# Can a hacker download files through my IP?



## prez (Mar 19, 2007)

Hello, this is my first post and I have a question. Earlier, I was attempting to download a file through Rapidshare. Before you can download from them they have that "Letter code" that you have to put in before you can get to the file. So on my first few tries, every time I tried to input the code it would tell me that I had entered the wrong code. (It is quite possible that I was putting in the wrong code as the letters were in a strange font which made it difficult to differentiate between some of them. But this isn't that relevant to my overall query, it's just background info.) Anyway, as I kept putting the wrong code, I didn't download any files.......at least I was under the impression that didn't. I left my computer and returned about a half hour later. I again returned to the Rapidshare page only to receive a message that my IP address was currently downloading from the site. This was highly confusing to me as I was not downloading any files from Rapidshare at the time and my Firefox "downloads" window showed no downloads running. I turned my computer off and restarted it, then returned to the Rapidshare page, where I was still told that I was downloading a file. Finally, I unplugged by Ethernet cable from the router for several seconds, then plugged it back in. When I returned to the page, the "download" had stopped. Anyway, this has me concerned, ridiculous as it may sound, that a hacker may have spoofed my IP address and used it to download illicit files to their own computer. After doing some Google searches I came across one discussion forum in which it was stated that it is not actually possible to download files through a spoofed IP. I was wondering if this is true because I am quite paranoid about my online safety (I have OCD and it makes me worry about lots of unlikely things). I should also note that as I live in a college dorm, I am on a shared network; however, I checked with my roommate and our IP addresses are not even remotely similar, which makes me doubt that IPs are being shared among users.

So my question, for those who found that post too long and confusing to read, is:

Is it possible that a hacker could have "spoofed" my IP address to download a file to their computer through Rapidshare without being traced?
This may all seem a little paranoid or stupid, but I worry about a lot of things.
Thanks for any help you can give me!


----------



## Andy128 (Nov 6, 2004)

You are on a shared network and therefore your security is entirely dependent on the security measures put in place by the network administrator.

Port sniffing can be used to probe traffic to the internet from the IP of the network. Another access point for hackers to gather data.

Rapidshare traces the IP address of the user to prevent or limit file download sizes. I do not know the vulnerability of such a trace and/or if it, in and of itself, is exploitable.

For safety reasons due to being on a large network and you are unsure what security measures have been put into practice- if your not physically at your computer- there is no need to have it connected to the internet. Just food for thought.

FYI
Andy


----------



## prez (Mar 19, 2007)

Well, that doesn't exactly reassure me! But what I really wanted to know was if this statement, which I read on another forum:

"You can't use a spoofed IP to actually download anything."

is true. To me though, it stands to reason that had someone else been using my IP to download to their computer, then the "download" would not have stopped when I disconnected my ethernet cable, because they wouldn't have been using my internet connection, they just would have been falsifying their IP address by presenting mine as theirs. (Although a couple of times since then I have tested this by downloading a file, then unplugging my ethernet connection and waiting for the download to cancel itself, then plugging it back in and returning to the page, where I am, at first, still told that I am downloading a file. (It takes a little bit of time to recognize that I am no longer downloading.)) Oh, this is so confusing to me. I feel like a total idiot.


----------



## Andy128 (Nov 6, 2004)

If they have *your IP*- then they have the potential to access your computer. It all depends on how they go about accessing it. Once in- they have many options open to them to include- downloading files.

IP spoofing is not so much getting your IP address from visiting a site- rather it is the cracker (malicious hacker) using a an IP address (not his own) so that tracking him is difficult. In other words- if you detected a cracker in your computer and traced the IP address- it would likely not lead to him but some other individual who has no idea he is using their computer to spawn(assist) in his attack.

The internet is safe - you just have to keep your wits about you. File sharing is notorious for the transfer of viruses, trojans etc....... That is why it is generally a bad idea. Never download something unless it's source is known and trusted. Otherwise- you potentially give your computer to someone else.

Andy


----------



## prez (Mar 19, 2007)

Thanks for your help Andy, but I think you're confused about what I'm concerned about. I'm not asking if with my IP they can access my computer and download files either from or to my computer (although I certainly wouldn't want that either). What I'm asking is if a hacker could, using a spoofer or a proxy or whatever, use my IP address to download files from the internet to their own computer, so that they would have the file on their computer but the server records would make it look as though my computer had downloaded it. I'm concerned about the possibility of a hacker using my IP to download child pornography or other illegal files from the internet onto their computer and then me getting into trouble for it because the hacker made it look like I had downloaded it. I know it's far-fetched for me to think that such a thing has happened or will happen to me, but is this in the realm of possibility? I get a bit paranoid when things start to happen on my computer that I don't understand.


----------



## Andy128 (Nov 6, 2004)

Prez-
Sorry about that. I doubt very seriously if they can download from computer to computer back to their computer. 

Usually where they get someone in trouble is that they have downloaded a program in your computer that sits dormant until given instruction by the cracker and then it springs into action doing a DOS attack or sending out tons of e-mails. All this seems to come from your computer.

Sorry for not understanding that before. Hope the post was useful.

Andy


----------



## prez (Mar 19, 2007)

Thanks Andy. I feel a bit more reassured now.


----------



## Drew_ (Apr 18, 2006)

Also, my experience with rapidshare is sometimes if you cancel a download or something else happens, it says you are downloading when you are not. Nothing to worry about.


----------

