[wplug] Request Same IP?

Mike Griffin mike at dmrnetworks.com
Mon Mar 31 09:14:18 EST 2003 

I'd suggest installing some sort of firewalling sofware, IPTables works 
wonders, for your security needs. Most probes/attacks will come from 
scans by someone who scans an entire block of IPs. Your ISPs block of 
IPs only contains so many IPs. In this case, a dynamic IP within the 
same block is a false sense of security. Let's think in "script kiddie" 
terms here:

1.  Found this new apache vulnerability.
2.  Found this script which will do all the work for us if we find a 
computer which is
       running the said version of apache.
3.  Let's scan the IP blocks of 194.131.0.0 - 194.131.250.0
4.  Found a machine with the vulnerability, run our little exploit 
script.
5.  Install a root kit. - We need some means of getting back into the 
machine

All of this can be done in a matter of minutes.


Mike


On Monday, March 31, 2003, at 08:50 AM, Kubbie wrote:

> No, no offense taken.  Yes, DHCP is a service, and I was thinking 
> having the
> same IP constantly is a little less secure.  Maybe not changing IP 
> addresses
> every time I boot up the machine, but occasionally getting a new one 
> makes
> the machine a little harder to find "IF" anyone was trying to do 
> anything
> malicious.
> If I am understanding what the below line means when it boots up (and 
> I am
> still very new to Linux and this interpretation may be incorrect) 
> Linux is
> sending a request every time it boots to get the same IP address (if 
> it is
> available), rather than letting the ISP just assign a random one.  I 
> was
> just wondering if there was a way to have it stop requesting this.
>
> -----Original Message-----
> From: wplug-admin at wplug.org [mailto:wplug-admin at wplug.org]On Behalf Of
> abe at beerhouse.net
> Sent: Sunday, March 30, 2003 1:47 PM
> To: wplug at wplug.org
> Subject: Re: [wplug] Request Same IP?
>
>
>> Hi, I have a question...  I am using Slackware.  Everytime I boot my
>> machine which is a firewall/DHCP I see as it boots up Broadcasting
>> DHCP_REQUEST for xxx.xxx.xxx.xxx (same IP address as before).
>
> by "firewall/DHCP" do you mean you offer dhcp as a service?  or just a
> client ..
>
>> Is there a way to force it to request a new IP every time?  I am using
>> ATTBI/Comcast and do not believe they assign IP (not positive though).
>
> are you asking if it's possible to request a different ip each time 
> your
> client requests an ip?  i'm not sure if this operation is possible on 
> the
> client side .. and furthermore, i don't see the point (just stating my
> opinion ... not meant to sound rude or anything).  in fact, a more
> constant ip is often times more desirable (and hence, a lot of isps 
> charge
> for this type of service).
>
> dunno if this cleared anything up ... but if it didn't, would you mind 
> my
> asking why you would prefer a more strictly dynamic ip?  might help us
> suggest some solutions :)  have a good night
>
>
> --
> abe
>
>
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
>
>
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
>
>

More information about the wplug mailing list