Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Re: Privacy/Security: How to change my IP address daily or weekly on DSL

Reply
Thread Tools

Re: Privacy/Security: How to change my IP address daily or weekly on DSL

 
 
#2 Aluxe
Guest
Posts: n/a
 
      10-19-2006
On Wed, 18 Oct 2006 18:29:56 GMT, Stuart Miller wrote:
> There is a lot of interesting technical discussion here, but I would like to
> take a different approach
> From all the posts here and on the 'firewall' newsgroup, I believe I
> understand what Aluxe is after.

....
> [changing the IP address] has nothing to do with security, but does grant a measure of privacy.
> Comments?


Hi Stuart Miller,

Thank you. Thank you. Thank you.
Thank you for being a voice of technical reason here.
I agree, we are not talking about security (that was my fault for equating
sescurity to privacy in the original subject line) as you fully understand.

We are only talking about a simple additive action to privacy.

I think (by now), we have definately established (especially in the case of
the tattletale NNTP posting host) that changing the IP address is additive
to privacy.

Thank you for understanding the request and for posting thoughts that
others can comment upon (as I am doing now).

I think we've established (not without argument):
a) The MAC address tattletale bit isn't subtractive to privacy.
b) Changing the MAC address is sometimes additive to privacy.
c) Changing the IP address is sometimes additive to privacy.
d) Changing the MAC address is trivial (takes five seconds).
e) Changing the IP address could be trivial (we're testing now).

I wonder how many of us knew this before this post?
I certainly did not so I thank all of you for edifying all of us.
More facts need to be ascertained; but this is a great start!
 
Reply With Quote
 
 
 
 
#2 Aluxe
Guest
Posts: n/a
 
      10-19-2006
On Thu, 19 Oct 2006 07:37:41 GMT, #2 Aluxe wrote:
> I wonder how many of us knew this before this post?
> I certainly did not so I thank all of you for edifying all of us.
> More facts need to be ascertained; but this is a great start!


Well, after a few posts using Outlook Express, Agent, & Xnews, I've come to
the conclusion it's the ISP who is adding the modem's IP address to the
NNTP Posting Host. Sigh.

Please prove me wrong because I'd so very much like it to not be so.
 
Reply With Quote
 
 
 
 
Chris F Clark
Guest
Posts: n/a
 
      10-19-2006
How the NNTP psting host gets added to the post is dependent on the
software that injects the posting into the newsfeed. This software is
probably at your ISP, which means they get to set the policy of how it
is set. If you want to truly change it, you need to either find an
ISP specific solution, or use a different method of getting your news
into the newsfeed. Whether there exists an ISP specific solution,
depends on your ISP. For example, my ISP does not associate my
postings with my computer--in fact, it doesn't even know the name, IP,
or MAC address of my computer.

Now, when I talk about my ISP (The World), I'm not talking about my
cable provider, which is what connects my home to the (and does know
my computers IP and MAC address) internet, nor the way my work setup
is connected to the internet either. I am talking about a specifc
company that provides exactly the service of getting mail and news
from the internet and posting news onto the internet--thus I should
probably really call it my mail/news service provider. I do that for
exactly the opposite reason of what you are asking for, so that I have
a well know address that people can reach me at that doesn't change
over the years. However, one could use it to get what you want
privacy.

I have also used "free email" addresses to get something closer to the
anonymity you are seeking. Those are relatively effective. You can
use those to create postings, if you learn how, and if so, you are
likely to be mostly anonymous, and your posting won't be easily
(i.e. by your kids) tracked back to you, unless they hire a
professional.

If they hire a professional to track down your information, you aren't
likely to be able to get the privacy you desire. (So, for instance, if
you are cheating on your husband, he will find that information out,
even if you try to keep it private. Noreover, he will find out not
via tracking your internet posting IPs. As they say, been there, done
that.) You should also assume that most "kooks" are capable of doing
what professionals do.

In other words, a motivated person can break your privacy shield. An
unmotivated person will probably never know (nor care that) you are
trying to keep something private. There are simple things that can
assist your privacy. Using a free email service to create a
"disposable" email address is one of them. Trying to hide your home
computers posting address, is not one of them. If you want to
disassociate from some posting, DON'T DO IT FROM YOUR HOME COMPUTER.

If you are ashamed of your previous postings, sorry it is too late.
You are better off figuring out how to deal with your choices of
actions, rather than trying to hide from them.

You keep trying the attention of this thread on how to hide your
IP/NNTP posting host. You may or may not be able to do that via an
ISP specific solution. Most DSL modems and routers aren't designed to
make it easy for you to change their IP address by forcing them to
renew it. Keeping the IP address constant is an efficiency issue. It
is generally more useful to keep the address constant, than it is to
change it. However, with a server that has more potential modems
connected than addresses, it is useful to "release" addresses of
modems that aren't connected, because the assumption is that most
modems are not connected, because they can't all be connected, given
that there aren't enough addresses. Therefore, your ISP may recycle
IP addresses, to serve a large community with fewer resources. Still,
that is for their benefit not yours, and how often they recycle
addresses may (or may not) be something you can influence. You can
play with your modem settings (and it is more likely the modem
settings if you have a separate modem and router--note my modem has NO
user configurable settings). However, even if you change them, you may
have to turn your modem off to get it to release the IP address.
Moorever, your IP may reassign the same IP address when your modem is
turned back on, if that is convenient to them, and quite likely will
give you the same address if your modem is off for a sufficiently
short period of time.

Note, if your modem has a MAC address, I defintely recommend NOT
trying to change that. It is quite likely that your ISP keeps a list
of the valid MAC addresses for the modems connected to its service,
and only allows those MAC addresses to connect. By the way, many ISPs
use the MAC address of the first "computer" (or router) after the
modem as the address they keep in their database (at least that's what
my last 3 cable providers have done). That's one of the reasons many
home routers allow one to override the hardwired MAC address, so that
one can make it look like the computer the network was originally
"provisioned" for. Thus, I wouldn't change the routers MAC address
either.

However, the key point of all of this, is that if you want your
postings/email to come from a different address, then do that. Use a
different way of injecting your eamil/news into the web rather than
simply posting from your home. However, don't try to achieve that by
fiddling with your local computers IP address. Wrong solution to the
problem.

Hope this helps,
-Chris

************************************************** ***************************
Chris Clark Internet : http://www.velocityreviews.com/forums/(E-Mail Removed)
Compiler Resources, Inc. Web Site : http://world.std.com/~compres
23 Bailey Rd voice : (50 435-5016
Berlin, MA 01503 USA fax : (97 838-0263 (24 hours)
------------------------------------------------------------------------------

 
Reply With Quote
 
Aluxe
Guest
Posts: n/a
 
      10-19-2006
On Thu, 19 Oct 2006 13:46:15 -0400, Chris F Clark wrote:

Hi Chris,

Wow again. You are obviously tuned to the realities here.
Thank you again for being cogent and coherent.

I know I will accomplish the desired task (which is simply to change the IP
address nightly automagically with even less effort than I do today) and
with your help, I may soon be able to (and that of kingthorin, Dana, Duane,
etc.).

This is a worthwhile task as once set up, there is absolutely no additional
effort and a measurable gain (for me, but, not for most of you as you don't
have this problem so you don't see the advantages).

All it takes is understanding the system.

Yet, for some strange reason, we're still "discussing" the why so, to give
you the courtesy you extended to me, I'll briefly highlight where we agree
and disagree below ...

> How the NNTP psting host gets added to the post is dependent on the
> software that injects the posting into the newsfeed. This software is
> probably at your ISP


Yes. I learned that from this thread that it was pointless to try to change
my software or my software settings as the ISP always uses my DHCP assigned
IP address as my public NNTP posting host. Sigh. I was wasting my time
changing newsreaders. Thank you all for helping me come to that conclusion.

> If you want to truly change it, you need to either find an
> ISP specific solution, or use a different method of getting your news
> into the newsfeed.


This thread is all about the former and not about the latter. Thank you all
for helping me find an ISP-specific solution to my particular dilemma
(which most of you do not have).

> For example, my ISP does not associate my
> postings with my computer--in fact, it doesn't even know the name, IP,
> or MAC address of my computer.\


Yes. I learned this from most of you on this thread. I appreciate you
informing me of this as I didn't realize that the users' assigned IP
address wasn't broadcast to the while world on every post for most users.
It just is broadcast on all MY posts! I now understand this better, thanks
to all of you.

> I do that for exactly the opposite reason of what you are asking for,
> so that I have a well know address that people can reach me at that
> doesn't change over the years.


Huh? You want the same IP address for years? I guess that's fine if you're
running a web server or an ftp account. But, why not just use the same
identifying name and email address (however bogus) if you want people to
reach you via the usenet nntp newsgroups?

Even if you are running a web server ... isn't the "domain name" sufficient
for people to reach you over the years? I don't see anything wrong with a
constant IP address in this situation ... but why is a constant IP address
for years a requirement?

In fact, 90% of the posters here say the IP address is irrelevant!
So, why do you require the same IP address (which is the real topic here)
for years? This confuses me.

> However, one could use it to get what you want privacy.

Yes. We agree. I want a different IP address each day attached to my posts.
I can keep the same bogus name and email address (I used to use my real
name and address but spammers long ago put an end to that).

Again, you're proving my point (I know you understood). The IP address
isn't what "connects" me to the users. Heck, you've been conversing with me
and I've been changing my IP address every day so far. It hasn't stopped
this conversation (some wish it would though ...

> I have also used "free email" addresses to get something closer to the
> anonymity you are seeking. Those are relatively effective.


So have I. I have learned how to get hotmail accounts, for example, in the
first pass, almost every time. (Most people don't know Yak.)

> If they hire a professional to track down your information, you aren't
> likely to be able to get the privacy you desire.


I agree. Time and time (and time) again, I have said that all I am looking
for is a ROI on the ability to not have my assigned IP address plastered
all over the Internet, the same IP address day after day.

Currently I accomplish that task by rebooting the router. If this was a
hugely beneficial thing, I wouldn't mind. But, it's just one small step.
So, THAT is why I'm trying to automate that one small step. To improve the
ROI by lowering the I.

If my experiment (kindly suggested in this newsgroup) of changing the
router settings to dial into the PPPoE account on demand, finally works
tonight, we'll be done!

> If you are cheating on your husband, he will find that information out,
> even if you try to keep it private. Noreover, he will find out not
> via tracking your internet posting IPs. As they say, been there, done
> that.)


I fully agree. You might not be amazed at what I can find out about you in
about two minutes if your address you posted is actually valid - but many
others might be.

Not only can I find out all about you, but all about your neighbors and
their kin. And the layout of your and their house, how many bedrooms,
square feet, when and how much you bought it, and a photo of your back
yard, and, given a few hours, your automobile license plate, where you
work, social security death benefits of your next of kin, photos of your
kids at school, yada yada yada.

This question was never about that.

Understand the whole "husband" thing was merely a made-up example to give
the honest answer to the many questions of "why" without actually giving
out any real private information. Does anyone really think any of the
information in my post, other than the obvious technical data, is real?

End result ... no need to worry about my "husband" ... whomever he may be.

> You keep trying the attention of this thread on how to hide your
> IP/NNTP posting host. You may or may not be able to do that via an
> ISP specific solution. Most DSL modems and routers aren't designed to
> make it easy for you to change their IP address by forcing them to
> renew it. Keeping the IP address constant is an efficiency issue.


Now we're getting to the meat of the issue! Your whole discussion here was
enlightening. It didn't solve the problem; but it helped greatly to
understand the situation and the interesting perspective of the ISP.

> Moorever, your IP may reassign the same IP address when your modem is
> turned back on, if that is convenient to them, and quite likely will
> give you the same address if your modem is off for a sufficiently
> short period of time.


Yep. Both happen all the time. Even more so now that I've set the router to
PPPoE in on demand after a fifteen-minute idle time.

> Note, if your modem has a MAC address, I defintely recommend NOT
> trying to change that. It is quite likely that your ISP keeps a list
> of the valid MAC addresses for the modems connected to its service,
> and only allows those MAC addresses to connect.


Hmmmm... I never even thought about changing the MAC address of the modem
.... hmmmm...

> Thus, I wouldn't change the routers MAC address either.


Too late. I changed the router's MAC address multiple times already since
the start of this thread while experimenting on the effects. My ISP hasn't
booted me off yet but there have been no other effects to date.

> However, the key point of all of this, is that if you want your
> postings/email to come from a different address, then do that. Use a
> different way of injecting your eamil/news into the web rather than
> simply posting from your home. However, don't try to achieve that by
> fiddling with your local computers IP address. Wrong solution to the
> problem.


Here, in your final point, we must agree to disagree.
Currently, the only cost of changing the address that associates me with
every post is I have to manually unplug and replug my router.

If the settings recommended by this newsgroup are correct, I won't even
have to do that tomorrow.

So, basically for free (once the settings work automatically), I believe it
is additive to my privacy (in a way that is greater than the investment,
which, over time, approaches zero).

What's wrong with a bunch of little privacy steps, each one of which, over
time, approaches an investment of zero yet which provides, over time, a
constant additive benefit - this just being one of them?
 
Reply With Quote
 
Chris F Clark
Guest
Posts: n/a
 
      10-19-2006
Aluxe <(E-Mail Removed)> writes:

> Huh? You want the same IP address for years? I guess that's fine if you're
> running a web server or an ftp account. But, why not just use the same
> identifying name and email address (however bogus) if you want people to
> reach you via the usenet nntp newsgroups?


No, I want my posts to all be linked, so I use the same host/user id
on all of them (to the extent to which that is possible). It turns
out, that my method of doing so, also happens to give them all the
same NNTP posting host IP (or roughly the same one), or probably does
so; the newsreader software I use doesn't by default show the NNTP
posting host, so I've never looked. However, since I know that the
particular ISP I use has a specific machine and IP address set up as
their host for each function (i.e. there used to be a machine named
ftp.world.std.com at a specific IP address that was the FTP server), I
would be surprised if NNTP host IP weren't constant.

I know that one of the addresses to that host is 192.74.137.5 (that's
the one that accepts ssh connections), because I use that to access
that host when I'm behind a firewall that doesn't know how to do the
name lookup properly, and I need to reach the site by IP address. So,
to answer your question round-aboutly, yes, I do want the address to
be constant over long periods of time, so that I can find the site,
using information I remember. Other than that, I don't care about IP
addresses. They are really like numbers on mailboxes. If you see the
name of the box, you probably don't care about the number. If you
know the number, you don't have to remember the name. (And if you
want something more private, you get a mailbox at the post office,
rather than having it delivered to your home, but that point has been
made to death.)

If I could (easily and cheaply) get an accessible permanent IP address
for my home machine, I would. Then I could use ssh (and rdp) to my
home machine, and that would make my life more convenient, which is
the whole point of IP addresses. However, just as spammers keep you
from using your real email address, hackers keep me from letting
outside traffic onto my home net. And without the ability to get past
my firewall, having the firewall at a known address does me no good.
I don't even know what my cable provider calls my home network,
because there is no use for that information, you can't send traffic
to it (and get past the firewall).

Again, this has nothing to do with your anonymity concerns.
Hopefully, it gives you a better picture of IP addresses and what they
are for, and why when we thought you wanted security, we said changing
it wouldn't help.

I'm still not certain that changing it helps you anaonymity by very
much. Have you searched to see how many postings other than your own
have come from the same IP address(es)? If all the posting associated
with your IP addresses come from you, then perhaps your concern is
valid. If you are merely one of many, then changing your IP address
is not likely to be a benefit.

Note if you are the only one posting with some specific IP addresses,
even if you can get new ones, you still may be the only one posting
from that set--your ISP doesn't have an infinite set of addresses it
can hand to you. (In fact, it is the smallness of the set, that
causes the ISP to hand you new ones. They don't have enough IP
addresses to cover all their customers. If they did, they would just
hand out static IP addresses, like the IP address for world.std.com
above.) Thus, you may find all your postings, even with new IP
addresses, come from a small set of IP addresses that no one else ever
posts from.

Does this help explain that even if the I is small, so may be the R in
the ROI equation? To be anonymous, there must be someone else who
looks similar enough that you can plasuibly say, it wasn't me, it was
him. To be truly anonymous, there must be many others like that.

The point is I don't want you getting a false sense of security. You
may still not be as anonymous as you hope.

Hope this helps,
-Chris

************************************************** ***************************
Chris Clark Internet : (E-Mail Removed)
Compiler Resources, Inc. Web Site : http://world.std.com/~compres
23 Bailey Rd voice : (50 435-5016
Berlin, MA 01503 USA fax : (97 838-0263 (24 hours)
------------------------------------------------------------------------------
 
Reply With Quote
 
Aluxe
Guest
Posts: n/a
 
      10-19-2006
On Thu, 19 Oct 2006 17:15:31 -0400, Chris F Clark wrote:
> Does this help explain that even if the I is small, so may be the R in
> the ROI equation? To be anonymous, there must be someone else who
> looks similar enough that you can plasuibly say, it wasn't me, it was
> him. To be truly anonymous, there must be many others like that.
>
> The point is I don't want you getting a false sense of security. You
> may still not be as anonymous as you hope.


Hi Chris Clark.

You must be an amazing guy!

More good points in your yet again well thought out response. I'm amazed
you have taught me something for the third time ... (much of what has been
said up 'till now has been repeats of the same thing).

I must admit, despite the fact I said previosly any script kiddie could
write the program, I don't have the facilities (nor inclination) to spit
out all the archived nntp messages on google to then search the headers for
my NNTP posting host to then compare to see how often my unique header
shows up.

Which, in a way, makes your (and others') point in that it's just not worth
the effort. Yes. Unless that program were written by someone (it probably
has been written ... we just don't know about it).

Once the program is written, then it would be trivial to do what you
suggested I try.

This isn't too off topic to ask:

RELATED QUESTION:
Does anyone know of a freeware program, already written, that will search
archived google posts (given a start/stop date) to spit out those posts
which have a given NNTP posting host?

Note: Please no wisecracks saying "google" (as google does NOT apparently
index the NNTP posting host as far as my tests can tell).
 
Reply With Quote
 
Stuart Miller
Guest
Posts: n/a
 
      10-20-2006

"#2 Aluxe" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Wed, 18 Oct 2006 18:29:56 GMT, Stuart Miller wrote:
>> There is a lot of interesting technical discussion here, but I would like
>> to
>> take a different approach
>> From all the posts here and on the 'firewall' newsgroup, I believe I
>> understand what Aluxe is after.

> ...
>> [changing the IP address] has nothing to do with security, but does grant
>> a measure of privacy.
>> Comments?

>
> Hi Stuart Miller,
>
> Thank you. Thank you. Thank you.
> Thank you for being a voice of technical reason here.
> I agree, we are not talking about security (that was my fault for equating
> sescurity to privacy in the original subject line) as you fully
> understand.
>
> We are only talking about a simple additive action to privacy.
>

Agreed

But I will give you a few more things to ponder - some of these are
referenced in other parts of this thread, but I am not going to locate those
references.

1. IP address
I do not believe you can separate two or three 'aspects' of you life by a
change in IP address.
I mentioned one solution, another may be easily available
I have an old cable modem - circa 1999 or 2000. It goes back to the days
before an affordable home router/firewall. It is smart enough to support 4
different IP addresses - you connect the rj45 plug on the modem to the
uplink pulg of a hub, and each unit (computer or router) plugs into the hub
and takes an IP address from the router. This is how the cable co allowed
multiple computers on one cable connection. They allow 2 free addresses, and
so much a month for each additional one. This method is documented on their
web site.
If you have this capability, you have your privacy. You can post your
personal stuff on a simple, slow (under $100) machine on one IP address, and
your real stuff on your regular machine.
I know this works, because I have a linux web server on one, and my router
which feeds the other 5 machines here on the other.

2. Web servers
As mentioned above, I run a hobby apache/linux web server. I did this partly
to learn about html & web site design, partly to learn linux, and partly to
learn about internet security from the other side.
Yes, I do log the IP address of every visitor, along with how they got to my
site, and whatever else their browser will tell me. I record each web page
they visit. I keep the logs about 6 months
When I allow a POST operation, I record that it happened, but I do not log
the contents at the server level - the application (message board, blog,
perl/cgi script, or whatever) does that.
Some places like message boards and Yahoo chat announce that they are
recording IP addresses, some don't announce but they all do some form of
recording.
Other replies have explained how to work with that.

Also as mentioned, sone sites (usually ad based) link back to your computer
with 'persistent connections'. They have figured out how to send to you -
that is the way they get the pop up ads to appear. Since the whole proxy
server business is to prevent that, any time you get a pop up you may have
been 'id'ed. In addition, you may not get your idle time. When I had isdn
service here, I logged sites calling my browsers for hours after I had
closed the browser. The job of the 'bot was to keep the connection active so
the site could get the ads to me faster. For a few years I 'owned' a block
of 8 IP addresses - gave me a static address with no means to change it even
if I wanted to. It had problems, because the 'bots could always find me.


3. The need for privacy
We have covered the lack of privacy in the internet fairly well - that is
the price we pay for using that medium for communication.
What about privcy at home? Without enquiring into you family situation, I
will just remind you that windoze records all kinds of things in all kind of
hidden places. And NO, I will not discuss what and where those are. You
should consider some steps to secure the information hidden on your
computer.
I repair/recondition donated equipment for disability organization - it is
amazing (sometimes disgusting) what I find on these machines.

For me it is easy - anything sensitive gets done on the linux machines.

4. IP addresses
My experience is that the IP address is tied to (amongst other things) the
MAC address. When I change the NIC in an older machine connected directly, I
get a new IP address. When I put the old NIC back in, I get the one I had
before. When I clone the MAC address with the router, it gives me the IP
address that the NIC had. I have about 20 old NIC cards here - that would
give me a fair pool of addresses to clone if I wanted to change IP addresses
frequently. When I upgraded my web server, I make sure that the NIC moved
into the new machine, so I kept the same IP address.

One reason for dynamic IP addresses is to prevent home users from setting up
a permanent business web server. The cable co figures that as long as the IP
address will change frequently (in my case, about twice a year) that will
make it much more difficult to use a home account for business use. Lets
avoid the topic of dns forwarding.

As mentioned, your ISP has a pool of IP numbers available to 'lease' You may
find you are circulating amongst the same 5 or 10 numbers when you keep
changing. And you may get an IP number that has been flagged by the crackers
as being 'open' for attacks.


Cable/ADSL

Different technologies - different restrictions. Cable can give you multiple
IP addresses for one account, but as far as I know, ADSL can not. Also, ADSL
requires you to register your MAC address before you get an IP number. New
MAC address - 30 min to 1 hour to get it 'registered'

Some considerations for you.

Stuart




 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Privacy/Security: How to change my IP address daily or weekly on DSL Aluxe Computer Security 21 10-26-2006 01:50 PM
Re: Privacy/Security: How to change my IP address daily or weekly on DSL Aluxe Computer Security 46 10-21-2006 10:04 AM
Re: Privacy/Security: How to change my IP address daily or weekly on DSL Aluxe Computer Security 13 10-19-2006 10:18 PM
Re: Privacy/Security: How to change my IP address daily or weekly on DSL #2 Aluxe Computer Security 16 10-19-2006 04:19 PM
Re: Privacy/Security: How to change my IP address daily or weekly on DSL Aluxe Computer Security 11 10-18-2006 11:30 PM



Advertisments