how safe static address?

***Tiger Shark*** · October 30th, 2004, 09:54 PM

Duck:

There are downsides to dynamic addresses.... You can't get to your own stuff so easily from other locations because you don't know the IP to connect to is a biggie.

The point is that if all you can do is DoS me because my IP is static then what's the problem... ID the DoS, call the ISP and as them to block it or cjange your IP..... How hard is that? Any other kind of attack should be patched/blocked/mitigated anyway!

***Cybr1d*** · October 31st, 2004, 01:48 AM

The point is that if all you can do is DoS me because my IP is static then what's the problem... ID the DoS, call the ISP and as them to block it or cjange your IP..... How hard is that? Any other kind of attack should be patched/blocked/mitigated anyway!

To add to that...you can also just block all packages from the IP that is DOSing you at the router.

***chsh*** · October 31st, 2004, 02:44 AM

Originally posted here by The Duck
Sure there is, if someone is DoSing you, the IP will change soon, since it changes the DoS stops and now the attacker needs to find the IP again. And it might not be hard to find the new IP since he already knows the range in wich your ISP is in, but honestly, who is going to try 300 or more possibilites?? No one with a life...

Or they can simply look at your IP via any of the myriad of services (who doesn't use IM's nowadays?) most users user, and eliminate the guessing.

Originally posted here by Tiger Shark
The point is that if all you can do is DoS me because my IP is static then what's the problem... ID the DoS, call the ISP and as them to block it or cjange your IP..... How hard is that? Any other kind of attack should be patched/blocked/mitigated anyway!

In theory.

Originally posted here by Cybr1d
To add to that...you can also just block all packages from the IP that is DOSing you at the router.

That won't stop a DoS if it's just a raw packet flood (which many/most are nowadays). If it fills your pipe your ISP has to drop the route.

**;TT** · October 31st, 2004, 03:03 AM

Originally posted here by chsh
That won't stop a DoS if it's just a raw packet flood (which many/most are nowadays). If it fills your pipe your ISP has to drop the route.

Then how would one go about stopping a DoS nowadays if just raw packets are sent?

***ammo*** · October 31st, 2004, 04:16 AM

Call your provider. Only someone upstream can block a bandwith flooding DoS.
It could be argued that in such a case, changing IP would stop the attack from reaching... you... and only momenterarly (as the attacker most likely has some other means of tracing your IP if he was able to target you at first). And the pour sole who would get assigned that ip after you might very well be the innocent victim of that lost bullet (for some while).

Ammo

**PacketThirst** · October 31st, 2004, 08:56 AM

Forgive me for my ignorance... But how is a box thats behind a router safe from hackers ??.
Can't a hacker who has physical access to the box install a Trojan and remotely control the box later ??.

***Cybr1d*** · October 31st, 2004, 12:54 PM

Forgive me for my ignorance... But how is a box thats behind a router safe from hackers ??.
Can't a hacker who has physical access to the box install a Trojan and remotely control the box later ??.

I forgive you

. A router will not protect you from hackers with physical access to the box. It was not designed for that. The hacker would have to do a little more that just drop a trojan in the box. If the box was set up properly, the trojan would not be allowed to connect to the hacker's client, so the hacker would have to either disable the firewall, or change its settings to allow his trojan to connect outside.

Take care.

***The Duck*** · October 31st, 2004, 06:57 PM

Or they can simply look at your IP via any of the myriad of services (who doesn't use IM's nowadays?) most users user, and eliminate the guessing.

I don't know about you, but after an attemptd DoS attack, I wouldn't be DCing with people while chatting, which is pretty mucht he only way to get someone's IP with IM's. Other then that and getting me to email you there really is no easy way to get the new IP unless you wanna guess the hundreds of different possibilities.

Tiger Shark, I agree with you, but I don't connect to my computer from a remote location often

.

***chsh*** · November 1st, 2004, 09:07 AM

Originally posted here by The Duck
I don't know about you, but after an attemptd DoS attack, I wouldn't be DCing with people while chatting, which is pretty mucht he only way to get someone's IP with IM's.

No, it isn't, several of the IM systems out there have IP lookups enabled. MSN Messenger REQUIRES UPnP enabled specifically for reporting this to the MSN server when doing voice chat and similar things. Even for regular IM use you can find it. IIRC there were several tools for ICQ, MSN, and YIM that allowed you to just punch in someone's account ID and then get their IP from the server.

That point aside, what you or I may do is irrelevant, it's important that people understand that it's a possible way for people to get your IP.

**gauravjulka** · November 1st, 2004, 09:49 AM

It doesnot matter whether u have a static or dynamic IP for ur box, there are the applications which make a virus resident on ur drive, each time u connect to net that application provides host service to any other computer called attacker on the net. If such a service is sitting inside ur box,i t doesn't matter whether u r using static or dynamic IP addressing. Both are safe and vulnerable in the same way.
If u have a firewall on ur box. then ur computer is just as safe as anything else. For the problem that ur incoming traffic is not visible through the net, check for the setting of ur router. If u can access the web then ur computer is on the net.

Thread: how safe static address?

Thread Tools

Display

Posting Permissions