Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: 1 [2]

Author Topic: How To Stop Sending Out My IP Address.  (Read 17544 times)

roseway

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 43467
  • Penguins CAN fly
    • DSLstats
Re: How To Stop Sending Out My IP Address.
« Reply #15 on: November 28, 2007, 04:26:37 PM »

Right, I see. :)
Logged
  Eric

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)
Re: How To Stop Sending Out My IP Address.
« Reply #16 on: November 28, 2007, 11:17:21 PM »

Nice one - Eclipse must be honouring the individual opt-out :)

Yes it looks good, I have spent about half an hour on the 'ripe' web site and like Eric said there are no personal details on there now, the last time I looked was just after I go my block of 6 address and my name and address was showing, it now says 'ALLOCATED ' .
I also did a name search and my home address - both not shown.
Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

guest

  • Guest
Re: How To Stop Sending Out My IP Address.
« Reply #17 on: November 28, 2007, 11:26:55 PM »

Good :)

Do try the same lookups on your domains (if you have any). Eg I have a .me.uk domain with 1and1 (AKA Schlund) and every time I make any changes to the account they update Nominet with my details - even if they haven't changed. Unfortunately this has the effect of cancelling the "Non-trading individual" opt-out. It is VERY irritating as if I don't remember to then login to Nominet and opt-out again then its trivial to locate anyone using email on that domain (as the kids do now).

It's almost irritating enough that I might move registrars.......
Logged

guest

  • Guest
Re: How To Stop Sending Out My IP Address.
« Reply #18 on: November 28, 2007, 11:42:13 PM »

Oh and one more thing - I'm assuming your daughter's machine has a public IP address yes? If so then have you considered the tracking potential of that? I'm not into security now but it'll be obvious that the address is part of an allocated block so its a fair bet that each IP address is a specific machine. If you have a machine already running Smoothwall then you might be better NATing her behind that - I think that was possible (Routed + NAT) but I can't remember. It should just look like a NAT router to anyone curious.
Logged

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)
Re: How To Stop Sending Out My IP Address.
« Reply #19 on: November 29, 2007, 02:30:10 PM »

Oh and one more thing - I'm assuming your daughter's machine has a public IP address yes? If so then have you considered the tracking potential of that? I'm not into security now but it'll be obvious that the address is part of an allocated block so its a fair bet that each IP address is a specific machine. If you have a machine already running Smoothwall then you might be better NATing her behind that - I think that was possible (Routed + NAT) but I can't remember. It should just look like a NAT router to anyone curious.

In my first post I put
"My set up = ADSL with 6 Ip Address's, Router (With NAT firewall turned off), Smoothwall hardware firewall, switch, network."
 
With the ADSL router before smoothwall you have to turn off the 'NAT' firewall and have smoothwall doing all the NATing, Hence my block of IP's are to make all this work (Set up with the advice of the guys and girls of the smoothwall forum).
So all of my machines are back of the smoothwall firewall.
I have scanned my network with the 'Shields up' web site www.grc.com/ and it does not exist.  :)

Thinking more about what is displayed on my daughters forum sites she goes on, It may be like this site were only the mods and yourself see your own IP Address .
While see is chatting to her friends I will get her to ask if any one can see our IP Address.
Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

guest

  • Guest
Re: How To Stop Sending Out My IP Address.
« Reply #20 on: November 29, 2007, 05:30:25 PM »

Yes but smoothwall is presumably routing rather than NATing? You can (IIRC) get it to do both. If the IP address you see on the sites your daughter visits is in the block Eclipse gave you and isn't the one you assigned to the smoothwall box then smoothwall is routing rather than NATing.

Why (if you don't mind me asking) do you need multiple public IP addresses anyway? I'm not suggesting you shouldn't have them - even if you're just playing about with them (I did this on AAISP :) ) - but having a block does make you a lot more visible. Eg - I wouldn't care what results I saw from a scan, if there's a block assigned then there's a network there :)
Logged

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)
Re: How To Stop Sending Out My IP Address.
« Reply #21 on: November 29, 2007, 10:23:13 PM »

Smoothwall does the routing and Nats in this set up, hence the need for a block of IP's.
The IP address on my daughters machine is the same one as Eric can see the internet facing one, it's the same IP on all my network machines.
My network runs on 198.168.x.x. range.

Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

jabns

  • Reg Member
  • ***
  • Posts: 247
Re: How To Stop Sending Out My IP Address.
« Reply #22 on: November 29, 2007, 11:33:16 PM »

I have a /28 block and i just did a whois and it does not have any of my details on them.

Ohh - You could get my surname if you do an rDNS lookup on the IP they are routed through  :lol:

If you are very worried check out TOR.

PS* Add the dans guardian module to Smoothwall and ban Myface and Spacebook(me trying to be funny). I am curently using Linux from scratch and making my own firewall to filter ads, phishing and do av ect......
Logged

roseway

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 43467
  • Penguins CAN fly
    • DSLstats
Re: How To Stop Sending Out My IP Address.
« Reply #23 on: November 30, 2007, 07:14:27 AM »

>> Smoothwall does the routing and Nats in this set up, hence the need for a block of IP's.

Well, rizla may correct me again here, but if you've got no internet-facing servers and you're using NAT, then you only need one external IP address. The NAT function will relate a single external address to multiple internal addresses. This is of course what most routers do.
Logged
  Eric

jabns

  • Reg Member
  • ***
  • Posts: 247
Re: How To Stop Sending Out My IP Address.
« Reply #24 on: November 30, 2007, 07:59:37 AM »

It can vary from setup to setup but usually in a RED+GREEN setup you would:

(Pretend are IP Block is a /28 with 16 IPs and 14 usable: 999.999.999.100 - 999.999.999.116

Modem = 999.999.999.100 (NAT would be disabled and it would just be left to route to the smoothwall)
Smoothwall RED = 999.999.999.101
Smoothwall GREEN = 999.999.999.102
DHCP = 999.999.999.103 - 999.999.999.115
Broadcast = 999.999.999.116

That how i do my firewall. Its not smoothwall but the fundamentals are the same.

James
Logged

guest

  • Guest
Re: How To Stop Sending Out My IP Address.
« Reply #25 on: November 30, 2007, 08:50:11 AM »

The only valid reason I can think of for requiring multiple IPs is if you're running multiple SSL hosts.

I think these days that virtualisation covers any cross-platform requirements. Possibly some games if you're hosting multiple servers but usually the ports can be changed - game hosting companies do it all the time and most wouldn't install the server unless the port number could be changed. Multiple VoIP phones work fine behind most NAT implementations - perhaps if you were running asterisk having more than one IP address would be easier.

I'm struggling to think of anything else apart from some broken VPN software.......

That's no reason not to have them if you want them of course :)
Logged

guest

  • Guest
Re: How To Stop Sending Out My IP Address.
« Reply #26 on: November 30, 2007, 08:55:54 AM »

Quote
If you are very worried check out TOR.

I ran an exit server for some time and I wouldn't touch Tor unless you trust the exit server. It's trivially simple to set one up (for example) to only accept SSL traffic, then should you be so inclined, you simply capture all the traffic to disk. Nice easy way of getting usernames & passwords. They were told about this AGES ago but didn't take a lot of notice. Of course you could permit all http/ssl traffic and capture that as all you'd require is more storage space/patience.

Its surprising how many people forget they have Tor turned on when they access secure sites :(
Logged

jabns

  • Reg Member
  • ***
  • Posts: 247
Re: How To Stop Sending Out My IP Address.
« Reply #27 on: November 30, 2007, 09:52:45 AM »

Quote
The only valid reason I can think of for requiring multiple IPs is if you're running multiple SSL hosts.

Yup. I am running 2 SSL hosts and the other reason i NEED mine is for multiple xbox 360s. I thought that MS would have made it so you had say three sets of ports you could use(most people won't have more than 3 boxes). There again it is MS were on about here.

1 other use i can think of is load balancing but most homes don't have that. I sometime switch to LB if the my MX server is getting bombed and is slowing down my network.


Yeah i don't like TOR at all but i am also not to bothered about been visible as i have 2 MX servers 2x HTTPD and 2x SQL all publicly available. Besides getting SPAMed has been quite a "fun" learning experiance trying to prevent it. Although businesses probably would not call it that.
Logged

guest

  • Guest
Re: How To Stop Sending Out My IP Address.
« Reply #28 on: November 30, 2007, 12:11:08 PM »

You can't put more than one XBox 360 behind NAT? Total muppets but as you say its MS :(

I assume you're using Spamhaus' Zen blocking list? That plus a couple of manual blocklists and some heuristics got me down to 8 spams/day accepted by the mx. I worked out that over the course of 2006 my mx rejected 99.987% of connections made to it at the smtp envelope stage. I use Mailtraq which, despite being a Win32 app,  is probably the most stable piece of software I "own" :) I thoroughly recommend it to anyone.
Logged
Pages: 1 [2]