Re: Privacy/Security: How to change my IP address daily or weekly on DSL

Discussion in 'Computer Security' started by Aluxe, Oct 17, 2006.

  1. Aluxe

    Aluxe Guest

    On Tue, 17 Oct 2006 19:58:19 GMT, David H. Lipman wrote:
    > All of your subject matter is on COMSEC and alt.computer.security is the ONLY News Group
    > you need to post to.
    >

    Hi David,
    I don't know what a COMSEC is but I will look it up.
     
    Aluxe, Oct 17, 2006
    #1
    1. Advertising

  2. Aluxe

    Dana Guest

    "Aluxe" <> wrote in message
    news:1g5u1r8q8ztgp$...
    > On Tue, 17 Oct 2006 19:58:19 GMT, David H. Lipman wrote:
    > > All of your subject matter is on COMSEC and alt.computer.security is

    the ONLY News Group
    > > you need to post to.
    > >

    > Hi David,
    > I don't know what a COMSEC is but I will look it up.


    Communication security.
    Crypto and all that fancy stuff.
    Very interesting stuff by the way, especially in the signal intelligence
    side of the house.
    If you are paranoid about your ISP address, you do not want to know what can
    be done by signals intelligence, and other forms of electronic warfare and
    electroncic countermeasures.
     
    Dana, Oct 17, 2006
    #2
    1. Advertising

  3. From: "Dana" <>

    |
    | "Aluxe" <> wrote in message
    | news:1g5u1r8q8ztgp$...
    >> On Tue, 17 Oct 2006 19:58:19 GMT, David H. Lipman wrote:
    >>> All of your subject matter is on COMSEC and alt.computer.security is

    | the ONLY News Group
    >>> you need to post to.
    >>>

    >> Hi David,
    >> I don't know what a COMSEC is but I will look it up.

    |
    | Communication security.
    | Crypto and all that fancy stuff.
    | Very interesting stuff by the way, especially in the signal intelligence
    | side of the house.
    | If you are paranoid about your ISP address, you do not want to know what can
    | be done by signals intelligence, and other forms of electronic warfare and
    | electroncic countermeasures.
    |

    Make him even MORE pranoid. Tell him about Tempest Monitoring :)

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
     
    David H. Lipman, Oct 17, 2006
    #3
  4. Aluxe

    Dana Guest

    "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
    news:%RbZg.3467$4T6.993@trnddc02...
    > From: "Dana" <>
    >
    > |
    > | "Aluxe" <> wrote in message
    > | news:1g5u1r8q8ztgp$...
    > >> On Tue, 17 Oct 2006 19:58:19 GMT, David H. Lipman wrote:
    > >>> All of your subject matter is on COMSEC and alt.computer.security is

    > | the ONLY News Group
    > >>> you need to post to.
    > >>>
    > >> Hi David,
    > >> I don't know what a COMSEC is but I will look it up.

    > |
    > | Communication security.
    > | Crypto and all that fancy stuff.
    > | Very interesting stuff by the way, especially in the signal intelligence
    > | side of the house.
    > | If you are paranoid about your ISP address, you do not want to know what

    can
    > | be done by signals intelligence, and other forms of electronic warfare

    and
    > | electroncic countermeasures.
    > |
    >
    > Make him even MORE pranoid. Tell him about Tempest Monitoring :)


    Now he is going to shield his house with lead.

    >
    > --
    > Dave
    > http://www.claymania.com/removal-trojan-adware.html
    > http://www.ik-cs.com/got-a-virus.htm
    >
    >
     
    Dana, Oct 17, 2006
    #4
  5. Aluxe

    Aluxe Guest

    On Tue, 17 Oct 2006 13:06:37 -0800, Dana wrote:
    > If you are paranoid about your ISP address, you do not want to know what can
    > be done by signals intelligence, and other forms of electronic warfare and
    > electroncic countermeasures.


    Yes. Indeed. I read that stuff about driving around sniffing everyone's WEP
    security out. Apparently it's trivial for my neighbor to read all my
    communications. Sigh.
     
    Aluxe, Oct 18, 2006
    #5
  6. Aluxe

    Aluxe Guest

    On Tue, 17 Oct 2006 21:24:11 GMT, David H. Lipman wrote:
    > Make him even MORE pranoid. Tell him about Tempest Monitoring :)


    Oh my.

    Apparently, unless I drape a wire mesh over my computer monitor, anyone can
    read what I am typing from 300 yards away with just 100 dollars of common
    equipment!

    http://bss.sfsu.edu/fischer/IR 360/Readings/tempest.htm
     
    Aluxe, Oct 18, 2006
    #6
  7. Aluxe

    Aluxe Guest

    On Tue, 17 Oct 2006 14:08:29 -0800, Dana wrote:
    >> Make him even MORE pranoid. Tell him about Tempest Monitoring :)

    >
    > Now he is going to shield his house with lead.


    Wouldn't a simple wire-mesh screen suffice?

    Luckily, most of the radiation eminates from monitors (according to what I
    just read), and not from portable PC screens without any wires attached to
    act as antennae.

    Seems to me we could create a light conductive cloth (carbon fiber?) which
    we could drape over the screen to prevent these tell tale emissions.

    I'm going outside now to check the trucks parked on the street to see if
    any have an antenna ... :)
     
    Aluxe, Oct 18, 2006
    #7
  8. Aluxe

    jason Guest

    Re: Privacy/Security: How to change my IP address daily or weeklyon DSL

    Aluxe wrote:
    > On Tue, 17 Oct 2006 21:24:11 GMT, David H. Lipman wrote:
    >
    >>Make him even MORE pranoid. Tell him about Tempest Monitoring :)

    >
    >
    > Oh my.
    >
    > Apparently, unless I drape a wire mesh over my computer monitor, anyone can
    > read what I am typing from 300 yards away with just 100 dollars of common
    > equipment!
    >
    > http://bss.sfsu.edu/fischer/IR 360/Readings/tempest.htm


    You need to change your meds Aluxe.
     
    jason, Oct 18, 2006
    #8
  9. "Aluxe" <> wrote in message
    news:1g5u1r8q8ztgp$...
    > On Tue, 17 Oct 2006 19:58:19 GMT, David H. Lipman wrote:
    >> All of your subject matter is on COMSEC and alt.computer.security is
    >> the ONLY News Group
    >> you need to post to.
    >>

    > Hi David,
    > I don't know what a COMSEC is but I will look it up.


    There is a lot of interesting technical discussion here, but I would like to
    take a different approach
    From all the posts here and on the 'firewall' newsgroup, I believe I
    understand what Aluxe is after.

    Certainly we can trace posts here by screen name or IP (of the router) , and
    if the IP changes it would make it more difficult to correlate posts if made
    under a different name.
    When we post, we expect that our message will be read, and the consequence
    of that is that we identify ourselves to some degree. Some of us hide our
    e-mail address - I don't mind if mine shows.

    There was mention made of posts to 'personals' type groups, and not wishing
    these posts to be correlated with technical posts. The use of different
    'screen names' helps. But there is still the matter of IP address.
    Somebody could determine my IP address, and scan all usenet posts for today
    and discover that I also posted to the 'windows98' group, because a post
    there had the same IP address, even if it was under a different name. If I
    had used a different screen name AND had changed my IP address, that
    correlation could not be made.
    It is worth noting that nobody 'owns' a usenet screen name - I have seen the
    same name used by different posters. Therefore posts having the same 'screen
    name' suggests but does not proove that they were made by the same person.

    It would appear that, in order to cover ones tracks for this scenario, one
    would have to do the technical (public) posts from home and either use a
    different name with dial up, a public computer, or take the laptop to a
    hotspot for the 'personals' posts. These can still be traced to some degree,
    but with normal tools could not correlate the technical poster with the
    'personals' poster.

    This has nothing to do with security, but does grant a measure of privacy.

    Comments?
     
    Stuart Miller, Oct 18, 2006
    #9
  10. Aluxe

    Dana Guest

    "Stuart Miller" <> wrote in message
    news:EouZg.161589$R63.41013@pd7urf1no...
    >
    > "Aluxe" <> wrote in message
    > news:1g5u1r8q8ztgp$...
    > > On Tue, 17 Oct 2006 19:58:19 GMT, David H. Lipman wrote:
    > >> All of your subject matter is on COMSEC and alt.computer.security is
    > >> the ONLY News Group
    > >> you need to post to.
    > >>

    > > Hi David,
    > > I don't know what a COMSEC is but I will look it up.

    >
    > There is a lot of interesting technical discussion here, but I would like

    to
    > take a different approach
    > From all the posts here and on the 'firewall' newsgroup, I believe I
    > understand what Aluxe is after.
    >
    > Certainly we can trace posts here by screen name or IP (of the router) ,

    and
    > if the IP changes it would make it more difficult to correlate posts if

    made
    > under a different name.
    > When we post, we expect that our message will be read, and the consequence
    > of that is that we identify ourselves to some degree. Some of us hide our
    > e-mail address - I don't mind if mine shows.
    >
    > There was mention made of posts to 'personals' type groups, and not

    wishing
    > these posts to be correlated with technical posts. The use of different
    > 'screen names' helps. But there is still the matter of IP address.
    > Somebody could determine my IP address, and scan all usenet posts for

    today
    > and discover that I also posted to the 'windows98' group, because a post
    > there had the same IP address, even if it was under a different name. If I
    > had used a different screen name AND had changed my IP address, that
    > correlation could not be made.
    > It is worth noting that nobody 'owns' a usenet screen name - I have seen

    the
    > same name used by different posters. Therefore posts having the same

    'screen
    > name' suggests but does not proove that they were made by the same person.
    >
    > It would appear that, in order to cover ones tracks for this scenario, one
    > would have to do the technical (public) posts from home and either use a
    > different name with dial up, a public computer, or take the laptop to a
    > hotspot for the 'personals' posts. These can still be traced to some

    degree,
    > but with normal tools could not correlate the technical poster with the
    > 'personals' poster.
    >
    > This has nothing to do with security, but does grant a measure of privacy.
    >
    > Comments?


    Interesting remarks. Especially when we now see that the FBI wants to force
    the ISP's to track the users of their systems.
    So what to do about privacy. Concerning your broadband connection to an ISP,
    the cable/dsl modem would be the device used to identify you to the system.
    This address while it probably can be changed, would probably result in the
    ISP blocking your access, as now that address does not match their records.
    So realizing that you cannot change that address, changing your own
    computers address really does no good, as you could still be identified just
    because of your connection to the broadband service. Using a dialup account
    may be a bit harder, but you would still have to provide some form of
    identification/authorization to log on, hence as a paying subscriber you
    really cannot avoid being identified.
    The free public hotspots, can remain free but I can see where in the future
    they may have you log in to use the system, the room for abuse here is
    large, so being tracked while using a free public hotspot may be difficult
    at best, unless the providers are forced to implement strict accountability
    procedures. I.E you have to show your drivers license to use the system, and
    your license number will be associated with the MAC you use to connect. But
    that takes a lot of oversight.
    So where does that leave people like the OP who desires more privacy.
    I see his only avenue would be to use proxy servers while surfing, and some
    premium news group posting service that strips his headers and uses there
    own headers as a way of remaining semi private.

    >
    >
     
    Dana, Oct 18, 2006
    #10
  11. Aluxe

    #2 Aluxe Guest

    On Wed, 18 Oct 2006 18:29:56 GMT, Stuart Miller wrote:
    > There is a lot of interesting technical discussion here, but I would like to
    > take a different approach
    > From all the posts here and on the 'firewall' newsgroup, I believe I
    > understand what Aluxe is after.

    ....
    > [changing the IP address] has nothing to do with security, but does grant a measure of privacy.
    > Comments?


    Hi Stuart Miller,

    Thank you. Thank you. Thank you.
    Thank you for being a voice of technical reason here.
    I agree, we are not talking about security (that was my fault for equating
    sescurity to privacy in the original subject line) as you fully understand.

    We are only talking about a simple additive action to privacy.

    I think (by now), we have definately established (especially in the case of
    the tattletale NNTP posting host) that changing the IP address is additive
    to privacy.

    Thank you for understanding the request and for posting thoughts that
    others can comment upon (as I am doing now).

    I think we've established (not without argument):
    a) The MAC address tattletale bit isn't subtractive to privacy.
    b) Changing the MAC address is sometimes additive to privacy.
    c) Changing the IP address is sometimes additive to privacy.
    d) Changing the MAC address is trivial (takes five seconds).
    e) Changing the IP address could be trivial (we're testing now).

    I wonder how many of us knew this before this post?
    I certainly did not so I thank all of you for edifying all of us.
    More facts need to be ascertained; but this is a great start!
     
    #2 Aluxe, Oct 19, 2006
    #11
  12. Aluxe

    #2 Aluxe Guest

    On Thu, 19 Oct 2006 07:37:41 GMT, #2 Aluxe wrote:
    > I wonder how many of us knew this before this post?
    > I certainly did not so I thank all of you for edifying all of us.
    > More facts need to be ascertained; but this is a great start!


    Well, after a few posts using Outlook Express, Agent, & Xnews, I've come to
    the conclusion it's the ISP who is adding the modem's IP address to the
    NNTP Posting Host. Sigh.

    Please prove me wrong because I'd so very much like it to not be so.
     
    #2 Aluxe, Oct 19, 2006
    #12
  13. How the NNTP psting host gets added to the post is dependent on the
    software that injects the posting into the newsfeed. This software is
    probably at your ISP, which means they get to set the policy of how it
    is set. If you want to truly change it, you need to either find an
    ISP specific solution, or use a different method of getting your news
    into the newsfeed. Whether there exists an ISP specific solution,
    depends on your ISP. For example, my ISP does not associate my
    postings with my computer--in fact, it doesn't even know the name, IP,
    or MAC address of my computer.

    Now, when I talk about my ISP (The World), I'm not talking about my
    cable provider, which is what connects my home to the (and does know
    my computers IP and MAC address) internet, nor the way my work setup
    is connected to the internet either. I am talking about a specifc
    company that provides exactly the service of getting mail and news
    from the internet and posting news onto the internet--thus I should
    probably really call it my mail/news service provider. I do that for
    exactly the opposite reason of what you are asking for, so that I have
    a well know address that people can reach me at that doesn't change
    over the years. However, one could use it to get what you want
    privacy.

    I have also used "free email" addresses to get something closer to the
    anonymity you are seeking. Those are relatively effective. You can
    use those to create postings, if you learn how, and if so, you are
    likely to be mostly anonymous, and your posting won't be easily
    (i.e. by your kids) tracked back to you, unless they hire a
    professional.

    If they hire a professional to track down your information, you aren't
    likely to be able to get the privacy you desire. (So, for instance, if
    you are cheating on your husband, he will find that information out,
    even if you try to keep it private. Noreover, he will find out not
    via tracking your internet posting IPs. As they say, been there, done
    that.) You should also assume that most "kooks" are capable of doing
    what professionals do.

    In other words, a motivated person can break your privacy shield. An
    unmotivated person will probably never know (nor care that) you are
    trying to keep something private. There are simple things that can
    assist your privacy. Using a free email service to create a
    "disposable" email address is one of them. Trying to hide your home
    computers posting address, is not one of them. If you want to
    disassociate from some posting, DON'T DO IT FROM YOUR HOME COMPUTER.

    If you are ashamed of your previous postings, sorry it is too late.
    You are better off figuring out how to deal with your choices of
    actions, rather than trying to hide from them.

    You keep trying the attention of this thread on how to hide your
    IP/NNTP posting host. You may or may not be able to do that via an
    ISP specific solution. Most DSL modems and routers aren't designed to
    make it easy for you to change their IP address by forcing them to
    renew it. Keeping the IP address constant is an efficiency issue. It
    is generally more useful to keep the address constant, than it is to
    change it. However, with a server that has more potential modems
    connected than addresses, it is useful to "release" addresses of
    modems that aren't connected, because the assumption is that most
    modems are not connected, because they can't all be connected, given
    that there aren't enough addresses. Therefore, your ISP may recycle
    IP addresses, to serve a large community with fewer resources. Still,
    that is for their benefit not yours, and how often they recycle
    addresses may (or may not) be something you can influence. You can
    play with your modem settings (and it is more likely the modem
    settings if you have a separate modem and router--note my modem has NO
    user configurable settings). However, even if you change them, you may
    have to turn your modem off to get it to release the IP address.
    Moorever, your IP may reassign the same IP address when your modem is
    turned back on, if that is convenient to them, and quite likely will
    give you the same address if your modem is off for a sufficiently
    short period of time.

    Note, if your modem has a MAC address, I defintely recommend NOT
    trying to change that. It is quite likely that your ISP keeps a list
    of the valid MAC addresses for the modems connected to its service,
    and only allows those MAC addresses to connect. By the way, many ISPs
    use the MAC address of the first "computer" (or router) after the
    modem as the address they keep in their database (at least that's what
    my last 3 cable providers have done). That's one of the reasons many
    home routers allow one to override the hardwired MAC address, so that
    one can make it look like the computer the network was originally
    "provisioned" for. Thus, I wouldn't change the routers MAC address
    either.

    However, the key point of all of this, is that if you want your
    postings/email to come from a different address, then do that. Use a
    different way of injecting your eamil/news into the web rather than
    simply posting from your home. However, don't try to achieve that by
    fiddling with your local computers IP address. Wrong solution to the
    problem.

    Hope this helps,
    -Chris

    *****************************************************************************
    Chris Clark Internet :
    Compiler Resources, Inc. Web Site : http://world.std.com/~compres
    23 Bailey Rd voice : (508) 435-5016
    Berlin, MA 01503 USA fax : (978) 838-0263 (24 hours)
    ------------------------------------------------------------------------------
     
    Chris F Clark, Oct 19, 2006
    #13
  14. Aluxe

    Aluxe Guest

    On Thu, 19 Oct 2006 13:46:15 -0400, Chris F Clark wrote:

    Hi Chris,

    Wow again. You are obviously tuned to the realities here.
    Thank you again for being cogent and coherent.

    I know I will accomplish the desired task (which is simply to change the IP
    address nightly automagically with even less effort than I do today) and
    with your help, I may soon be able to (and that of kingthorin, Dana, Duane,
    etc.).

    This is a worthwhile task as once set up, there is absolutely no additional
    effort and a measurable gain (for me, but, not for most of you as you don't
    have this problem so you don't see the advantages).

    All it takes is understanding the system.

    Yet, for some strange reason, we're still "discussing" the why so, to give
    you the courtesy you extended to me, I'll briefly highlight where we agree
    and disagree below ...

    > How the NNTP psting host gets added to the post is dependent on the
    > software that injects the posting into the newsfeed. This software is
    > probably at your ISP


    Yes. I learned that from this thread that it was pointless to try to change
    my software or my software settings as the ISP always uses my DHCP assigned
    IP address as my public NNTP posting host. Sigh. I was wasting my time
    changing newsreaders. Thank you all for helping me come to that conclusion.

    > If you want to truly change it, you need to either find an
    > ISP specific solution, or use a different method of getting your news
    > into the newsfeed.


    This thread is all about the former and not about the latter. Thank you all
    for helping me find an ISP-specific solution to my particular dilemma
    (which most of you do not have).

    > For example, my ISP does not associate my
    > postings with my computer--in fact, it doesn't even know the name, IP,
    > or MAC address of my computer.\


    Yes. I learned this from most of you on this thread. I appreciate you
    informing me of this as I didn't realize that the users' assigned IP
    address wasn't broadcast to the while world on every post for most users.
    It just is broadcast on all MY posts! I now understand this better, thanks
    to all of you.

    > I do that for exactly the opposite reason of what you are asking for,
    > so that I have a well know address that people can reach me at that
    > doesn't change over the years.


    Huh? You want the same IP address for years? I guess that's fine if you're
    running a web server or an ftp account. But, why not just use the same
    identifying name and email address (however bogus) if you want people to
    reach you via the usenet nntp newsgroups?

    Even if you are running a web server ... isn't the "domain name" sufficient
    for people to reach you over the years? I don't see anything wrong with a
    constant IP address in this situation ... but why is a constant IP address
    for years a requirement?

    In fact, 90% of the posters here say the IP address is irrelevant!
    So, why do you require the same IP address (which is the real topic here)
    for years? This confuses me.

    > However, one could use it to get what you want privacy.

    Yes. We agree. I want a different IP address each day attached to my posts.
    I can keep the same bogus name and email address (I used to use my real
    name and address but spammers long ago put an end to that).

    Again, you're proving my point (I know you understood). The IP address
    isn't what "connects" me to the users. Heck, you've been conversing with me
    and I've been changing my IP address every day so far. It hasn't stopped
    this conversation (some wish it would though ... :)

    > I have also used "free email" addresses to get something closer to the
    > anonymity you are seeking. Those are relatively effective.


    So have I. I have learned how to get hotmail accounts, for example, in the
    first pass, almost every time. (Most people don't know Yak.)

    > If they hire a professional to track down your information, you aren't
    > likely to be able to get the privacy you desire.


    I agree. Time and time (and time) again, I have said that all I am looking
    for is a ROI on the ability to not have my assigned IP address plastered
    all over the Internet, the same IP address day after day.

    Currently I accomplish that task by rebooting the router. If this was a
    hugely beneficial thing, I wouldn't mind. But, it's just one small step.
    So, THAT is why I'm trying to automate that one small step. To improve the
    ROI by lowering the I.

    If my experiment (kindly suggested in this newsgroup) of changing the
    router settings to dial into the PPPoE account on demand, finally works
    tonight, we'll be done!

    > If you are cheating on your husband, he will find that information out,
    > even if you try to keep it private. Noreover, he will find out not
    > via tracking your internet posting IPs. As they say, been there, done
    > that.)


    I fully agree. You might not be amazed at what I can find out about you in
    about two minutes if your address you posted is actually valid - but many
    others might be.

    Not only can I find out all about you, but all about your neighbors and
    their kin. And the layout of your and their house, how many bedrooms,
    square feet, when and how much you bought it, and a photo of your back
    yard, and, given a few hours, your automobile license plate, where you
    work, social security death benefits of your next of kin, photos of your
    kids at school, yada yada yada.

    This question was never about that.

    Understand the whole "husband" thing was merely a made-up example to give
    the honest answer to the many questions of "why" without actually giving
    out any real private information. Does anyone really think any of the
    information in my post, other than the obvious technical data, is real?

    End result ... no need to worry about my "husband" ... whomever he may be.

    > You keep trying the attention of this thread on how to hide your
    > IP/NNTP posting host. You may or may not be able to do that via an
    > ISP specific solution. Most DSL modems and routers aren't designed to
    > make it easy for you to change their IP address by forcing them to
    > renew it. Keeping the IP address constant is an efficiency issue.


    Now we're getting to the meat of the issue! Your whole discussion here was
    enlightening. It didn't solve the problem; but it helped greatly to
    understand the situation and the interesting perspective of the ISP.

    > Moorever, your IP may reassign the same IP address when your modem is
    > turned back on, if that is convenient to them, and quite likely will
    > give you the same address if your modem is off for a sufficiently
    > short period of time.


    Yep. Both happen all the time. Even more so now that I've set the router to
    PPPoE in on demand after a fifteen-minute idle time.

    > Note, if your modem has a MAC address, I defintely recommend NOT
    > trying to change that. It is quite likely that your ISP keeps a list
    > of the valid MAC addresses for the modems connected to its service,
    > and only allows those MAC addresses to connect.


    Hmmmm... I never even thought about changing the MAC address of the modem
    .... hmmmm... :)

    > Thus, I wouldn't change the routers MAC address either.


    Too late. I changed the router's MAC address multiple times already since
    the start of this thread while experimenting on the effects. My ISP hasn't
    booted me off yet but there have been no other effects to date.

    > However, the key point of all of this, is that if you want your
    > postings/email to come from a different address, then do that. Use a
    > different way of injecting your eamil/news into the web rather than
    > simply posting from your home. However, don't try to achieve that by
    > fiddling with your local computers IP address. Wrong solution to the
    > problem.


    Here, in your final point, we must agree to disagree.
    Currently, the only cost of changing the address that associates me with
    every post is I have to manually unplug and replug my router.

    If the settings recommended by this newsgroup are correct, I won't even
    have to do that tomorrow.

    So, basically for free (once the settings work automatically), I believe it
    is additive to my privacy (in a way that is greater than the investment,
    which, over time, approaches zero).

    What's wrong with a bunch of little privacy steps, each one of which, over
    time, approaches an investment of zero yet which provides, over time, a
    constant additive benefit - this just being one of them?
     
    Aluxe, Oct 19, 2006
    #14
  15. Aluxe <> writes:

    > Huh? You want the same IP address for years? I guess that's fine if you're
    > running a web server or an ftp account. But, why not just use the same
    > identifying name and email address (however bogus) if you want people to
    > reach you via the usenet nntp newsgroups?


    No, I want my posts to all be linked, so I use the same host/user id
    on all of them (to the extent to which that is possible). It turns
    out, that my method of doing so, also happens to give them all the
    same NNTP posting host IP (or roughly the same one), or probably does
    so; the newsreader software I use doesn't by default show the NNTP
    posting host, so I've never looked. However, since I know that the
    particular ISP I use has a specific machine and IP address set up as
    their host for each function (i.e. there used to be a machine named
    ftp.world.std.com at a specific IP address that was the FTP server), I
    would be surprised if NNTP host IP weren't constant.

    I know that one of the addresses to that host is 192.74.137.5 (that's
    the one that accepts ssh connections), because I use that to access
    that host when I'm behind a firewall that doesn't know how to do the
    name lookup properly, and I need to reach the site by IP address. So,
    to answer your question round-aboutly, yes, I do want the address to
    be constant over long periods of time, so that I can find the site,
    using information I remember. Other than that, I don't care about IP
    addresses. They are really like numbers on mailboxes. If you see the
    name of the box, you probably don't care about the number. If you
    know the number, you don't have to remember the name. (And if you
    want something more private, you get a mailbox at the post office,
    rather than having it delivered to your home, but that point has been
    made to death.)

    If I could (easily and cheaply) get an accessible permanent IP address
    for my home machine, I would. Then I could use ssh (and rdp) to my
    home machine, and that would make my life more convenient, which is
    the whole point of IP addresses. However, just as spammers keep you
    from using your real email address, hackers keep me from letting
    outside traffic onto my home net. And without the ability to get past
    my firewall, having the firewall at a known address does me no good.
    I don't even know what my cable provider calls my home network,
    because there is no use for that information, you can't send traffic
    to it (and get past the firewall).

    Again, this has nothing to do with your anonymity concerns.
    Hopefully, it gives you a better picture of IP addresses and what they
    are for, and why when we thought you wanted security, we said changing
    it wouldn't help.

    I'm still not certain that changing it helps you anaonymity by very
    much. Have you searched to see how many postings other than your own
    have come from the same IP address(es)? If all the posting associated
    with your IP addresses come from you, then perhaps your concern is
    valid. If you are merely one of many, then changing your IP address
    is not likely to be a benefit.

    Note if you are the only one posting with some specific IP addresses,
    even if you can get new ones, you still may be the only one posting
    from that set--your ISP doesn't have an infinite set of addresses it
    can hand to you. (In fact, it is the smallness of the set, that
    causes the ISP to hand you new ones. They don't have enough IP
    addresses to cover all their customers. If they did, they would just
    hand out static IP addresses, like the IP address for world.std.com
    above.) Thus, you may find all your postings, even with new IP
    addresses, come from a small set of IP addresses that no one else ever
    posts from.

    Does this help explain that even if the I is small, so may be the R in
    the ROI equation? To be anonymous, there must be someone else who
    looks similar enough that you can plasuibly say, it wasn't me, it was
    him. To be truly anonymous, there must be many others like that.

    The point is I don't want you getting a false sense of security. You
    may still not be as anonymous as you hope.

    Hope this helps,
    -Chris

    *****************************************************************************
    Chris Clark Internet :
    Compiler Resources, Inc. Web Site : http://world.std.com/~compres
    23 Bailey Rd voice : (508) 435-5016
    Berlin, MA 01503 USA fax : (978) 838-0263 (24 hours)
    ------------------------------------------------------------------------------
     
    Chris F Clark, Oct 19, 2006
    #15
  16. Aluxe

    Aluxe Guest

    On Thu, 19 Oct 2006 17:15:31 -0400, Chris F Clark wrote:
    > Does this help explain that even if the I is small, so may be the R in
    > the ROI equation? To be anonymous, there must be someone else who
    > looks similar enough that you can plasuibly say, it wasn't me, it was
    > him. To be truly anonymous, there must be many others like that.
    >
    > The point is I don't want you getting a false sense of security. You
    > may still not be as anonymous as you hope.


    Hi Chris Clark.

    You must be an amazing guy!

    More good points in your yet again well thought out response. I'm amazed
    you have taught me something for the third time ... (much of what has been
    said up 'till now has been repeats of the same thing).

    I must admit, despite the fact I said previosly any script kiddie could
    write the program, I don't have the facilities (nor inclination) to spit
    out all the archived nntp messages on google to then search the headers for
    my NNTP posting host to then compare to see how often my unique header
    shows up.

    Which, in a way, makes your (and others') point in that it's just not worth
    the effort. Yes. Unless that program were written by someone (it probably
    has been written ... we just don't know about it).

    Once the program is written, then it would be trivial to do what you
    suggested I try.

    This isn't too off topic to ask:

    RELATED QUESTION:
    Does anyone know of a freeware program, already written, that will search
    archived google posts (given a start/stop date) to spit out those posts
    which have a given NNTP posting host?

    Note: Please no wisecracks saying "google" (as google does NOT apparently
    index the NNTP posting host as far as my tests can tell).
     
    Aluxe, Oct 19, 2006
    #16
  17. "#2 Aluxe" <> wrote in message
    news:...
    > On Wed, 18 Oct 2006 18:29:56 GMT, Stuart Miller wrote:
    >> There is a lot of interesting technical discussion here, but I would like
    >> to
    >> take a different approach
    >> From all the posts here and on the 'firewall' newsgroup, I believe I
    >> understand what Aluxe is after.

    > ...
    >> [changing the IP address] has nothing to do with security, but does grant
    >> a measure of privacy.
    >> Comments?

    >
    > Hi Stuart Miller,
    >
    > Thank you. Thank you. Thank you.
    > Thank you for being a voice of technical reason here.
    > I agree, we are not talking about security (that was my fault for equating
    > sescurity to privacy in the original subject line) as you fully
    > understand.
    >
    > We are only talking about a simple additive action to privacy.
    >

    Agreed

    But I will give you a few more things to ponder - some of these are
    referenced in other parts of this thread, but I am not going to locate those
    references.

    1. IP address
    I do not believe you can separate two or three 'aspects' of you life by a
    change in IP address.
    I mentioned one solution, another may be easily available
    I have an old cable modem - circa 1999 or 2000. It goes back to the days
    before an affordable home router/firewall. It is smart enough to support 4
    different IP addresses - you connect the rj45 plug on the modem to the
    uplink pulg of a hub, and each unit (computer or router) plugs into the hub
    and takes an IP address from the router. This is how the cable co allowed
    multiple computers on one cable connection. They allow 2 free addresses, and
    so much a month for each additional one. This method is documented on their
    web site.
    If you have this capability, you have your privacy. You can post your
    personal stuff on a simple, slow (under $100) machine on one IP address, and
    your real stuff on your regular machine.
    I know this works, because I have a linux web server on one, and my router
    which feeds the other 5 machines here on the other.

    2. Web servers
    As mentioned above, I run a hobby apache/linux web server. I did this partly
    to learn about html & web site design, partly to learn linux, and partly to
    learn about internet security from the other side.
    Yes, I do log the IP address of every visitor, along with how they got to my
    site, and whatever else their browser will tell me. I record each web page
    they visit. I keep the logs about 6 months
    When I allow a POST operation, I record that it happened, but I do not log
    the contents at the server level - the application (message board, blog,
    perl/cgi script, or whatever) does that.
    Some places like message boards and Yahoo chat announce that they are
    recording IP addresses, some don't announce but they all do some form of
    recording.
    Other replies have explained how to work with that.

    Also as mentioned, sone sites (usually ad based) link back to your computer
    with 'persistent connections'. They have figured out how to send to you -
    that is the way they get the pop up ads to appear. Since the whole proxy
    server business is to prevent that, any time you get a pop up you may have
    been 'id'ed. In addition, you may not get your idle time. When I had isdn
    service here, I logged sites calling my browsers for hours after I had
    closed the browser. The job of the 'bot was to keep the connection active so
    the site could get the ads to me faster. For a few years I 'owned' a block
    of 8 IP addresses - gave me a static address with no means to change it even
    if I wanted to. It had problems, because the 'bots could always find me.


    3. The need for privacy
    We have covered the lack of privacy in the internet fairly well - that is
    the price we pay for using that medium for communication.
    What about privcy at home? Without enquiring into you family situation, I
    will just remind you that windoze records all kinds of things in all kind of
    hidden places. And NO, I will not discuss what and where those are. You
    should consider some steps to secure the information hidden on your
    computer.
    I repair/recondition donated equipment for disability organization - it is
    amazing (sometimes disgusting) what I find on these machines.

    For me it is easy - anything sensitive gets done on the linux machines.

    4. IP addresses
    My experience is that the IP address is tied to (amongst other things) the
    MAC address. When I change the NIC in an older machine connected directly, I
    get a new IP address. When I put the old NIC back in, I get the one I had
    before. When I clone the MAC address with the router, it gives me the IP
    address that the NIC had. I have about 20 old NIC cards here - that would
    give me a fair pool of addresses to clone if I wanted to change IP addresses
    frequently. When I upgraded my web server, I make sure that the NIC moved
    into the new machine, so I kept the same IP address.

    One reason for dynamic IP addresses is to prevent home users from setting up
    a permanent business web server. The cable co figures that as long as the IP
    address will change frequently (in my case, about twice a year) that will
    make it much more difficult to use a home account for business use. Lets
    avoid the topic of dns forwarding.

    As mentioned, your ISP has a pool of IP numbers available to 'lease' You may
    find you are circulating amongst the same 5 or 10 numbers when you keep
    changing. And you may get an IP number that has been flagged by the crackers
    as being 'open' for attacks.


    Cable/ADSL

    Different technologies - different restrictions. Cable can give you multiple
    IP addresses for one account, but as far as I know, ADSL can not. Also, ADSL
    requires you to register your MAC address before you get an IP number. New
    MAC address - 30 min to 1 hour to get it 'registered'

    Some considerations for you.

    Stuart
     
    Stuart Miller, Oct 20, 2006
    #17
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Aluxe
    Replies:
    46
    Views:
    1,314
    Tristan
    Oct 21, 2006
  2. Aluxe
    Replies:
    11
    Views:
    804
    Mark McIntyre
    Oct 19, 2006
  3. Aluxe
    Replies:
    13
    Views:
    765
    Aluxe
    Oct 19, 2006
  4. Aluxe
    Replies:
    21
    Views:
    995
  5. #2 Aluxe
    Replies:
    16
    Views:
    898
    #2 Aluxe
    Oct 19, 2006
Loading...

Share This Page