[wplug] Request Same IP?
Mike Griffin
mike at dmrnetworks.com
Mon Mar 31 09:14:18 EST 2003
I'd suggest installing some sort of firewalling sofware, IPTables works
wonders, for your security needs. Most probes/attacks will come from
scans by someone who scans an entire block of IPs. Your ISPs block of
IPs only contains so many IPs. In this case, a dynamic IP within the
same block is a false sense of security. Let's think in "script kiddie"
terms here:
1. Found this new apache vulnerability.
2. Found this script which will do all the work for us if we find a
computer which is
running the said version of apache.
3. Let's scan the IP blocks of 194.131.0.0 - 194.131.250.0
4. Found a machine with the vulnerability, run our little exploit
script.
5. Install a root kit. - We need some means of getting back into the
machine
All of this can be done in a matter of minutes.
Mike
On Monday, March 31, 2003, at 08:50 AM, Kubbie wrote:
> No, no offense taken. Yes, DHCP is a service, and I was thinking
> having the
> same IP constantly is a little less secure. Maybe not changing IP
> addresses
> every time I boot up the machine, but occasionally getting a new one
> makes
> the machine a little harder to find "IF" anyone was trying to do
> anything
> malicious.
> If I am understanding what the below line means when it boots up (and
> I am
> still very new to Linux and this interpretation may be incorrect)
> Linux is
> sending a request every time it boots to get the same IP address (if
> it is
> available), rather than letting the ISP just assign a random one. I
> was
> just wondering if there was a way to have it stop requesting this.
>
> -----Original Message-----
> From: wplug-admin at wplug.org [mailto:wplug-admin at wplug.org]On Behalf Of
> abe at beerhouse.net
> Sent: Sunday, March 30, 2003 1:47 PM
> To: wplug at wplug.org
> Subject: Re: [wplug] Request Same IP?
>
>
>> Hi, I have a question... I am using Slackware. Everytime I boot my
>> machine which is a firewall/DHCP I see as it boots up Broadcasting
>> DHCP_REQUEST for xxx.xxx.xxx.xxx (same IP address as before).
>
> by "firewall/DHCP" do you mean you offer dhcp as a service? or just a
> client ..
>
>> Is there a way to force it to request a new IP every time? I am using
>> ATTBI/Comcast and do not believe they assign IP (not positive though).
>
> are you asking if it's possible to request a different ip each time
> your
> client requests an ip? i'm not sure if this operation is possible on
> the
> client side .. and furthermore, i don't see the point (just stating my
> opinion ... not meant to sound rude or anything). in fact, a more
> constant ip is often times more desirable (and hence, a lot of isps
> charge
> for this type of service).
>
> dunno if this cleared anything up ... but if it didn't, would you mind
> my
> asking why you would prefer a more strictly dynamic ip? might help us
> suggest some solutions :) have a good night
>
>
> --
> abe
>
>
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
>
>
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
>
>
More information about the wplug
mailing list