Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Is it possible to hack an IP address?

Question:

Last week while I was using my friends laptop, he found out that his Gmail
account had been breached ( according to the account activity on Gmail). I
accessed my own Gmail account just before or the same time. Now it seemed like
I accessed his email, which I did not. His Gmail account activity shows the
same IP address as the one I used.

Is it possible that someone could have hacked in and used the same IP
address to access my friends Gmail account?

In short, probably not.

IP addresses are technically not able to be hacked. They’re fundamental to
routing data on the internet, and as such an attempt to hack an IP address
would break the hackers connection to whatever he was trying to access.

However, there are actually a couple of common reasons that accesses from two
different machines might appear to be from the same IP address.

I’ll look at ’em both.

]]>

Two machines can appear to have the same IP address on the internet at the same time if they happen to both be behind the same router.

“… all the machines behind the router look like they have the same IP address on the internet.”

In your home, you may have a router that connects to the internet as provided by your ISP. That connection can then be shared among multiple computers.

Part of what’s being shared in the IP address.

In a situation such as this, the IP address is actually assigned to the router – it then in turn assigns local area network IP addresses to each of the machines connected to it. These are usually addresses of the form 192.168.x.x which by definition cannot appear on the internet itself. Each time a machine makes a request of the internet the IP address is “translated” by the router and appears to come from the single internet IP address that was assigned to it.

In other words, all the machines behind the router look like they have the same IP address on the internet.

Two machines can appear to have the same IP address on the internet at different times if they connect via DHCP.

DHCP, for Dynamic Host Configuration Protocol, is one of the ways that ISPs re-use IP addresses when computers aren’t continuously connected (and even sometimes when they are).

DHCP dates back to the days of dialup when computers were typically only connected for a short while before someone had to use the telephone again. When you connected your computer via dialup, an IP address was assigned on the spot, and when they disconnected it was released. If another computer came along and dialed up after you had disconnected there is a good possibility that they might be assigned the same IP address that you’d just been using.

Even though we’re often connected for much longer, the same technology is still in use. Depending on your equipment and how you connect it’s very possible that your ISP is assigning you an IP address when you first connect and releasing it some time later. Once again, if after you disconnect someone else comes along it’s possible that they could be assigned that IP that you’d just been using. And much like dialup, they really don’t have to be all that close to you either, they simply need to be using the same ISP.

To muddy the waters even further, you don’t really even have to disconnect to have your IP address released out from underneath you and placed back into the available pool. The protocol is such that you’d be assigned a new one immediately, and you’d never notice, but I’ve seen it happen. The net effect is that even if you’re connected continuously your IP address could change, and the one you had been using could be assigned to another machine elsewhere.

Finally, one note about your specific situation – it’s possible that it could be something as simple as his having had “remember me” checked so that when you went to check your email it “touched” his and recorded your IP address before you logged in as yourself. Similarly, if you use a different browser, both accounts could have been logged in simultaneously. Finally, if he’s running a tool like GTalk or the Gmail notifier, these too could have retained a persistent connection to Google and his account while you read your email.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

7 comments on “Is it possible to hack an IP address?”

  1. Reading the full text of the question, I think something obvious has been missed. “While I was using my friend’s laptop…” would indicate to me that both Gmail accounts were indeed accessed by the same machine. I don’t know how Gmail works, or how the laptop is set up, but it may be as simple as the laptop automatically accessing the friend’s e-mails through Outlook or something similar in the background, and the person posing the question accessing their own Gmail via the web.

    Reply
  2. “The protocol is such that you’d be assigned a new one immediately, and you’d never notice, but I’ve seen it happen.”

    It’s not always “invisible” when the IP address changes. I know someone who had his business on a dynamic IP connection. The address would stay the same for days on end, until, that is, someone would try to ftp a file to his system. (My guess is that his TOS didn’t allow him to run servers on his connection, unless he upgraded to the static IP service.) Within seconds of starting the ftp, his IP address would change. Which, in turn, killed any active connection, like ftp and telnet, regardless of which was the “server” and which was the “client”.

    Reply
  3. Umm.. spoofing a WAN IP address is not a hard task these days, yet do I think someone that doesn’t know how NAT’n works spoofed an IP address… Probably not.

    Reply
  4. I am not getting yahoo email from my normal contacts. A few days ago on one of my yahoo accounts, i was forwarding emails to one of my other accounts, “news letters”, then in that process there was a notification “your account is unusable for a period of time as it is detected as a spam account.” something like that/ I am not a spammer. Another one of my friends had to open a gmail account instead of his normal isp email. Is there some radical changes eliminating email perse?
    tks

    Reply
  5. Speaking of Yahoo, be EXTREMELY careful with them. I had a Yahoo account with them for THIRTEEN YEARS. However, last month I suddenly was unable to get into that account. One option offered was “Forgot password?”. I took that route and after a couple of screens I got a message saying that I needed to contact customer support. I did. Two days later, I was told that my account had been cancelled for violating TOS ?!? No explanations whatsoever. I answered asking what violation I had committed. 3 days later I got a message saying they could not tell me any more and that was that. Fortunately, I had absolutely nothing valuable with them. But, if someone hacks your Yahoo account, expect ABSOLUTELY NOTHING from Yahoo !! They will be useless.

    Reply
  6. I believe I was hacked recently…with someone using my IP address,e-mail, and eventually my bank account to order some program on line..I have been charged and the bank resfuses to fight this since the company says my IP address came from my computer…is this possible?

    Reply
  7. @M Bloom
    Does anyone have physical or remote access to your computer or to your router? In order to come from your IP the transaction would have to come from your computer or home network. This can also be the result of malware running on your machine.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.