Why IP address is fixed everytime connected to the Internet?

I want to ask who assigns the IP address to a machine that connects to the Internet? The ISP, the network card (i.e. MAC address??), or the router?

It seems like my IP address is fixed everytime connected to the Internet, it seems very unsecure because it allows hackers track the computers more easily.

I thought the IP address should be dynamic, and each time when we connect to the Internet should have different IP address.

Is there a way that makes the IP address in my machine becomes dynamic?

Please advise. thanks!!

Reply to
apngss
Loading thread data ...
5 newsgroups crossposted. I guess a shotgun is more effective at target practice.

The limited supply of IP addresses were originally assigned by the net gods. Through a covenant with various governments, the IANA was empowered to distribute these IP's to the various ISP's in accordance to an ordeal process which includes much petitioning, grovelling, begging, and the inscription of forms. Your ISP then delivers unto the multitudes a single IP address, which you are entitled to borrow for the duration of your connection. Be thankful that they even have IP's to give out.

Better to have it fixed than to have it broken.

No problem. Dive into your router and change the MAC address on the "Clone MAC address" page. You can select almost any number you find useful except that of the ISP gateway. Every time your change your MAC address, disconnect, and reconnect, you'll get a new IP address. Of course, this will drive your ISP's logs up the wall and suggest that you're doing something evil and nefarious such as trying to hide your tracks as a spammist. It will also cause him to perhaps run out of available IP's as your previous IP addresses won't expire for quite some time. Be prepared to get yelled at by your ISP.

It can be. Some ISP's do that. However, it's usually not because they are trying to enhance your security. It's because they simply don't have enough IP's to handle all their customers and recycle them often to other users. The limiting factor is the duration of the ARP cache, which maps your MAC address to your IP address. You can see it in Windoze if you run: Start -> Run -> cmd arp -a Ping a few boxes and watch the numbers appear and disappear. To keep the IP's stable, most ISP's run their ARP cache timeout at least 24 hours or more.

Reply to
Jeff Liebermann

Your ISP.

Cracker is not going to trust that is fixed. They will have code to scan ip addresses so trying keep the ip address a secret is a waste of time.

Your ISP decides if static or not and if dynamic, IP addy lease time.

If dynamic, you would have to stay off the net for the dhcp lease time. Mine is 5 days before it expires. I would then have to wait for another customer on my segment to let their lease expire and get my ip or a new customer comes on line and gets my ip addy.

That is a waste of time.

Just set your firewall to block all incomming connections, do not run browsers and whatnot as root, check everyday for updates from your linux vendor and you will be supprised how safe you are.

Reply to
Bit Twister

"I want to ask who assigns the IP address to a machine that connects to the Internet?" Your ISP

"Is there a way that makes the IP address in my machine becomes dynamic?" Ask your ISP.

Reply to
Ted Zieglar

Your ISP assigns it and it is not unusual to have the same IP for a long time. Protect your computer/network with a properly configured firewall and don't worry about it. Then take other steps as outlined in the link below to protect your network as they are all important no matter what IP you have or even if it changed daily. --- Steve

formatting link
--- Protect your PC tips from Microsoft.

Reply to
Steven L Umbach

The IP address is assigned by the ISP. Normally, with DHCP, you "own" the address for the duration of the lease time. Part way through the lease, your computer (or router) will attempt to renew the address. This means that as long as you stay connected, you will likely retain the same address. Your computer caches the address, so that if you turn it off and later, back on, it will request the same address, if available. You might be able to get a new address, if you release the IP and then get another address, however that may not always work, as your ISP may also cache the IP & MAC address pair, for at least the duration of the lease. If that's the case, your only options for forcing a change, is to change the MAC address of your hardware, or leave your equipment turned off long enough for the lease to expire and the address be assigned to someone else.

Reply to
James Knott

Or one that's in use by someone else connected to the same ISP. Duplicate MACs are a no-no.

Reply to
James Knott

For hosting a mail server?! Surely you are joking.

DS

Reply to
David Schwartz

Nice crossposting!

Your ISP is assigning your Internet IP Address - You need a static address if you are: Hosting a mailserver Hosting a website Providing Dialin Access (VPN)

Reply to
Ian

Tip #1 Forget Windows. ;-)

Reply to
James Knott

Can't agree with that. It works quite well, and the appearance of that functionality was a *huge* relief.

Remember when changing anything with your DNS, unless you were far enough up the food chain to be running your own DNS server for the entire Internet (not just your own network), meant that changing anything took a *week* to be effective? That was true even for ISP's, and was a real pain.

Now, my domain resolves to whatever I want to it, and can change in less than two minutes (and it will take me longer than that to remember how to do it manually).

Reply to
Floyd L. Davidson

No, you don't. no-ip, dyndns and similar services allow you to do all of the above with dynamic IPs.

mike

Reply to
Mike Preston

Of course it's possible. There are only 2^48 combinations to play with. ;-)

Reply to
James Knott

In comp.os.linux.networking Steven L Umbach :

Ack.

[..]

Shouldn't that be, protect your PC from Microsoft? Good idea to enhance security.;)

Reply to
Michael Heiming

True. However, it happens often enough that many ISP's use the MAC address for RADIUS authentication. If the MAC address is duplicated, authentication fails. However, you're right. It will cause havoc if the user picks a duplicated address. The chances of that happening are small, but possible.

Reply to
Jeff Liebermann

Not in the slightest. I've had 100% uptime (where I haven't disabled the server for my own purposes and acquired a new dynamic IP in the process, or changed my non-dynamic IP) for over 3 years. Mail server and all. As long as the Mx records are properly recorded, everything goes through. I had to fight a bit with AOL, but even they relented.

mike

Reply to
Mike Preston

Now that I agree with. Definitely a bit of a kludge.

mike

Reply to
Mike Preston

Actually, there's a bit more to it, then that. The computer initially broadcasts a DHCPDISCOVER. Any DHCP server receiving that broadcast, can then send a response called a DHCPOFFER. The client then chooses which server to use and sends a DHCPREQUEST, and then receives the DHCPACK, containing the configuration info, from the server.

Reply to
James Knott

snipped-for-privacy@pacbell.net.invalid (Mike Preston) wrote in news: snipped-for-privacy@news.INDIVIDUAL.NET:

True but that's a bit of a kludge.

Klazmon.

Reply to
Llanzlan Klazmon

Typically it is assigned by your ISP.

Most ADSL users nowadays get the address through DHCP protocol from the ISP DHCP server. When the PC boots up and is set to use DHCP, then it sends a request packet "please give me my IP address" as a broadcast message. The ISP DHCP server receives that requequest and send back the answer telling that IP address and other network settings to use. DHCP is very common way to get the IP setting on comporate LANs, cable modem systems and in ADSL systems.

Otherway to get the IP address automatically is though PPP connection. Some Internet connections are formed using PPP (on normal modem connections), PPPoA (some ADSL systems) and PPPoE (some cable modems etc.). PPP has build in capability for handshaking the needed IP address settings when the connection to PPP server (the router on the ISP end) is formed.

Then there are also users that have fixed IP addresses. They have been given those addresses in the paper agreement when they joined to the service, and then user has configured that address as fixed IP address to his/her computer.

ISPs have typically configured their DHCP servers in such way that the same users get the same IP addresses often. The DHCP server keep tracks of the IP addresses it had "leased out", the MAC addresses of the devices that they have been given to, lease time (for how long time the lease was given for) and when the lease was given.

Usually when a server gets a request for IP address, it checks for its records to find IP address that was earlier given to that MAC address from where the request came from. If it is found, the same address is generally given. If the MAC address is not found in the records, then a new free not used IP address is selected from the list of free addresses, and this is marked to belong to that MAC address. When all addresses are once used, the server starts to mark the oldest (not used in long time) IP addresses as free for reuse by other users.

This is basically how DHCP server work. This is idea. Specific operation details can vary between different server implementations and how the server is configured.

Fixed IP is very unsecure only when your computer is unsecure. If you have secure computer system you have nothign to worry. Internet has worked from the beginning with the idea that the computer have pretty fixed IP addresses (at least the servers). If you plan to run server on your computer, you really like the benefits of having fixed IP address that does not change (There are also dynamic name services that allow using non fixed IP addresses to run a server, it works in most cases, but if your address happens to change at some time all the currently open connections get cut and the server might be inaccessable to other user for some time, even hours depending on name server settings).

Fixed IP is a good thing. Your job is to keep your computer secure. The security consists of safe enough operating system (sensible operating system selection and keeping it up to date), sensible system configuration (firewall setting, no unnecessary services, no file sharign for whole Internet), using safe applications (suitable web browser selection, keeping applications up to date, no P2P application to share all yuour files). Possibly addign a properly configured extenal firewall device added to your system.

Using all the time changing IP addresses would not help you mich in the security picture. There are systems that constantly scans different IP addresses to find computers that have security problems in them for this particular virus/worm/hacker to use. Propablity of those random scanners to find your computer first time is pretty much same if your IP address is fixed or changing. And when you have got some exploit in your computer, that software can easily report your current computer IP address to some hacker server every time you turn it on without you knowing of it if your system is unsecure. Changing IP addresses ecery time does not solve the securty problems. In some cases it migh t seem to add security, but the general thign is that constantly changing IP addresses creates more problems than what it can solve (it can't solve the security or privacy issues well).

This is how things sometimes are, but this is not how thing should be or would be best. There are systems to access Internet that tend to be more or less permanent IP addresses, and then there are systems that tend to give every time new different address.

I prefer the systems that give fixed addresses. They have more benefits.

Some ideas:

Keep your computer powered down fo so long time so that your old address is marked as "free" and used by other user. Then you get a new address when you connect to Internet.

Select such operator/service that tends to give different IP addresses every time (dial-in modem ISP services, some cellular phone data services etc..).

Change your network card to a new card evry time you want to change IP address. New Ethernet card has (or should have to be proper, there are some sad exceptions to this) an unique MAC address in it. New MAC unknown MA address gets a new IP address from the ISP (unless the ISP has made some limitations to this, for example fixing IP addresses to some other properly in their network like your ADSL modem / cable modem serial number, some user account information on PPP based connections).

Reply to
Tomi Holger Engdahl

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.