dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2208
share rss forum feed


DrDrew
That others may surf
Premium
join:2009-01-28
SoCal
kudos:16

4 edits
reply to MaynardKrebs

Re: Identity by IP.

said by MaynardKrebs:

Power your modem off for 60 minutes.
This should be more than enough time to get a new IP from even on the least busy TWC upstream routers. Cable routers tend to hold the IP/physical line association a bit longer than do the telco's dynamic xDSL addresses assignments.

Yeah... that usually doesn't work since the lease time is usually many hours. The device MAC address is linked to the IP lease in the DHCP server records, so the same MAC address will be issued the same IP address as long as it's available. The currently assigned IP won't be reissued to another user until the lease expires AND all other IPs in that DHCP scope are issued. CSRs can't change an IP either, they have no access to the DHCP servers.

Many cable users hang on to the same IP for weeks and months even if they power off the modem every night. Major equipment changes or large outages are frequently the only reason it changes without end user intervention.

The only sure way to get a new public IP on demand is to change MAC addresses of the device requesting the public IP, power cycle the modem, and have the device request a new lease.... but that won't work if it's a combo router modem.

This is the way the majority of major north American cable ISPs operate.
--
Two is one, one is none. If it's important, have a back up... 99.999% availability just isn't enough sometimes.


The Shadow
Premium
join:2013-04-18
kudos:5
Reviews:
·Champion Broadba..
·Time Warner Cable
reply to NormanS
said by NormanS:

said by The Shadow:

Oh, my privacy is or was never the issue. It was simply that I am getting someone else's "mail" with the sender thinking that I am the addressee formerly associated with new IP.

Email is not delivered to IP addresses; not at that level.

Thanks, I know. I wasn't referring to email. Hence the quotes around "mail."


The Shadow
Premium
join:2013-04-18
kudos:5
Reviews:
·Champion Broadba..
·Time Warner Cable
reply to MaynardKrebs
The way TWC system is set up that services me I cannot change the dynamic IP. All ready have tried all the methods and TWC has confirmed that no action from my end can change it. It will change when TWC reassigns IPs per whatever criteria for IP changes happens at their end.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
Hmm, I guess they must use static allocation (assign IP by MAC) which must be a real pain to maintain.
--
Don't feed trolls--it only makes them grow!


DrDrew
That others may surf
Premium
join:2009-01-28
SoCal
kudos:16
said by StuartMW:

Hmm, I guess they must use static allocation (assign IP by MAC) which must be a real pain to maintain.

It's all automatically maintained by the DHCP servers. No real pain at all. Using your link, it's closer to what they call "automatic allocation".
--
Two is one, one is none. If it's important, have a back up... 99.999% availability just isn't enough sometimes.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
Doesn't someone have to manually enter the MAC to IP mapping at some point?

I use static allocation on my home network so I don't have to run local DNS.
--
Don't feed trolls--it only makes them grow!

TheWiseGuy
Dog And Butterfly
Premium,MVM
join:2002-07-04
East Stroudsburg, PA
kudos:3
Reviews:
·Optimum Online
reply to StuartMW
I believe most Cable operators use automatic allocation. The IP address is linked to the MAC address of the Consumer Premise Device. In the case of a combo router/modem you would need either access to the router config and be able to clone a new MAC address to change the IP. I do not know if the combos allow that type of access.

said by your wiki link :

automatic allocation: The DHCP server permanently assigns a free IP address to a requesting client from the range defined by the administrator. This is like dynamic allocation, but the DHCP server keeps a table of past IP address assignments, so that it can preferentially assign to a client the same IP address that the client previously had.


--
Warning, If you post nonsense and use misinformation and are here to argue based on those methods, you will be put on ignore.


DrDrew
That others may surf
Premium
join:2009-01-28
SoCal
kudos:16

2 edits

1 recommendation

reply to StuartMW
said by StuartMW:

Doesn't someone have to manually enter the MAC to IP mapping at some point?

I use static allocation on my home network so I don't have to run local DNS.

Nope. The DHCP server issues the IP from an assigned scope based on CMTS configuration. The DHCP server will place the requesting device MAC in a database with the IP issued. It'll only reuse the IP if the lease is expired AND there are no other IPs left in the scope.

A major outage taking down modems past their lease times, odd DHCP database problem, CMTS config change, or forced database change by an Engineer with access are some of the few ways the IPs will change from the provider side.

Otherwise the end user can change MAC addresses, reset the modem, and request a new lease. A release/renew cycle or leaving the modem off for a few minutes, hours, or days (depending on IP lease churn) won't clear the DHCP server records so the same IP will be reissued.

--
Two is one, one is none. If it's important, have a back up... 99.999% availability just isn't enough sometimes.


The Shadow
Premium
join:2013-04-18
kudos:5
Reviews:
·Champion Broadba..
·Time Warner Cable
said by DrDrew:

The DHCP server issues the IP from an assigned scope based on CMTS configuration. The DHCP server will place the requesting device MAC in a database with the IP issued. It'll only reuse the IP if the lease is expired AND there are no other IPs left in the scope.

A major outage taking down modems past their lease times, odd DHCP database problem, CMTS config change, or forced database change by an Engineer with access are some of the few ways the IPs will change from the provider side.

Otherwise the end user can change MAC addresses, reset the modem, and request a new lease. A release/renew cycle or leaving the modem off for a few minutes, hours, or days (depending on IP lease churn) won't clear the DHCP server records so the same IP will be reissued.

That's it. The last paragraph is especially applicable or relevant to the average user. Believe me, I know.


kontos
xyzzy

join:2001-10-04
West Henrietta, NY
reply to The Shadow
said by The Shadow:

The way TWC system is set up that services me I cannot change the dynamic IP. All ready have tried all the methods and TWC has confirmed that no action from my end can change it.

It is doubtful that that is correct. Change the reported MAC address of the device that is directly connected to your modem, and then power-cycle the modem, and you should have a new IP address. If your PC is what is connected to the modem, you can probably change the hardware address in the driver config for you network card. A router will have at least a 'clone' option in the WAN setup area.


The Shadow
Premium
join:2013-04-18
kudos:5
Redacted.


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Clearwire Wireless
·Time Warner Cable
said by The Shadow:

You don't know my hardware setup.

Is this a game of guess?
I had previously asked what service you were running that was communicating with the 2nd party.
It's not secret stuff -


humanfilth

join:2013-02-14
cyber gutter
reply to The Shadow
said by The Shadow:

Oh, my privacy is or was never the issue. It was simply that I am getting someone else's "mail" with the sender thinking that I am the addressee formerly associated with new IP. They have no idea that I am not the addressee and the information is not going to their addressee.

From back in the XP days and its 'administrative messenger' service, spammers found out that it was on by default and they could send 'mail' to an IP address.
»support.microsoft.com/kb/330904

Oh the lovely porn spam that people got popping up on their screen.
The program was meant for in-office private network communications and not for direct-internet connected computers.


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:12
Reviews:
·SONIC.NET
·Pacific Bell - SBC
reply to The Shadow
said by The Shadow:

Thanks, I know. I wasn't referring to email. Hence the quotes around "mail."

Well, sir; my crystal ball is in the shop and I am fresh out of WAGs.
If you really want to know, give us something to work with.

P.S. I have futzed around with Charter, and Comcast. Always able to force an IP address change by changing the CPE MAC address.

My guess is that you have a totally alien rig based on weird science.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to The Shadow
You don't have a router? How come? Everyone should have a router.


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Clearwire Wireless
·Time Warner Cable

1 recommendation

reply to NormanS
said by NormanS:

Well, sir; my crystal ball is in the shop and I am fresh out of WAGs.

Since when is your crystal ball being in the shop become the OP's problem?
Get the damn thing tuned & stop laying blame on other people.
/sarcasm

said by NormanS:

If you really want to know, give us something to work with.

You do realize this is a public forum?
/sarcasm

If you question a question you end up with a double question (Qx2) that will often obscure the original questions intent making it subordinate to the question asked in relative terms to the original question (Qx1) while also creating a conundrum of sorts as explained below.
Qx1+Qx2 -logic=Qxyy=

/silliness


The Shadow
Premium
join:2013-04-18
kudos:5
Reviews:
·Champion Broadba..
·Time Warner Cable
reply to Mele20
said by Mele20:

You don't have a router? How come? Everyone should have a router.

Because I neither desire or need one. YMMV.

Regardless, moving back on topic my OP question was kindly answered completely in the thread and I appreciate everyone's comments and input.

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
Everyone needs a router for security.


NormanS
I gave her time to steal my mind away
Premium,MVM
join:2001-02-14
San Jose, CA
kudos:12
Reviews:
·SONIC.NET
·Pacific Bell - SBC
said by Mele20:

Everyone needs a router for security.

There are a number of reasons why I got a router. Security was not one of them.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum

dave
Premium,MVM
join:2000-05-04
not in ohio
kudos:8
Reviews:
·Verizon FiOS
said by NormanS:

There are a number of reasons why I got a router.

I have a router to do routing


mackey
Premium
join:2007-08-20
kudos:12
reply to Mele20
said by Mele20:

Everyone who runs a Microsoft OS needs a router for security.

FTFY.

/M


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3
said by mackey:

said by Mele20:

Everyone who runs a Microsoft OS needs a router for security.

FTFY.

/M

I'd happily put a Windows 7 system in default configuration directly on the internet for you to demo how you would hack it, or could you otherwise explain why 'everyone who runs a Microsoft OS needs a router for security'?

Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Clearwire Wireless
·Time Warner Cable
said by Link Logger:

said by mackey:

said by Mele20:

Everyone who runs a Microsoft OS needs a router for security.

FTFY.

/M

I'd happily put a Windows 7 system in default configuration directly on the internet for you to demo how you would hack it, or could you otherwise explain why 'everyone who runs a Microsoft OS needs a router for security'?

The threat landscape is a moving target & you know that.
"I'd happily put...
Is not the same thing as saying "I routinely put...

So you'd face a bare bones W7 at the net without a router for some defined length of time & with the absence of it being hacked you'd claim that a default W7 is un-hackable?
The only thing that would prove is that a default config of W7 without a router wasn't hacked during that time frame.

Anyway, a successful attack on a W7 default config is just a matter of when so not using a router or some form of hardware firewall is not based on any security platform that I'm aware of.


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3
said by Snowy:

The threat landscape is a moving target & you know that.
"I'd happily put...
Is not the same thing as saying "I routinely put...

So you'd face a bare bones W7 at the net without a router for some defined length of time & with the absence of it being hacked you'd claim that a default W7 is un-hackable?
The only thing that would prove is that a default config of W7 without a router wasn't hacked during that time frame.

Anyway, a successful attack on a W7 default config is just a matter of when so not using a router or some form of hardware firewall is not based on any security platform that I'm aware of.

What I take exception to is people who claim that Windows is inherently more insecure then any other OS and that it needs a router more then any other OS. I'd have no problem at all putting a Windows 7 system directly on the internet and do all the time when I travel (I run Windows 8 which again I have no problem connecting directly to the internet and routinely do when I travel). Windows has its own built in firewall (enabled by default) which blocks unsolicited inbound traffic, and the reality is the OS is rarely the problem and the user is a far bigger risk then the OS. I would think that Pwn2Own pretty much shoots down the idea that any OS is better then any other, and the reality is user involvement is required as the OS on its own is pretty dam secure anymore. So ultimately the question is, why do I need a router? Do I need it more for security or routing, I need it more for routing as any attack I should be worried about is likely initiated by me so the router isn't likely to help much as typically they only block unsolicited inbound traffic.

Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Clearwire Wireless
·Time Warner Cable
said by Link Logger:

What I take exception to is people who claim that Windows is inherently more insecure then any other OS and that it needs a router more then any other OS.

What I took exception to was the parameters of the experiment you proposed to prove your point.

said by Link Logger:

I'd happily put a Windows 7 system in default configuration directly on the internet for you to demo how you would hack it, or could you otherwise explain why 'everyone who runs a Microsoft OS needs a router for security'?

Just for starters, your test machine is not representative of anything real so how does that offer any real world conclusions?
A single W7 machine facing the net but never accessing the net for any reason?
Who does that?
Your latest reply is much more credible than the experiment reply & it actually touches one of the flaws I took exception with in your hypothetical experiment.

said by Link Logger:

So ultimately the question is, why do I need a router? Do I need it more for security or routing, I need it more for routing as any attack I should be worried about is likely initiated by me

The experiment completely took the user out of the equation which takes it out of the realm of reliable methodology.


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3
The original statement:

quote:
Everyone who runs a Microsoft OS needs a router for security.
Why is a router needed for everyone who runs a Microsoft OS? A default configuration machine is totally representative as a baseline test, as the statement made no reference to anything other then a MS OS.

Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Clearwire Wireless
·Time Warner Cable
said by Link Logger:

A default configuration machine is totally representative as a baseline test, as the statement made no reference to anything other then a MS OS.

Bingo!~
Q. Totally representative of what?

A. Totally representative of a machine that doesn't represent anything in the real world let alone prove anything relevant to this thread, world, universe...

I'm not agreeing or disagreeing with your opinion re a need for routers but how you've tried to 'prove' it is void of science & needed to be challenged just in case anyone put any credence in the hypothetical experiment as proof of something.


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3
Would you agree that the initial statement was bogus ('Everyone who runs a Microsoft OS needs a router for security.')?

Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool


Snowy
Premium
join:2003-04-05
Kailua, HI
kudos:6
Reviews:
·Clearwire Wireless
·Time Warner Cable
said by Link Logger:

Would you agree that the initial statement was bogus ('Everyone who runs a Microsoft OS needs a router for security.')?

Bogus?
That's an interesting term to use considering the proposed experiment...

A bogus statement?
No
It's no different than any other generalization, sometimes true, sometimes not but not 'bogus'.


Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3
So if I said

'Everyone who runs Linux needs a router for security.' is a valid generalization, sometimes true, sometimes not but not 'bogus'?

Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool