Privacy/Security: How to change my IP address daily or weekly on DSL

And I am going to be blunt here too. Why are you still HARPING about changing the IP from the ISP, as your HEAD is TEN BRICKS HARD?

It serves you absolutely no purpose, NONE. I have ran my network for years with the same IP from the ISP, with no problems, other than, I didn't pay the bill one time and it was cutoff, because of that, I got a new IP. That new IP gave my FW appliance some connection issues with the machines behind it. I called the ISP and got a new IP from them, and I have ran for YEARS with that same IP too, no paranoia here about ANYTHING.

You can report back as to how it worked out for you.

I don't know, as I would never be bothered with something like that.

However, if it works for you, then you can feel warm and fuzzy about it. ;-)

Duane :)

Reply to
Duane Arnold
Loading thread data ...

Agreed

But I will give you a few more things to ponder - some of these are referenced in other parts of this thread, but I am not going to locate those references.

  1. IP address I do not believe you can separate two or three 'aspects' of you life by a change in IP address. I mentioned one solution, another may be easily available I have an old cable modem - circa 1999 or 2000. It goes back to the days before an affordable home router/firewall. It is smart enough to support 4 different IP addresses - you connect the rj45 plug on the modem to the uplink pulg of a hub, and each unit (computer or router) plugs into the hub and takes an IP address from the router. This is how the cable co allowed multiple computers on one cable connection. They allow 2 free addresses, and so much a month for each additional one. This method is documented on their web site. If you have this capability, you have your privacy. You can post your personal stuff on a simple, slow (under 0) machine on one IP address, and your real stuff on your regular machine. I know this works, because I have a linux web server on one, and my router which feeds the other 5 machines here on the other.

  1. Web servers As mentioned above, I run a hobby apache/linux web server. I did this partly to learn about html & web site design, partly to learn linux, and partly to learn about internet security from the other side. Yes, I do log the IP address of every visitor, along with how they got to my site, and whatever else their browser will tell me. I record each web page they visit. I keep the logs about 6 months When I allow a POST operation, I record that it happened, but I do not log the contents at the server level - the application (message board, blog, perl/cgi script, or whatever) does that. Some places like message boards and Yahoo chat announce that they are recording IP addresses, some don't announce but they all do some form of recording. Other replies have explained how to work with that.

Also as mentioned, sone sites (usually ad based) link back to your computer with 'persistent connections'. They have figured out how to send to you - that is the way they get the pop up ads to appear. Since the whole proxy server business is to prevent that, any time you get a pop up you may have been 'id'ed. In addition, you may not get your idle time. When I had isdn service here, I logged sites calling my browsers for hours after I had closed the browser. The job of the 'bot was to keep the connection active so the site could get the ads to me faster. For a few years I 'owned' a block of 8 IP addresses - gave me a static address with no means to change it even if I wanted to. It had problems, because the 'bots could always find me.

  1. The need for privacy We have covered the lack of privacy in the internet fairly well - that is the price we pay for using that medium for communication. What about privcy at home? Without enquiring into you family situation, I will just remind you that windoze records all kinds of things in all kind of hidden places. And NO, I will not discuss what and where those are. You should consider some steps to secure the information hidden on your computer. I repair/recondition donated equipment for disability organization - it is amazing (sometimes disgusting) what I find on these machines.

For me it is easy - anything sensitive gets done on the linux machines.

  1. IP addresses My experience is that the IP address is tied to (amongst other things) the MAC address. When I change the NIC in an older machine connected directly, I get a new IP address. When I put the old NIC back in, I get the one I had before. When I clone the MAC address with the router, it gives me the IP address that the NIC had. I have about 20 old NIC cards here - that would give me a fair pool of addresses to clone if I wanted to change IP addresses frequently. When I upgraded my web server, I make sure that the NIC moved into the new machine, so I kept the same IP address.

One reason for dynamic IP addresses is to prevent home users from setting up a permanent business web server. The cable co figures that as long as the IP address will change frequently (in my case, about twice a year) that will make it much more difficult to use a home account for business use. Lets avoid the topic of dns forwarding.

As mentioned, your ISP has a pool of IP numbers available to 'lease' You may find you are circulating amongst the same 5 or 10 numbers when you keep changing. And you may get an IP number that has been flagged by the crackers as being 'open' for attacks.

Cable/ADSL

Different technologies - different restrictions. Cable can give you multiple IP addresses for one account, but as far as I know, ADSL can not. Also, ADSL requires you to register your MAC address before you get an IP number. New MAC address - 30 min to 1 hour to get it 'registered'

Some considerations for you.

Stuart

Reply to
Stuart Miller

Refresh my memory (as I dont want to re-read the complete thread) :

1 - What is the name/model of your modem ? 2 - What is the name/model of your router ? 3 - Please open a command window, give the command : "IPCONFIG / ALL" and post the full info it provides. (This is related to my last paragraph in my first post).

btw: If you want more "privacy", you might look into this :

formatting link
but remember if you use this, or any other form of proxy, your NNTP server might want you to autenthificate using username/password.......

/HC

Reply to
Harald Andersen

So were you successful?

Reply to
kingthorin

I bet my ass that is classified information

Reply to
Tristan

Hi kingthorin, Thank you very much for your help and concern. No. I have not been successful yet.

It's actually embarrassing that, after all the helpful posts (there must be more than a hundred of them) I still don't have a software method (other than rebooting the router) which simply tells the router to dial into the PPPoE account after an assigned address is "given up" by the ISP.

I wonder ... what is the "state" of the connection when the router is still on but the ISP has "given up" on the IP address it previously assigned to me? If I could only wake the connection out of that dormant state without rebooting the router ...

The confusing part is that the option we set "should" have worked!

- Aim the browser at the linksys router's IP address

- Log in as the administrator of the router

- Go to "Setup" "Basic Setup" "Keep Alive:"

- Change from: "Redial Period = 30 sec"

- Change to: "Connect on Demand: Max Idle Time = 5 min"

I do not yet know why this isn't working and I am trying different things each morning but (so far) I always end up rebooting the router which immediately reconnects me to my PPPoE account.

What I "think" is happening (from front to back) is:

- Powering up the router causes it to dial into the PPPoE account

- The router "dials" in with a login and password

- The login and password is accepted by the ISP

- The ISP immediately assigns an IP address to the router or modem (note in this thread some say the IP address is assigned to the router, others say it is assigned to the modem; suffice to say it is assigned to me)

- If I constantly use the computer, this IP assignment is maintained

- If I don't use the computer during the day, this IP assignment is maintained

- However, if I don't use the computer for a long time (hours), then something wierd happens now (that didn't happen before I changed the settings).

- Apparently the ISP un-assignes the IP address

- Yet the router is apparently blissfully unaware of the change

- Unfortunatly, the router does NOT dial back in to get a new IP assignment

After a hundred replies to this post, I still don't know ... What can I do (sans rebooting the router) to get the router to just ask for a new IP address?

Reply to
Aluxe

What is make and model of the router??

Reply to
Dana

Hi Dana, The make is Linksys and the model is WRT54G.

I've long ago set on the "Setup" "Basic Setup" tab:

- Internet Connection Type = PPPoE

- The "Username" and "Password" is set here Also, as per this NG, "keep alive" was disabled in favor of

- "Connect on Demand: Max Idle Time 5 min"

- MTU (whatever that is) is set to "Auto" [vs Manual]

On the "Setup" "Advanced Routing" tab:

- Operating Mode = Gateway [vs Router]

- Static Routing Select Set = 1() [vs 2(), 3(), 4(), etc.]

- Interface = LAN & Wireless [vs WAN(Internet)]

To simplify the test, I've been running wired for the past few days so I don't think it matters what's on the "Wireless" tab.

On the "Security" tab, I've set all the options:

- Block Anonymous Internet Requests = yes

- Filter Multicast = yes

- Filter Internet NAT Redirection = yes

- Filter IDENT(Port 113) = yes

Allo values are at default for the "Access Restrictions", "Applications & Gaming", "Administration", and "Status" tabs.

Is there a setting or command that can be run after the ISP has given up on the IP address which tells the router (without rebooting the router) to just connect again to the ISP to login and then ask for a new IP address?

Reply to
Aluxe

I bought this router recently because I read in this newsgroup (which I trust) that I really should have a hardware firewall to augment my software freeware firewall. I didn't know which router to choose from at the store (there were dozens of them) so I picked on near the top in price but not at the very top. I hope I didn't make a mistake by not buying the very top of the line.

Unfortunately (I guess I didn't pay enough) because it it didn't even come with a manual (it came just with a CDROM and some breezy literature). But, it was soon up and running in a few minutes as most of the basic settings were intuitive. I have no problems with the router per se. It keeps the connection alive forever (day or night) when I had the keep-alive default setting.

The only problem I had was that it required a reboot of the router every morning to ask again for an IP address as I power down the ADSL modem every night in order to relinquish the IP address and cycle to a new one (for reasons I'd rather not restate here). :)

One setting that seems wierd to me is that I'm configured as a "Gateway" (vs as a "Router")... but I don't know the difference ... sigh... I wish I had an owners manual ...

I just located found an owners manual for my router at:

formatting link
I am currently printing so I can read it for ideas.

Interestingly, the router itself apparently runs Linux according to:

formatting link
there may be a way to run a program to tell the router to wake up and dial the ISP to get the new IP address after the old IP address expires due to lack of activity for a few hours.

Reply to
Aluxe

GIVEN THE FOLLOWING PPPoE INSTRUCTIONS IN THE WRT54G Product Manual: Page 29

formatting link
Connect on Demand: Max Idle Time You can configure the Router to cut the Internet connection after it has been inactive for a specified period of time (Max Idle Time). If your Internet connection has been terminated due to inactivity, Connect on Demand enables the Router to automatically reestablish your connection as soon as you attempt to access the Internet again. If you wish to activate Connect on Demand, click the radio button. In the Max Idle Time field, enter the number of minutes you want to have elapsed before your Internet connection terminates.

Keep Alive Option: Redial Period If you select this option, the Router will periodically check your Internet connection. If you are disconnected, then the Router will automatically re-establish your connection. To use this option, click the radio button next to Keep Alive. In the Redial Period field, you specify how often you want the Router to check the Internet connection. The default Redial Period is 30 seconds.

From these instructions, it seems that either the "Keep Alive Option" or the "Connect on Demand" alternative should cause the router to re-establish the connection to the ISP once the ADSL modem is powered back on after being powered off overnight.

Am I interpreting the instructions correctly? If so, then I am at a loss as to why, when I power the modem back on, that a simple "connection to the Internet" (i.e., a web browser request to google) doesn't cause the router to dump the old IP address and get me the new IP address.

NOTE: My default MTU setting (Auto) should be fine based on this: MTU is the Maximum Transmission Unit. It specifies the largest packet size permitted for Internet transmission. Keep the default setting, Auto, to have the Router select the best MTU for your Internet connection. To specify a MTU size, select Manual, and enter the value desired (default is

1400). You should leave this value in the 1200 to 1500 range.
Reply to
Aluxe

I think I found one place where the router isn't acting as documented. If I read page 74 of the WRT54G owners manual correctly (

formatting link
), the "Connection" should be reported as "Disconnected" in the morning aft the modem has been powered down for a long period of time (hours).

But, I remember testing this out intuitively and the router clearly said it was "connected" when it was certainly not connected. Even the OLD IP ADDRESS showed up on this router page when I checked yesterday and this morning. In a way, it seems that the router is confused as it "thinks" it's connected and it "thinks" it has an IP address ... but it is neither connected nor does it have an IP address.

Of course, rebooting the router clears all this confusion up ... but, I had tried hitting the "disconnect" and then "reconnect" button on the router web page but it didn't work this morning when I tested it.

Here, specifically, is what "troubleshooting" page 74 of the Linksys WRT54G owners manual says about this:

  1. My DSL serviceÿs PPPoE is always disconnecting. PPPoE is not actually a dedicated or always-on connection. The DSL ISP can disconnect the service after a period of inactivity, just like a normal phone dialup connection to the Internet. There is a setup option to ´keep alive¡ the connection. This may not always work, so you may need to re-establish connection periodically. A. To connect to the Router, go to the web browser, and enter http://192.168.1.1 or the IP address of the Router. B. Enter the password, if asked. C. On the Setup screen, select the option Keep Alive, and set the Redial Period option at 20 (seconds). D. Click the Apply button. E. Click the Status tab, and click the Connect button. F. You may see the login status display as Connecting. Press the F5 key to refresh the screen, until you see the login status display as Connected. G. Click the Apply button to continue. If the connection is lost again, follow steps E to G to re-establish connection.

If I interpret this troubleshooting help correctly, after I've powered down my modem overnight, in the morning the router should not be listing the old IP address as "connected". The router should be listing no ip address and it should indicate it's "disconnected".

Yes?

Reply to
Aluxe

"Aluxe" wrote in message news:1o2m5ojhg74ya.1jy9r9zuzdibh$. snipped-for-privacy@40tude.net...

Ok, lets look at this. Keeping your computer out of the question and just addressing your router and the DSL modem and a protocol called DHCP. When you connect to your ISP they will give you a random address for what is called a lease period. Now this IP address is probably attached to the MAC address of your DSL modem which identifies you to the ISP, or it is attached to the ISP of the first device past the DSL modem, which in this case would be your Router. Understand that for billing and whatnot the ISP has to identify you via some device, typically the DSL/CABLE modem they give to you, so you do not want to mess with that device at all. But anyway, back to the fact that you have now connected and been assigned an IP for a certain lease period. In this case it is your router. Now this lease period can be almost any time frame from say 4 hours to forever. The trick now becomes to find out what this lease period is. (Since I do not know the paticulars of your router, the easy way I know to do this, is bypass your router, hook your computer up to the modem, get an ip address, and then do an ipconfig /all This will show how long the lease is going to last. What this means is that half way through this time frame your device will request an address again, this is built into the DHCP protocol. The ISP depending on how fast it is using addresses, will either give the same one, or a different one. That is under the control of the ISP and the DHCP protocol.

But say you disconnect before this halfway time, and then reconnect again before the halfway time expires, depending on the ISP, you will more than likely get the very same address. Now if your ISP has a lot of subscribers, once you disconnect, they may grab that address to use for someone else. So there are a lot of variables here. Under DHCP there is really no way to just ask for a new address, if your ISP has plenty of addresses to hand out, you may get the same one for what seems like every time, and if it is running low on addresses it may grab your address that was assigned once you disconnect, so the lease time is what we have to find. So find out as I described above how long the IP address is assigned, and then we can find out when you actually need to do a reset to ensure you will get a different address. Now remember as well that these are a pool of addresses, so more than likely you will be assigned the same address some time in the future again.

Reply to
Dana

Yes. But did you not select the always on option during some of your attempts to have your IP change. That may be telling the router to think it is connected when it is not.

Reply to
Dana

Correction ISP should be MAC address

subscribers,

Reply to
Dana

Unfortunately, when I switch the output of the modem (which was previously going to the input of the router) to the input of the computer (bypassing the router altogether), and reboot both the modem and the computer ... I don't establish a connection.

Apparently the PPPoE login settings that I entered into the router must now be entered into the WinXP computer. Problem is that I don't know how to tell the WinXP computer how to log into the PPPoE connection of the ISP ... but I'm looking that up as we type.

I should note that I wonder if the lease expiration (acutally the half life of the lease expiration if I understand you correctly) really matters all that much because I ALWAYS get a new IP address every morning that I remember to shut the router down at night. So, it would appear that my ISP is low in IP addresses and they give out my IP address pretty quickly (a matter of hours) in all cases.

Still ... I'll try to obtain the requested information as you took the effort to help me ... it's my duty to perform all that you ask.

Here is the lease information from the computer hooked to the router:

- Dhcp Enabled. . . . . . . . . : Yes

- Autoconfiguration Enabled . . : Yes

- IP Address. . . . . . . . . . : 192.168.1.2

- Subnet Mask . . . . . . . . . : 255.255.255.0

- Default Gateway . . . . . . . : 192.168.1.1

- DHCP Server . . . . . . . . . : 192.168.1.1

- DNS Servers . . . . . . . . . : 68.94.156.1 68.94.157.1

- Lease Obtained. . . . . . . . : Saturday, October 21, 2006 6:52:33 PM

- Lease Expires . . . . . . . . : Sunday, October 22, 2006 6:52:33 PM

With the router in the loop, the lease is 1 full day. Bear in mind, that just a few hours with the ADSL modem turned off (I guess about 4) always gets me a new IP address once I turn the modem back on and reboot the router.

I would give you the lease information without the router but I don't yet know how to tell Windows XP to dial into the PPPoE account with the appropriate username and password. I'll look that up after I send this reponse so that you get the latest information soonest.

Reply to
Aluxe

If you get this in time, the fact that you have seen that if you are disconnected over night you seem to get a new IP, the only info we may gain is if you can reset in say 1 hour, that may be to short of a time frame for your ISP to realease the IP address. And of course this can vary during the day, as during peak busy hours they may reuse the IP as soon as they see you disconnect. So you may begin to see how difficult this may be for you to try and get a new IP say within a half hour or less.

And that is because of the demand on the ISP for addresses. It looks like right now at a minimum unless you do more testing to see the actual time your connection needs to be off before a new IP is issued, you need to be off for 4 hours.

No need for the windows info, the lease info would be the same, so we have the answer. So right now we know as a minimum unless further testing is done, it takes at least 4 hours for your modem to be disconnected/off, before you are issued a new IP. So now with that kind of time frame, an easy method for you, would be like some other person said, put the modem on a power strip, that you can turn on and off. Further testing means to find out exactly how long your modem needs to be off to allow you to get a new address. Start with a half hour, and work up to that 4 hour mark. If it is 4 hours, well heck there really is no sense in doing anything to change your address, as nothing you do will change the fact it needs at least 4 hours.

Reply to
Dana

Well, I should note that I already put the equipment on power strips when it was suggested (as it was a good idea). This is cheating, of course, as it's not even a workaround ... but it does make it easier to reboot the router. (Note: The original question was to not have to reboot the router.)

Interestingly, I found yesterday (much to my chagrin) that if I put BOTH the router and the modem on a power strip ... this would NOT establish the connection this morning when I turned the power strip power on.

I found I had to put the modem on one power strip and the router on another power strip. Then, I could turn off the modem's power strip at night. In the morning, I would turn on the modem's power strip, then after about five seconds, I would turn on the router's power strip, and that reliably made the connection.

Of course, we're just mimicking what I was already doing before the first post to this thread ever occurred (i.e., rebooting the router to force it to dial in to the ISP with the username and password to request an IP address). But, it is a slight improvement (and perhaps worth the hundred or so posts trying to help me).

For this improvement, I thank the entire comp.security.firewalls for your expert advice. I think we can conclude this thread with the reality that there is no easy way to tell a router to redial the ISP to ask for an IP address without booting the router.

Reply to
Aluxe

Correction:

Minor correction to the currently working sequence:

- I turn the modem off at night (via its dedicated power strip)

- I leave everything else on (including the computer)

- I wait (at least) 4 hours (i.e., overnight) Note: I found no difference when I shut the router down and night so that's why I leave the router running all night even though there is no ISP to connect to because the modem is down.

In the morning:

- I turn on the modem (via its dedicated power strip)

- I wait about ten seconds (never shorter, sometimes longer) Note: I found out from trial and error I don't have to wait for all the lights to light up ... so, about ten seconds seems to do the trick even though it takes about 25 seconds for all the lights to glow steadily.

After the modem is powered up:

- I then turn off the router (via its dedicated power strip)

- Then, I wait about five seconds Note: I found that I had to wait just a bit for the router also.

- I then turn on the router.

Back on the computer:

- I wait about twenty seconds

- And then I point Opera to Google.

- Generally it works in the first pass.

I thank this expert newsgroup for suggesting the power strips as that makes it much easier to reboot the router ... and I hope ... in the future ... one of the experts on this newsgroup invents a router that can actually go to the ISP on it's own to connect via PPPoE and ask for an IP address without having to be rebooted.

Reply to
Aluxe

I think this is the fundamental router problem (most likely a bug). I think the router "thinks" it is connected when, in fact, it hasn't been connected for (at least 4) hours because the modem has been powered off. Because the router "thinks" it's connected, it sees no need to connect again to obtain a different IP address, even if I wait for an hour or more after powering up the modem. This would seem, to me, to be a router bug.

The option I was using earlier in the time span of this thread was: Keep Alive: Redial Period = 30 sec

But, for the past few days, I followed the suggestion to set: Connect on Demand: Max Idle Time = 5 min

I'm assuming that a "demand" is an Opera browser request to "

formatting link
" or the "ipconfig /relase" + "ipconfig /renew" sequence or a "ping
formatting link
", etc.

QUESTION FOR FIREWALL USERS: If you power down your modem long enough for your ISP to relinquish your DHCP IP address, when you power up your modem in the morning, does your router fail to connect back to the ISP?

I suspect this inability to connect is a bona-fide bug in the Linksys WRT54G router. It would be interesting to see if other routers have the same bug.

Reply to
Aluxe

You flat-out don't know what you are talking about here.

No

It's most likely that the IP is assigned to the modem's MAC and is provisioned to your account with the ISP. You can try, try and try some more to change the IP, that you cannot do. I don't know about the ISP you are using, but if that IP from the ISP is provisioned to the modem's MAC and is linked to your account with the ISP, that IP is NOT changing, unless you call them to have the ISP change it or you don't pay the bill and leave it cut off for awhile and then and only then based on the two conditions will that IP be changed.

Again, you flat-out don't know what you're talking about.

You can lead a horse to water, but I guess in some cases, the horse has to be clubbed and kicked *head* to make the horse drink.

Duane :)

Reply to
Duane Arnold

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.