Types of IP address

[Alec Empire]

as much as i say that dynamic IP is much more secured

This is a old rumor which was generated by the idea that you couldn't turn machines with dialup connections into bot command and control infrastructures. Then there was alot of lies from Steve Gibson about how anyone with a high speed connection will get owned the moment they go online.

[JPnyc]

The only truth to it may be that dial-up users tend to be connected to the Internet less often. Whereas cable users would be more inclined to leave the machine connected and turned on.

[nihil]

Yes, the desirability of the target needs to be considered. Gibson's argument has a ring of truth to it in that high speed connections were generally on most of the time, had static or relatively static IP addresses and not only performed well, they would almost certainly be backed up by high performance hardware. That made them desirable, but not vulnerable per se.

Whether they could be owned would depend on their security, not their speed.

The fallacy of the:

idea that you couldn't turn machines with dialup connections into bot command and control infrastructures

Also seems logical, as they would be mostly dynamic IP addresses and the botherder wouldn't be able to contact the owned machine again. He might even hit a system with better security and get detected when the IP was reassigned.

The reason that this is a fallacy should be fairly obvious? the owning software is set to phone home. Botherders don't want IP addresses, they want to own actual hardware assets. If they have found a system they can own, it is relatively safe to let that initiate communication, rather than trying to dial in.

[Alec Empire]

high speed connections were generally on most of the time

Im currently using a wireless network but that doesn't mean my computer in itself has a uptime of eight hours or more.

Its obvious most botnets still centralise to certian areas on the web, sure... but thats only to gain the information needed to slightly seperate for a multi-tiered approach at things.

[nihil]

Sure,

You don't have to turn it on, but how many little "fanboys" post "how many hours my system has been up" crap?

Hell, I would hunt them down and fine them for gratuitous and profligate wasting of scarce resources (electricity). What about this carbon emissions crap?

Not to mention the fire risk?

Its obvious most botnets still centralise to certian areas on the web, sure... but thats only to gain the information needed to slightly seperate for a multi-tiered approach at things.

Yes, nowadays the control mechanisms are distributed. Back then they were much more centralised, so the botmaster was constantly exposing his entire asset on a net by net basis.

[Nokia]

There are some numbers that are "reserved" for non-Internet use, for example I think that these are:

10.xxx.xxx.xxx
172.xxx.xxx.xxx
192.xxx.xxx.xxx

Nearly.

For IPv4:

Private ranges that all ISP's will filter at the gateways, therefore will not route across the Internet and are only to be used internally in a home/office or for localhost/testing purposes etc:-

10.0.0.0 - 10.255.255.255 = Internal Class A range

172.16.0.0 - 172.31.255.255 = Internal Class B range

127.X.X.X = Loopback - Used by the localhost for various diagnostic reasons

169.254.X.X = APIPA - (Auto Assigned Private IP Address)

192.168.0.0 - 192.168.255.255 = Internal Class C range

224.X.X.X = Multicast range

240.X.X.X = R & D / Scientific purposes



Common usable ranges are that will work across the Internet:

1.X.X.X - 126.X.X.X - Class A range

128.X.X.X - 191.X.X.X = Class B range

192.X.X.X - 223.X.X.X - Class C ranges



Obviously the previously mentioned Private IP ranges are excluded from the above ranges.

Depending on what type of attack in being used, dynamically issued IP addresses do offer some security as the host is not guaranteed to be on-line for an extended period of time. Broadband users may keep the same IP for months at a time but only the actual ADSL router (or equivalent) keeps the IP address assigment, not the host behind the router.

Traffic coming in from the WWW that has not been initiated from the internal side will 9 times out of 10 never get past the router unless it has specifically been configured to do so.

If the attacker has managed to install software that phones home then the type of IP address in use is irrelevant.

Any Dynamically issued address WILL change at some point in time, which limits the availability of the host(s) to any would-be attackers

Statically assigned IP address are invariably assigned to servers/services that have a constant and direct connection to the WWW and that need 100% uptime. Also some older ISP's who got into the game around the time the Internet went global, managed to secure a large number of IP addresses and issued static ones to it's users - a static IP is very unlikely to change making the availability of the host almost unlimited, therefore any would-be attacker has one less thing to worry about and can possibly be more stealthy.

The main difference from a security point of view is that more information can usually be gathered about the owner of a static IP than from the temporary owner of a dynamic IP.

[kingkong]

as per the above NOKIA as done the same thing which i was going to post as on the clearance of dought and knowledge i would lke to give further clarification on the same and will like to give more knowledge on the same......


What is IPv4 (IPversion4)?
172.16.254.1
10101100.00010000.11111110.00000001

This resembles to the break up of the 32 bit IP address which is separeted by the Decimals spilting it into 8 bits

One byte = 8 Bits

Which in simple is 8*4= 32 bits


IPv6 Latest Version used .

2001:0DB8:AC10:FE01

This can be used and the performs with Windows Vista, Apple Computers & Advance range of Lunix


and this creates a Unique Range of IP Addresses


Where as on the Forums its knews that IPv8 is on the way

http://antionline.com/showthread.php?t=276103




Please Correct if Wrong

Thanks and Regards
KK

[nihil]

Hi KK,

Actually IPv6 is 128 bit (2 x 64) in 8 hexadecimal quartets.

[Nokia]

Leading 0's and blocks of 0's can be omitted in IPv6, so it can appear to be less than 128 bits. Colons are needed when blocks of sequential 0's are omitted though.

[kingkong]

Hmm!!

Hi Nokia and Nihil

U guyz are really good can u please explan me about the IPv6 a lil more

regard
Kk