[wplug] Request Same IP?

abe at beerhouse.net abe at beerhouse.net
Mon Mar 31 12:13:10 EST 2003


> I'd suggest installing some sort of firewalling sofware, IPTables works
> wonders, for your security needs. Most probes/attacks will come from
> scans by someone who scans an entire block of IPs. Your ISPs block of
> IPs only contains so many IPs. In this case, a dynamic IP within the
> same block is a false sense of security. Let's think in "script kiddie"
> terms here:

mike's absolutely correct.  a dynamic ip shouldn't be mistaken as any
means of security.  certainly it might make you harder to track as a
target, but unless it's personal, most attacks are just "find the weakest
target and comprimise it."  once comprimised, if comprimised, a dynamic ip
won't help as the rootkits mike mentioned establish the connection for
subsequent attacks or probes.  so the attacker doesn't have to know where
you are.

in particular, with dhcp on both the client and server side .. i know
leases often times expire but the exact nature of the release and renew
process depend heavily on the configuration.  i don't know all of the
details as i've never needed to :P  i could only suggest the man pages to
see if there's any way to force the release of an ip and attempt to get a
new one.  good luck :P


abe

p.s.  get your firewall up! :)

> On Monday, March 31, 2003, at 08:50 AM, Kubbie wrote:
>
>> No, no offense taken.  Yes, DHCP is a service, and I was thinking
>> having the
>> same IP constantly is a little less secure.  Maybe not changing IP
>> addresses
>> every time I boot up the machine, but occasionally getting a new one
>> makes
>> the machine a little harder to find "IF" anyone was trying to do
>> anything
>> malicious.
>> If I am understanding what the below line means when it boots up (and
>> I am
>> still very new to Linux and this interpretation may be incorrect)
>> Linux is
>> sending a request every time it boots to get the same IP address (if
>> it is
>> available), rather than letting the ISP just assign a random one.  I
>> was
>> just wondering if there was a way to have it stop requesting this.
>>
>> -----Original Message-----
>> From: wplug-admin at wplug.org [mailto:wplug-admin at wplug.org]On Behalf Of
>> abe at beerhouse.net
>> Sent: Sunday, March 30, 2003 1:47 PM
>> To: wplug at wplug.org
>> Subject: Re: [wplug] Request Same IP?
>>
>>
>>> Hi, I have a question...  I am using Slackware.  Everytime I boot my
>>> machine which is a firewall/DHCP I see as it boots up Broadcasting
>>> DHCP_REQUEST for xxx.xxx.xxx.xxx (same IP address as before).
>>
>> by "firewall/DHCP" do you mean you offer dhcp as a service?  or just a
>> client ..
>>
>>> Is there a way to force it to request a new IP every time?  I am
>>> using ATTBI/Comcast and do not believe they assign IP (not positive
>>> though).
>>
>> are you asking if it's possible to request a different ip each time
>> your
>> client requests an ip?  i'm not sure if this operation is possible on
>> the
>> client side .. and furthermore, i don't see the point (just stating my
>> opinion ... not meant to sound rude or anything).  in fact, a more
>> constant ip is often times more desirable (and hence, a lot of isps
>> charge
>> for this type of service).
>>
>> dunno if this cleared anything up ... but if it didn't, would you mind
>>  my
>> asking why you would prefer a more strictly dynamic ip?  might help us
>> suggest some solutions :)  have a good night
>>
>>
>> --
>> abe
>>
>>
>> _______________________________________________
>> wplug mailing list
>> wplug at wplug.org
>> http://www.wplug.org/mailman/listinfo/wplug
>>
>>
>> _______________________________________________
>> wplug mailing list
>> wplug at wplug.org
>> http://www.wplug.org/mailman/listinfo/wplug
>>
>>
>
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug


-- 
abe





More information about the wplug mailing list