Why is it possible that your ISP can be figured out from your ISP. From my vague understanding its due to it being a public address, then you can take the address and track it from a pool and say hey this company owns the address. Why though doesn't that alone seem like a major security flaw. 1st reason I'm so confused is hardware flaws. If I say hey lets attack these people that use x company I can find out what hardware the company typically issues out. What are the flaws associated with the hardware etc. People dont replace their modems often if ever not sure all the risk thats posed with that for sure my self but I'm sure theres something you can work with in terms of that. 2nd is more large scale and something I find more troubling. Just as a hypothetical lets say I'm Russia and I just want to hit as many people as possible in the US. Time down with the internet = money lossed. Bot users ISPs track what the top providers of users in important areas of DC and lets say wall street are. never attack a device directly and just push an attack on those ISP's doing whatever you'd have to, to bring service down for those areas for X amount of time. I would assume this would be less of a risk attack wise but I may be wrong. Granted on one hand attack 1000000s of computers risking leaving a trail etc or attack people that might actually know what to do in the event. To be fair I think attacking a company directly is safer than tons of pcs I'm either will get figured out eventually odds are but seems like managing an attack on a handful of computers or networks would be easier than tons of them. Also doing this would surely cost a significant amount of money to be lost just even in an hour among all sorts of other issues. Let alone if its something they could just repeatively do its not like any network is ever really secure. Like correct me if I'm wrong but if someone really really wanted to attack literally anyone if they're connected to the internet its just a matter of time right? So it just confuses me why is that even a thing or an option to think about? Why do we have the ability to track ISPs off IPs I guess the whole botting to find x providers in an area probably isn't realistic but if I was gonna cause that much trouble and put myself at that much risk why not make sure its worth something ahead of time? Also are ISPs responsible for that from the hardware side if its them providing a modem and that modem inheritly has a flaw. Is the hardware even really a concern without a pre-existing breach? Sorry for the spazzy question just saw the weirdest pop up today first time seeing a scam that threw my ISP in my face weirdest part is it was using the ISP's old name. Basically though do we have to allow this to be something that can be tracked so easily is there no other option?