Security Basics mailing list archives
Re: security based on IP address
From: JGrimshaw () ASAP com
Date: Mon, 1 Mar 2004 14:53:15 -0600
Hi Amit, I agree with you that your ISP very likely provides an internet protocol address for access to the internet. I have not seen many other ways of connecting. When you say static, does this mean that you have manually entered in your own address, including DNS, gateway, subnet mask and other such settings? To answer your questions: 1) It is highly likely that if they are assigning static addresses, that you also had to provide the MAC address of the device that is connecting to them, or that your service provider technician phoned that data in when setting up your connection. My cable modem provider required a MAC address, and it is associated to me. At work my router indeed has a static address, but if I want the correct traffic to reach me, I have to use it. But your question appears to be about getting free service, so I will continue rather than detract. I would have to expect that they would notice if your MAC address suddenly came up with another IP address associated with it. Even if they did not ask you, they could have captured it at their router or proxy closest to you. The MAC address exists in their switch tables regardless of whether or not someone asked you. 2) You can type in any static address that you desire, but if it is in use, you will most certainly come into constraints. Let's pretend you chose to use 207.46.245.214 as your address, and that 207.46.245 /24 is your network address. I am thinking the owner of that address would be come angry with you. Also, messages will pop up on any other device with such an IP address already in use. Likely, that customer will call the ISP and question why this is happening if they were statically assigned a special IP just for them. The ISP will look in their proxy or router tables, and find your previously used MAC address. Then you will have to talk your way out of a hard situation. You could very likely be charged with one of those new Cybercrime laws. Not good. 3) (You did not ask a 3, but I know you are thinking it), You COULD use a different MAC address, be it a different card, dls modem, cable modem, router or what-have-you, but the situation would still persist. They would recognize the address is not a valid one on their network, and ban or delete it from their proxy/router. Furthermore, with this case as well as your second question, their technical staff would be able to examine their ARP table to determine where the MAC was connecting from (a given port on a switch, loc, and so forth), and trace it back to where your physical connection resides. If you recall the story about Teekid (the Blaster variant author[I think that was his nickname]), they just found his name in the virus, associated his name with an IP address from security forum posts and IRC chats, took the IP to the ISP, and within a short time went to his house and took him away. His parents continually stated that he was not a genius and could not have written viruses, but geniuses generally do not get caught, I think, nor do they post their intentions before carrying out such actions. I would not advise in engaging in such activities. Amit Sharma <amit.sharma () linuxwaves com> 02/29/2004 02:02 AM To security-basics () securityfocus com cc Subject security based on IP address Hi there, My ISP provides internet access based on IP address. As in, he gives static IP addresses to its customers and allows/disallow internet access based on the same. 1. What am wondering at is, what if my ip address is blocked but I take over somebody else's ip address and try to connect to the internet? Will the ISP's proxy detect this? This leads to the second question.. 2. Can I take over the ip address of a system that is already up? Gracias, Amit --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_security-basics_040301 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_security-basics_040301 ----------------------------------------------------------------------------
Current thread:
- security based on IP address Amit Sharma (Mar 01)
- RE: security based on IP address patrick (Mar 01)
- Re: security based on IP address JGrimshaw (Mar 01)
- RE: security based on IP address Aditya, ALD [Aditya Lalit Deshmukh] (Mar 03)