I read that real hackers don't need trojans, they only need to know your IP address. If that's true, wouldn't a good software firewall prevent this exploit?

-{ Quote: "I read that real hackers don't need trojans, they only need to know your IP address. If that's true, wouldn't a good software firewall prevent this exploit?" }-Well, I don't know where you read this, but the truth is, to "hack" you they need to exploit a remote service running on your machine. Workstations have few services enabled by default, so it's really hard for anybody to hack into one by just knowing the IP address; that's why the method that sleazebags like the CWS affiliates use is trick you into visiting one site hoping you're running a vulnerable browser (or a vulnerable gava virtual machine), etc. They can't do much, if anything, by just trying to exploit by randomly picking IP addresses.

Servers are a whole different matter, they usually run quite a few more services, so if one of these is vulnerable, the machine can be compromised more easily.

-{ Quote: "I read that real hackers don't need trojans, they only need to know your IP address. If that's true, wouldn't a good software firewall prevent this exploit?" }-
An IP address could be a starting point and yes a firewall will protect you. As TNT noted, unless you are running exposed and exploitable services you should have nothing to worry about. With no services/ports exposed a firewall will block unsolicited inbound traffic.

Regards,

CrazyM

yup it's called NAT...Network Address Translation

-{ Quote: "yup it's called NAT...Network Address Translation" }-

HUH? What do you mean?

Snagged kinda answered the question himself! a firewall would be the answer. One feature routers/firewalls have is called NAT (Network Address Translation). There's a public ip adress and private ip address. Public is what can be seen online (for example it's what your isp gave you). If my pc is directly connected to a modem, then i get assigned its ip address which is public...meaning anyone can pretty much see my ip address online. On the other hand, if one is behind a router or a firewall which uses NAT. It will not assign me my public ip address but instead assign me an ip address in the private range

10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255,

which is added security since private ip's are not routable across the internet. So if someone obtains my public ip adress, he/she still woudlnt know my pc's ip address because im behind Router/firewall that is using NAT.

It's more complicated than that but thats one of the features of NAT. You prolly dont notice it but thats what your router does. Not to confuse you, you still use your public ip but it's masqueraded when using NAT.

Sounds like I need to get a router. Thanks for the informative replies.