A few questions…

de.bug asked 2 years ago

Hi, i'm de.bug !

A few questions; hoping you guys can answer for me.

1) If the max digit of IP is 255.255.255 , obviously somone is using the same IP somewhere. Now, say you and somone else are using the same IP address, and he gets banned from a site, are you banned as well (if its an IP ban)

2) How do you close ports? How do you deny access to intruders from ports? What exactly are ports?

3) Other then IP address, connecting port, Username/ID/email/ and other Profile information submited, how can you be tracked?

4) How do you use more then one proxy? Example of what i think, correct me if i'm wrong.

Firefox->Proxy#1->(straight from proxy1)Proxy#2->Proxy3

If that is how it works, how exactly is that better? I mean, thats just switching proxys alot!

5) How do sites know that your using a proxy? You must be being tracked via another way if they know your location doesn't match your IP...

Much thanks, I really want to learn this, and google doesn't really help!

2 Answers
Steve Bonilla Staff answered 2 years ago

Thanks for your question!

[QUOTE=de.bug;1619]1) If the max digit of IP is 255.255.255 , obviously somone is using the same IP somewhere. Now, say you and somone else are using the same IP address, and he gets banned from a site, are you banned as well (if its an IP ban)[/QUOTE]

Well, you likely do not share and Internet IP with someone else. I suppose the range now is 0.0.0.0 - 255.255.255.255. These are decimal
representations of binary IP addresses: 00000000.00000000.00000000.00000000 - 11111111.11111111.11111111.11111111

This of course is IPv4, IPv6 is coming out or is out (I'm not sure really) and it has a much broader range.

So, since IP addresses are limited, not every PC in the world has an Internet IP... actually very few do. In a typical home connection, the router has the Internet IP, and it shares that one IP out to others on the LAN, and assigns the LAN local IPs that typically begin with 192.168. Think of the Internet IP as a phone number, and the 192.168 IPs as the phone extensions.

[QUOTE=de.bug;1619]2) How do you close ports? How do you deny access to intruders from ports? What exactly are ports?[/QUOTE]

Ports are virtual points of access. It is kind of hard to explain, but specfic applications and services are designed to listen to specific ports. Most firewalls will simply close off all the ports unless one is needed to be opened by a connection that was initiated by your host.

[QUOTE=de.bug;1619]3) Other then IP address, connecting port, Username/ID/email/ and other Profile information submited, how can you be tracked? [/QUOTE]

Many ways depending on what you are doing. Address, name, phone number, ISP, etc...

[QUOTE=de.bug;1619]4) How do you use more then one proxy? Example of what i think, correct me if i'm wrong.

Firefox->Proxy#1->(straight from proxy1)Proxy#2->Proxy3

If that is how it works, how exactly is that better? I mean, thats just switching proxys alot![/QUOTE]

I've always wondered this myself...

[QUOTE=de.bug;1619]5) How do sites know that your using a proxy? You must be being tracked via another way if they know your location doesn't match your IP...[/QUOTE]

This I would like to know also, I guess it has something to do with the data that's being used with the request packet, but am unsure.

Google does help, you just need to know what to search for 🙂

bryanergy answered 2 years ago

[QUOTE=de.bug;1619]Hi, i'm de.bug !

de.bug wrote:
> 2) How do you close ports? How do you deny access > to intruders from ports? What exactly are ports?
[/QUOTE]

Close (or, rather, prevent attack from outsiders):

Best way is to use a NAT router (maybe you already are - google for "shields up", or maybe WhatIsMyIp has a similar service. If you are using a NAT router, most ports will be BETTER than closed; they will be 'stealth'. This will deny access to most intruders. A closed port means the machine will answer with packet that means "I have such a port, but it's closed". A 'stealth' port means your machine will not even acknowledge the request at all, making you less desirable to attack.

Many routers have UPNP (Universal Plug and Play), which regrettably will weaken security - if you are already infected, UPNP might allow your machine to form its own route through the router. In some cases an attack may go in stages, with the first stage opening the router from inside your home network, and the next stage attacking your machine from outside.

[QUOTE=de.bug;1619]Hi, i'm de.bug !
> What exactly are ports?
[/QUOTE]

Ports are numbers from 0-65535 decimal (two bytes within each IP packet). Many of the numbers have important meaning that are agreed upon by almost all computers in the world. For example, when your computer wants to look at a www page, it has to "look up" the address. This will certainly contact a DNS service, sending a UDP packet to destination port 53 of a DNS server, from a random source port (example, 58709) on your computer. Your NAT router will recognize your computer making the request, and allow a route back from the server's port 53 to the same random port on your machine that the request came from (e.g. 58709). All the rest of the time, the router will prevent anyone from reaching your computer, to even know there ever was a port 58709.

The packet from the DNS service will provide the IP address that your machine needs to actually reach the www site. Then your machine will contact that IP address using TCP, destination port 80, from another random source port on your machine. Again the NAT router will create a return path when needed, but leave your machine 'invisible' the rest of the time.

So, the problem is not how to 'close' an open port, but how to block it from being opened at all. If you plug your PC directly into cable modem, any services your machine is running might be available to any attacker. When broadband was new, people were surprised to learn that their ENTIRE HARD DRIVE was published to the Internet by services that Windows had already running by default. Then users had to deliberately turn things off. This is why Steve Gibson wrote the Shields Up! service. Windows has corrected most of these problems, but having a NAT router means lots less to worry about.

I learned about "whatismyip.com" listening to a podcast with Leo Laporte and Steve Gibson. So here are relevant links to Steve's presentations on ports:

[url]http://www.grc.com/su-ports.htm[/url]

[url]http://GRC.com/securitynow[/url]
"Ports"
Scroll down to episode 43
Get the audio, text, or PDF
[url]http://www.grc.com/sn/sn-043.pdf[/url]

Direct links to any port in "Port Authority":
[url]http://www.grc.com/port_53.htm[/url]
[url]http://www.grc.com/port_80.htm[/url]

[QUOTE=de.bug;1619]Hi, i'm de.bug !
Much thanks, I really want to learn this, and google doesn't really help![/QUOTE]

Sure it does, but you will get more useful results if you add enough words to focus your interest. For example:
[url]http://en.wikipedia.org/wiki/Ipv4[/url]

Know the answer? Login or sign up for an account to answer this question.
Sign Up