ip security.

[Prankster]

Hello

Correct me if I am wrong : A firewall is supposed to stop hackers gaining a connection to your computer. Is that right?

Question 1: Is a firewall supposed to stop your ip address from geting out of your computer? eg: stopping people from finding out your ip address.

Question 2 : If my firewall (Norton) is not doing this, and is a capable of doing it, then how do I configure it to do it?

Question 3 : If my firewall (Norton) is not capable of doing this, then is there a program that I can get off the net, that is capable of doing it?

Please could someone help with my three questions? I have read throught the Newbie FAQ and counldn't find the answer to this there, sorry if this post is in the wrong forum, forgive me.

Cheers, P

[Geric]

I think you are talking more about NAT (Network Address Translation) than a firewall. However some firewalls (usually hardware i.e. cable/dsl rotuers) do this automatically. (thats how multiple people get on at the same time). Gonna need som more info to be a little more helpful. How do you connect to the internet? Why do you want to hide your real IP? Other than it being the first major step in securing your box. Just wanted to know if you needed to dod something specific. Hopefuly someone will be along soon who has more working knowlege of Noton than I do... but I'll see what I can find.

[Valor]

Well, a firewall is supposed to 'help' against hackers gaining a connection to your computer. Don't solely depend on that though, which I'm sure you've found out by reading all of the newbie faq's.

Ok, as to question 2 - No

Question 3 - No

An IP address is sent in your IP header, and is needed for every packet sent from your computer to another computer. In the IP header is your (source) IP address, and the receiver's (destination) IP address.

And that's about it.

[Valor]

The best thing I would do is to spoof your IP. Read up on IP spoofing.

[emrys]

as for making sure (or atleast trying) to keep ur ip a secret firewalls usually dont do it....they are there to forbid or give access to connecting to the pc...for ip spoofing u should probably use a proxie....personally i like socks proxies...try http://www.http-tunnel.com and d/l their prog and configure ur IE settings it should work right if u have any question on how to configure Ie for the prog to work just pm me or post ur question .....good luck

[NetwrkBurn]

If you use Socks Servers or an anamyous proxy it will sucessuflly hide your ip and if you use a Proxy Firewall the hacker wont even be able to connect to your computer to hack into it cause all the packets go through the proxy firewall. So if you sucessuflly had an anamyous proxy connected to a proxy firewall or a socks Server your completly anamyous. I suggest that you visit www.cyberarmy.com for a extensive proxy server listing and you download a few tools, A4Proxy, Check Proxy pro, Socks Cap, those type of tools will keep you secure and anamyous. For a more complete listing of internet security and privacy related tools go to www.webattack.com

[ammo]

Question 1: Is a firewall supposed to stop your ip address from geting out of your computer? eg: stopping people from finding out your ip address.

No... This is why: IP addresses are like postal addresses; if you don't give a return address when you send something, how is the receipient supposed to mail you back? The same holds with IP addys. If you were to send false return (sender) addresses on your IP packets (which CAN be done) the receipient would reply to the wrong IP and return packets would just get lost.

What can be done however, like the others said, is spoof your IP. This can be interpreted in different ways.
-Spoofing, at first, means writing a false source IP address on IP packets. This however isn't really usefull if trying to establish legit conversations with remote hosts. It's mostly used when you send maliciously formed packets that are part of an attack in which you don't need answers from the remote host in question.
-The other interpretation is bouncing your connections on other hosts; some hosts (hosts mean computers on a network, in case you didn't know) run proxy software. A proxy accepts incoming connections from you, establish another connection to the target host and relays the data between the two connections. This has for effect that the source IP address that the target host sees is that of the proxy host, not yours. (There are also NAT 'proxies' that basicly do the same but only rewrite the source ip on the packet without creating a new connection; the result is pretty much the same).

Proxies can also be "daisy-chained" so to put more layers between the ip the destionation hosts gets and your real IP, making it harder to trace back.

So there you have it...

Ammo

[Prankster]

Thanks a lot everyone Ermmm. I'll have a look at the websites and research into ip spoofing, I think I get the idea. Before I had XP, I used to have Zone Alarm (duznt work on XP) and when you did a whois command on there, if someone was trying to hack you, it told you their ip address, and the person they were trying to hack (me) only my ip address had three x's at the end, so I assumed it was impossible for anyone to get miy ip. Now that I have norton, this doesn't happen, so I started to get a bit worried Thanks a lot.

P

[ammo]

I don't personnaly use ZA, but the reason why you had .xxx at the end of your IP is probably so you can post/send your logs without compromising confidentiality. Not because it wasn't traceble...

Ammo

[Prankster]

ok thanks, I was a bit numb then anyway =), I didn't know much about security then, I still don't but I'm learning, currently reading "IP Spoofing: A Mammoth Description"

speak to you again in 10 years! =)