Static dynamic IP address

Discussion in 'NZ Computing' started by Nighthawk, Aug 7, 2007.

  1. Nighthawk

    Nighthawk Guest

    Not a contradiction, really. I thought that having a dynamic IP
    address was a plus security-wise but lately I have been noticing that
    even when going off-line for an hour or more, when I reconnect, even
    after rebooting or leaving the ADSL USB modem unplugged for some time,
    that I get back on the same IP address as before. There doesn't seem
    to be anything I can do about it at my end. Is there?

    I may be going to XP later in the year and would not want a 'static
    dynamic' IP address under XP. (Slingshot Win98SE).
     
    Nighthawk, Aug 7, 2007
    #1
    1. Advertising

  2. Nighthawk

    Malcolm Guest

    On Wed, 08 Aug 2007 05:33:21 +1200
    Nighthawk <> wrote:

    > Not a contradiction, really. I thought that having a dynamic IP
    > address was a plus security-wise but lately I have been noticing that
    > even when going off-line for an hour or more, when I reconnect, even
    > after rebooting or leaving the ADSL USB modem unplugged for some time,
    > that I get back on the same IP address as before. There doesn't seem
    > to be anything I can do about it at my end. Is there?
    >
    > I may be going to XP later in the year and would not want a 'static
    > dynamic' IP address under XP. (Slingshot Win98SE).
    >
    >

    Hi
    If you are able too, can you clear the arp table on the modem? Else I
    would guess if you spoof the modem mac address you should get a new
    ip...

    --
    Cheers Malcolm °¿° (Linux Counter #276890)
    SLED 10.0 SP1 x86_64 Kernel 2.6.16.46-0.14-smp
    up 14:27, 2 users, load average: 0.02, 0.03, 0.00
     
    Malcolm, Aug 7, 2007
    #2
    1. Advertising

  3. Nighthawk

    Jason Rumney Guest

    > Hi
    > If you are able too, can you clear the arp table on the modem? Else I
    > would guess if you spoof the modem mac address you should get a new
    > ip...


    Modems don't have MAC addresses, and the arp table won't do anything,
    as the address is probably associated with his account, at least in a
    cache for the PPP server if not a permanent database somewhere. But it
    doesn't really matter, because Nighthawk is mistaken in believing that
    there is any security advantage in having a dynamic IP.
     
    Jason Rumney, Aug 7, 2007
    #3
  4. Nighthawk

    JohnO Guest

    On Aug 8, 5:33 am, Nighthawk <> wrote:
    > Not a contradiction, really. I thought that having a dynamic IP
    > address was a plus security-wise but lately I have been noticing that
    > even when going off-line for an hour or more, when I reconnect, even
    > after rebooting or leaving the ADSL USB modem unplugged for some time,
    > that I get back on the same IP address as before. There doesn't seem
    > to be anything I can do about it at my end. Is there?
    >
    > I may be going to XP later in the year and would not want a 'static
    > dynamic' IP address under XP. (Slingshot Win98SE).


    The DHCP server will always try to give you back the same IP as most
    would consider this to be quite handy. Your ADSL modem/router may have
    an option to reset it's DHCP?

    But there's not really any security benefit that I can see to geting
    your IP to change - just make sure your ADSL modem/router has its
    firewall on and you'll be fine.
     
    JohnO, Aug 7, 2007
    #4
  5. Nighthawk

    EMB Guest

    Jason Rumney wrote:
    >> Hi
    >> If you are able too, can you clear the arp table on the modem? Else I
    >> would guess if you spoof the modem mac address you should get a new
    >> ip...

    >
    > Modems don't have MAC addresses, and the arp table won't do anything,
    > as the address is probably associated with his account, at least in a
    > cache for the PPP server if not a permanent database somewhere. But it
    > doesn't really matter, because Nighthawk is mistaken in believing that
    > there is any security advantage in having a dynamic IP.
    >
    >

    ADSL routers certainly have a MAC address.
     
    EMB, Aug 8, 2007
    #5
  6. In message <>, Nighthawk wrote:

    > I thought that having a dynamic IP address was a plus security-wise ...


    I wouldn't count it as an important part of your security plan.

    > ... but lately I have been noticing that even when going off-line for an
    > hour or more, when I reconnect, even after rebooting or leaving the ADSL
    > USB modem unplugged for some time, that I get back on the same IP address
    > as before.


    I take it you're talking your public, Internet-facing IP address? That would
    be assigned by your ISP.
     
    Lawrence D'Oliveiro, Aug 8, 2007
    #6
  7. Nighthawk

    ~misfit~ Guest

    Jason Rumney wrote:
    > > Hi
    > > If you are able too, can you clear the arp table on the modem? Else
    > > I would guess if you spoof the modem mac address you should get a
    > > new ip...

    >
    > Modems don't have MAC addresses,


    LOL!! Disagreeing about modems with a man who used to do
    consulting/troubleshooting work for Alcatel.

    I sure hope you know what you're talking about.

    > and the arp table won't do anything,
    > as the address is probably associated with his account, at least in a
    > cache for the PPP server if not a permanent database somewhere. But it
    > doesn't really matter, because Nighthawk is mistaken in believing that
    > there is any security advantage in having a dynamic IP.


    Please, back this up with facts. Or state that it's an opinion.
    --
    TTFN.

    Shaun.
     
    ~misfit~, Aug 8, 2007
    #7
  8. Nighthawk

    EMB Guest

    ~misfit~ wrote:
    > Jason Rumney wrote:
    >
    >> and the arp table won't do anything,
    >> as the address is probably associated with his account, at least in a
    >> cache for the PPP server if not a permanent database somewhere. But it
    >> doesn't really matter, because Nighthawk is mistaken in believing that
    >> there is any security advantage in having a dynamic IP.

    >
    > Please, back this up with facts. Or state that it's an opinion.


    Hi Shaun

    Whilst Jason's comment is probably an opinion I think he's at least half
    right - it doesn't take long after connecting to the net for someone to
    port scan your machine and take advantage of any vulnerabilities. Given
    that ADSL connections tend to stay up for hours rather than minutes I
    see having a dynamic IP address as a security feature of very little worth.
     
    EMB, Aug 8, 2007
    #8
  9. Nighthawk

    ~misfit~ Guest

    EMB wrote:
    > ~misfit~ wrote:
    > > Jason Rumney wrote:
    > >
    > > > and the arp table won't do anything,
    > > > as the address is probably associated with his account, at least
    > > > in a cache for the PPP server if not a permanent database
    > > > somewhere. But it doesn't really matter, because Nighthawk is
    > > > mistaken in believing that there is any security advantage in
    > > > having a dynamic IP.

    > >
    > > Please, back this up with facts. Or state that it's an opinion.

    >
    > Hi Shaun
    >
    > Whilst Jason's comment is probably an opinion I think he's at least
    > half right - it doesn't take long after connecting to the net for
    > someone to port scan your machine and take advantage of any
    > vulnerabilities. Given that ADSL connections tend to stay up for
    > hours rather than minutes I see having a dynamic IP address as a security
    > feature of very little
    > worth.


    Hi EMB,

    I was just going by what I've read (yeah, maybe a bad move) about hackers
    setting up 'zombie' machines through trojans or the like. From what I
    understand, it's safer (unless you have an *excellent* firewall, not always
    the case with home users) to have a dynamic IP. <shrug> Maybe I place too
    much emphasis on what magazines say. However, I got the impression that the
    OP may have read the same things as me.

    Cheers,
    --
    TTFN.

    Shaun.
     
    ~misfit~, Aug 8, 2007
    #9
  10. In message <46b93743$>, ~misfit~ wrote:

    > I was just going by what I've read (yeah, maybe a bad move) about hackers
    > setting up 'zombie' machines through trojans or the like. From what I
    > understand, it's safer (unless you have an *excellent* firewall, not
    > always the case with home users) to have a dynamic IP.


    No it's not. The compromised machines contact the controller, not the other
    way round. So it doesn't matter if the IP addresses of the former change.
     
    Lawrence D'Oliveiro, Aug 8, 2007
    #10
  11. In article <46b917a6$>,
    "~misfit~" <> wrote:

    > Jason Rumney wrote:
    > > cache for the PPP server if not a permanent database somewhere. But it
    > > doesn't really matter, because Nighthawk is mistaken in believing that
    > > there is any security advantage in having a dynamic IP.

    >
    > Please, back this up with facts. Or state that it's an opinion.


    It is a monster filled sea out there. An army of 'bots, actually, many
    armies, constantly search through all active address space looking for
    victims. A friend and colleague just did his Master's (got Distinction
    too) on analysing many months of data on a LARGE empty address block,
    looking at what goes on.

    They are not searching for 'you' in particular, just an open door.
    Static/dynamic address---they neither know nor care. Every few
    minute/seconds another one will try your doorknob. It doesn't matter
    whether you are on dial-up, ADSL, cable or fibre. And if they get in,
    then you probably just joined the zombie army.

    That is the major threat. Having a dynamic IP address in no way
    mitigates this threat.

    What significant mitigation do you think a dynamic IP confers?
     
    Michael Newbery, Aug 8, 2007
    #11
  12. Nighthawk

    ~misfit~ Guest

    Michael Newbery wrote:
    > In article <46b917a6$>,
    > "~misfit~" <> wrote:
    >
    > > Jason Rumney wrote:
    > > > cache for the PPP server if not a permanent database somewhere.
    > > > But it doesn't really matter, because Nighthawk is mistaken in
    > > > believing that there is any security advantage in having a
    > > > dynamic IP.

    > >
    > > Please, back this up with facts. Or state that it's an opinion.

    >
    > It is a monster filled sea out there. An army of 'bots, actually, many
    > armies, constantly search through all active address space looking for
    > victims. A friend and colleague just did his Master's (got Distinction
    > too) on analysing many months of data on a LARGE empty address block,
    > looking at what goes on.
    >
    > They are not searching for 'you' in particular, just an open door.
    > Static/dynamic address---they neither know nor care. Every few
    > minute/seconds another one will try your doorknob. It doesn't matter
    > whether you are on dial-up, ADSL, cable or fibre. And if they get in,
    > then you probably just joined the zombie army.
    >
    > That is the major threat. Having a dynamic IP address in no way
    > mitigates this threat.
    >
    > What significant mitigation do you think a dynamic IP confers?


    As I said in my reply to EMB, for years I've been reading in magazines,
    websites etc. on intrusion/malware protection that a static IP makes you a
    more likely target. The term "sitting duck" comes to mind.

    That said, it matters not a jot if you have a static or dynamic IP if you
    don't take measures to prevent infection/intrusion. I've had both and it's
    made no difference to me. As Jason was completely wrong on the modems having
    MAC addresses thing it caused me to doubt the rest of his post.
    --
    TTFN.

    Shaun.
     
    ~misfit~, Aug 8, 2007
    #12
  13. Nighthawk

    Nighthawk Guest

    On Wed, 8 Aug 2007 19:18:58 +1200, "~misfit~"
    <> wrote:

    >Michael Newbery wrote:
    >> In article <46b917a6$>,
    >> "~misfit~" <> wrote:
    >>
    >> > Jason Rumney wrote:
    >> > > cache for the PPP server if not a permanent database somewhere.
    >> > > But it doesn't really matter, because Nighthawk is mistaken in
    >> > > believing that there is any security advantage in having a
    >> > > dynamic IP.
    >> >
    >> > Please, back this up with facts. Or state that it's an opinion.

    >>
    >> It is a monster filled sea out there. An army of 'bots, actually, many
    >> armies, constantly search through all active address space looking for
    >> victims. A friend and colleague just did his Master's (got Distinction
    >> too) on analysing many months of data on a LARGE empty address block,
    >> looking at what goes on.
    >>
    >> They are not searching for 'you' in particular, just an open door.
    >> Static/dynamic address---they neither know nor care. Every few
    >> minute/seconds another one will try your doorknob. It doesn't matter
    >> whether you are on dial-up, ADSL, cable or fibre. And if they get in,
    >> then you probably just joined the zombie army.
    >>
    >> That is the major threat. Having a dynamic IP address in no way
    >> mitigates this threat.
    >>
    >> What significant mitigation do you think a dynamic IP confers?

    >
    >As I said in my reply to EMB, for years I've been reading in magazines,
    >websites etc. on intrusion/malware protection that a static IP makes you a
    >more likely target. The term "sitting duck" comes to mind.
    >

    That is where I was coming from. I have heard of hackers
    'bookmarking' PCs to come back to.
     
    Nighthawk, Aug 8, 2007
    #13
  14. Nighthawk

    Jason Rumney Guest

    On 8 Aug, 00:32, EMB <> wrote:

    > ADSL routers certainly have a MAC address.


    An ADSL router, as opposed to a modem, has an 802.3 or 802.11
    interface, which will have a MAC address. The ASDL interface however
    is a point to point modem, and does not use MAC addressing.
     
    Jason Rumney, Aug 8, 2007
    #14
  15. Nighthawk

    Jason Rumney Guest

    On 8 Aug, 02:11, "~misfit~" <> wrote:

    > LOL!! Disagreeing about modems with a man who used to do
    > consulting/troubleshooting work for Alcatel.


    Alcatel is a big company, only a very small part of which has anything
    to do with ADSL modems. So I'm not sure those qualifications mean what
    you think they mean.
     
    Jason Rumney, Aug 8, 2007
    #15
  16. Nighthawk

    Jason Rumney Guest

    On 8 Aug, 12:36, Nighthawk <> wrote:

    > That is where I was coming from. I have heard of hackers
    > 'bookmarking' PCs to come back to.


    So what happens if they bookmarked the guy who had your current
    address before you? Any security benefit from your address changing is
    an illusion.
     
    Jason Rumney, Aug 8, 2007
    #16
  17. Nighthawk

    EMB Guest

    Jason Rumney wrote:
    > On 8 Aug, 00:32, EMB <> wrote:
    >
    >> ADSL routers certainly have a MAC address.

    >
    > An ADSL router, as opposed to a modem, has an 802.3 or 802.11
    > interface, which will have a MAC address. The ASDL interface however
    > is a point to point modem, and does not use MAC addressing.
    >

    The assigment of an IP address by DHCP is based on the MAC address -
    spoofing/changing it will force a new IP address to be assigned if
    dynamic assignment is in use.
     
    EMB, Aug 8, 2007
    #17
  18. Nighthawk

    Jason Rumney Guest

    On 8 Aug, 23:28, EMB <> wrote:
    > JasonRumneywrote:


    > The assigment of an IP address by DHCP is based on the MAC address -
    > spoofing/changing it will force a new IP address to be assigned if
    > dynamic assignment is in use.


    DHCP is not involved over a PPP link.
     
    Jason Rumney, Aug 8, 2007
    #18
  19. Nighthawk

    ~misfit~ Guest

    Jason Rumney wrote:
    > On 8 Aug, 02:11, "~misfit~" <> wrote:
    >
    > > LOL!! Disagreeing about modems with a man who used to do
    > > consulting/troubleshooting work for Alcatel.

    >
    > Alcatel is a big company, only a very small part of which has anything
    > to do with ADSL modems. So I'm not sure those qualifications mean what
    > you think they mean.


    Well, Malcolm was very helpful to me in the past when he was in NZ. He
    explained a lot about the workings of ADSL and how to set up my modems. He
    was very au fait with the workings of DSLAMs and (ASAMs, the Alcatel units
    that are taking over from DSLAMs now that Alcatel has a big contract with
    Telecom). AFAIK he was working as a liason between Alcatel and Telecom in
    rolling out the new technology. Frankly, I'd far sooner believe what he says
    than what you say, I see you backing down now on your statement/s. Malcolm
    has never put me crook and has successfully resolved several problems I've
    had with my line. Even to the point of getting an "inside man" at Telecom to
    check it for me and recommend a port change when Telecom wouldn't listen to
    me.

    What are your qualifications Jason?
    --
    TTFN.

    Shaun.
     
    ~misfit~, Aug 9, 2007
    #19
  20. Nighthawk

    ~misfit~ Guest

    Jason Rumney wrote:
    > On 8 Aug, 12:36, Nighthawk <> wrote:
    >
    > > That is where I was coming from. I have heard of hackers
    > > 'bookmarking' PCs to come back to.

    >
    > So what happens if they bookmarked the guy who had your current
    > address before you? Any security benefit from your address changing is
    > an illusion.


    http://www.broadbandchoices.co.uk/why-get-a-static-ip.html

    "Hacker risk - Having a constant IP address means that once hackers have
    your numbers they can keep on attacking. Dynamic addresses change all the
    time making it more difficult to get into your PC. However, having a router
    and firewall can help as they will block access to your computer."

    http://pages.prodigy.net/jdjd/firewall/index.htm

    "Dynamic IP Addresses:
    Unlike your regular home address, however, your IP address is not permanent.
    It's temporary, and it changes each time you sign onto the Internet. Hackers
    need to know your IP address in order to hack into your computer. Since your
    IP address changes each time you sign on, it's difficult (but not
    impossible) for a hacker to get yours and infiltrate your PC."

    http://compnetworking.about.com/od/dslvscablemodem/l/aa021101b.htm

    "Static IP addresses provide network attackers with a fixed target. The
    analogy to baseball and other sports applies: a moving target will generally
    be harder to "hit." Many DSL and cable providers offer DHCP address
    assignment, that causes one's address to change each time they sign on.
    However, this feature helps only slightly if this address stays the same
    throughout the days and weeks one remains online."

    (Rebooting your modem on a regular basis can fix that, not that Telecom can
    be relied upon to keep a conection 'live' for long anyway).

    Perhaps these sources are wrong and you are right. However, after you
    wrongly contradicted Malcolm and stated that DSL modems don't have MAC
    address's I doubt it somehow.

    BTW, during that brief search I found lots of references to DHCP being used
    to assign IPs on ADSL, contrary to a claim that you made elsewhere in this
    thread.
    --
    TTFN.

    Shaun.
     
    ~misfit~, Aug 9, 2007
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Sharqy_5
    Replies:
    0
    Views:
    3,961
    Sharqy_5
    Jul 20, 2003
  2. c
    Replies:
    2
    Views:
    836
  3. Hans-Peter Walter
    Replies:
    3
    Views:
    1,173
    Joe Bloggs
    Jan 21, 2004
  4. Curt Christianson

    Static or Dynamic IP address

    Curt Christianson, Sep 12, 2007, in forum: Wireless Networking
    Replies:
    4
    Views:
    676
    Jack \(MVP-Networking\).
    Sep 12, 2007
  5. Diego Balgera
    Replies:
    5
    Views:
    7,792
    Johann Lo
    Feb 8, 2008
Loading...

Share This Page