Some need less than others..
In things like SL and yahoo and Gmail where both sides have a server in the middle of them, they need to get more info to use another way..
As much as people trust others in SL, i am not surprised it doesn't happen more often because it is all about gaining trust.

I know Last i heard that most things microsoft,like their messenger and email were as simple as you answering an IM from them or responding to an email that could get a trace on you and even past ports..

Skype was pretty bad itself for people getting hacked..

Your IP address is like a someone said earlier..A phone number in the yellow pages..Anyone can call it and it shows up everywhere you go pretty much..
It's if any of your ports answer the call is where the problems start..

If it was just about getting the IP we would all have been hacked more times than we can count

Going into a sim and someone getting IP's from everyone that does is not going to get you hacked unless you go in there with holes in your system or handing out all kinds of RL information..

More times than not it is the person that got hacked giving out the clues these people need or not keeping up with security on their own end giving them direct access..

Here is an example:
Lets say,SL itself is like bouncing a transmission off of a satilite..The satilite being the SL server..if i am communicating to you and and you to me..Everything we say and do is going to that satilite before either of us see what we have communicated to each other..

SL can see your IP but when someone looks in some way at you if you have not left the path in that transmission they will get an SL ip..

going to links in sl that are on the web is like sending another transmission to another place..

if that place scans back and finds holes or has something on that site that collects information to holes in your defense..expect an attack.

look at spyware and maleware and viruses..these are tucked into files that fool your security called trojans most times..you get these as easy as surfing the web..
your system has let in what it thought was a trusted file and it had a boogy man inside it..

people need to be as secure if not more with their RL information than anything..

i know some people on SL just handing it out like it was Halloween candy..
if the need comes to people to give information generalize if you have to but don't give direct information..thats just crazy..

if someone asks me where i am from..i say the states..if they ask farther i say the south in the states..if they keep digging i say the bible belt..if they keep going i'll say something like..what are you gonna do stop by and say hello?