Re: ISP DNS, proxies and security

From: Barry Margolin (barry.margolin_at_level3.com)
Date: 05/27/03

  • Next message: phn_at_icke-reklam.ipsec.nu: "Re: GnuPG front-end to safely en/de-crypt files using symmetic cipher" 
    Date: Tue, 27 May 2003 16:10:02 GMT

    In article <1.59386E9DA4F1E09328dke892s39cdlwppG@129.123.1.87>,
    My_Cat_will_get_you <GuardCat_bogus@lycos.com> wrote:
    >If I block dns lookups to my isp and use an "anon" http proxy to
    >do the lookups, am i enhancing or reducing my privacy/security. If
    >dns lookups are not done by the isp, is my home dynamic ip
    >broadcast such that sniffers can profile my surfing or usenet
    >group activities? Lately I get alot of alerts from various ips
    >trying to send packets to the same ports-445,80,137, and other
    >higher ports. These seem to be activated by visting certain
    >newsgroups or articles or certain web page urls, so I guess they
    >are the result of sniffers monitoring lookups to certain ips or
    >usenet groups. How can my privacy be best protected given the
    >above?

    I don't think you have much to worry about with DNS lookups. They just go
    to your ISP's nameservers, and are never seen by anyone else. Using a
    proxy will prevent remote servers from seeing your IP when your browser
    accesses the web sites, but this is unrelated to DNS.

    However, unless you frequently access suspicious web sites, the incoming
    traffic you're seeing is probably not a result of anyone sniffing your IP
    while you access the web. It's probably just port scanners that scan *all*
    the addresses belonging to your ISP. 

    -- 
Barry Margolin, barry.margolin@level3.com
Level(3), Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
  • Next message: phn_at_icke-reklam.ipsec.nu: "Re: GnuPG front-end to safely en/de-crypt files using symmetic cipher"
    • Quantcast