An attacker can obtain the IP address of a remote system using a number of different techniques. Some of the most popular enumeration techniques include such type:
Instant messaging software
HTTP and scripting methods
Internet Relay Chat (IRC)
A technique commonly employed by system administrators is remapping ports. That is instead of running a service on a well-known port where it can easily be exploited, a system administrator will run the service on a lesser-known port, making it more difficult for hackers to find that service (Another reason system administrators remap ports is because, on the UNIX system, one must have root privileges in order to able to listen to a port under 1024.) For example, a system administrator might remap HTTP from Port80 (the default) to port 8080. In that case, a page hosted on the server in question would be located at http://domain.com:8080 instead of http://domain.com:80. The port used for remapping is usually chosen to keep in mind the ports at which the service being remapped would be running by default, for example, by default, POP runs on port 110 if you were to remap it however you might choose port 1010,11000,1111 or something similar. Alternatively, some system administrators like to choose port numbers in the following manner: 1234,2345,3456,4567, and so on.