Re: Newbie Questions

From: Michael (ov3r@arnix.net)
Date: 08/07/01 

Message-ID: <3B6F43B4.6040005@arnix.net>
Date: Mon, 06 Aug 2001 20:26:12 -0500
From: Michael <ov3r@arnix.net>
To: Joe Warner <rootman@xmission.com>
Subject: Re: Newbie Questions

>1. I've heard frequently of people getting scanned or probed within the first
>15 minutes - 2 days of going live on the internet with a broadband connection.
>I know most firewall software will detect and log scan/probe attempts.
>I know there are numerous network sniffers and port scan utilities available but
>I don't understand how an attacker can obtain IP addresses.
>
There are many various ways threw DNS and just common logic to get ip
addresses.

>
>
>2. After #1 is answered, what can be done to block scan/probe attempts? What
>can be done to keep IP addresses private?
>
a simple ipchain linux box with a script to block ips or theres various
programs that add the ips to the hosts.deny list.

>3. The security risk of a broadband connection to the internet is obvious but
>what about dial-up connections? It's my understanding that with dial-up, you
>get a different IP address each time you dial your ISP. Wouldn't this make it
>extremely difficult for an attacker to breach your system, especially if you're
>never dialed in for very long?
>
once again dynamic ips yes are a considered great but if you have lets
say a domain name like bla.com you would have to
direct ppl to bla.com ----> ipaddr thus just a simple host bla.com
would give ipaddr. 

-- 
Arnix Security, Inc.
Michael Olden

http://www.arnix.net/

Relevant Pages

  • Re: Ban RAS clients on DHCP
    ... Ok Marcus, I hear what you are saying so I will let it drop here. ... >> found on routers that does not use NAT or PAT and private IPs. ... >> then those should be dedicated to internet accessible machines only. ...
    (microsoft.public.windows.server.general)
  • Re: Internet Connection Sharing & ZoneAlarm
    ... > my two computers talking to one another, ... > my laptop can no longer access the broadband connection. ... > file sharing continued but it's had no effect on the internet ... > ZoneAlarm on the laptop but I'm assuming the settings will need to be ...
    (comp.security.firewalls)
  • [fw-wiz] Blocking MSN (and any other service for that matter)
    ... internet), I came up with the following - straight-forward - approach (which ... # table IPs in use by MSN IM ... pass proto tcp from <YesIM> to any ...
    (Firewall-Wizards)
  • Re: Ban RAS clients on DHCP
    ... found on routers that does not use NAT or PAT and private IPs. ... there is no reason to have an entire class c network of public IPs. ... then those should be dedicated to internet accessible machines only. ... There is no plausible reason to ever use public IPs on your network. ...
    (microsoft.public.windows.server.general)
  • Re: Ban RAS clients on DHCP
    ... But how to tell DHCP server to assign this addresses to RAS clients and other to the rest clients. ... and**sigh** get more IPs or use private IPs for them. ... Niether myself nor anyone who answered knows of a DHCP system that will "ban" these kinds of requests. ... Internet provider have Virus and worms detectors installed on routers thus if they will block one IP numbers all IP numbers in private series behind that one will be blocked. ...
    (microsoft.public.windows.server.general)