The world sees my IP address (I read everything) Is there no better solution?

I agree with your ISP. You can't change your routable IP because you don't have a routable IP. You're being NAT'd along with some or many of their other customers.

It truly is just like if you had a NAT router in your house. That router would have an IP address assigned to it on its WAN interface, and in turn it would assign IP addresses from a different subnet to the various devices on its LAN interface. It looks like your ISP does exactly the same thing. They probably buy connectivity and a small block of routable IP's from a reseller, then they sell NAT accounts to their subscribers. My brother lives in a small town of about 5000 people and his ISP works the same way.

As additional information, the technical guy said something about he 'could' change a 'routing table' but he said that he wasn't going to do that for every customer who calls wanting a new IP address.

I don't understand what 'routing table' that is ... but is there any way I could change it for him?

It would seem that your ISP likely has a small public IP address block so they are doing exactly the same thing (NAT) that your home router is doing. The support guy is telling you the truth.

Other than a proxy there isn't any way to change the public IP address.

It's basically a translation table that tells the ISP's router to which routable IP address your private IP address should be translated.

They could enter a specific rule in the table just for you, but what happens when you want to change it multiple times in a day? It's a manual process for them to update the rule, and it just isn't going to happen. There's nothing in it for the ISP.

You don't have access...

Use The Onion Router.

TOR.

I understand that this has been develped by an independent organisation, paid for largely by the US government. The idea is to allow people in (for example) China to access the internet free of government intervention.

I have not read all of your missive, but I suspect that TOR may well satisfy a number of your requirements.

Of course, it may well be that the US government have control of the TOR system and that it is in fact a Honey Trap. Caveat emptor - except it's free so there is no buyer.

You can alternatively pay for a commercial VPN solution. There are many offerings available. They allow you for example to present yourself as being present in any country that you may choose.

TOR works by configuring the browser (e.g firefox) to use a proxy. The proxy however is running on your PC. The proxy then sends the traffic over the TOR VPN which emerges from a different IP address for every different TOR session.

I did discuss this in the OP. :) But I'll repeat the salient items.

I am using TorButton in Firefox on Linux.

But that's an insufficient solution because, for example, this nntp post has a header based on my real IP address as it is covered by the Firefox TorButton.

After using TorButton for a month, I'm thoroughly disgusted with it as the speed is atrocious, many forum web sites and mail client sites block the proxies used, and it doesn't cover nntp.

I tried to get Vidalia/Tor working on Linux, but maybe I have to try again.

What is the general solution to change your IP address on NNTP posts and AIM chats and FTP sessions?

I always thought VPN simply encrypted the contents of your packets.

I didn't realize VPN also changes your originating IP address?

Can you elaborate on that?

A bit more background to "how things work" that might help you undersand why you can't, at least not easiy, do what you're requesting.

Your internet provider has a small number of actual "public" IP addresses. Your own connection is going to, pretty much by definition, have to get one of those.

It looks like you've been assigned to a specific one, that you get each time. But even if they quasi-randomized your system each time you hooked up, you'd still be in the same ballpark, so to speak.

For example (made up), you might be getting 355.401.218.2 these days. If they reset you each time, you'd get something from 355.401.218.1 thrugh 355.401.218.24.

All of which would still map back to your ISP.

To give you an analogy, let's take a look at a typical large user of phone lines, namely yout local 50 bed hospital. (Note this is far from an exact analogy, but it'll help you understand what's going on).

The hospital has the 50 beds, each of which has a telephone. It also has another 50 phones used at various desks. They'll be one at each of the (for example) 5 nurses' stations. Another onw in the lab. Five in the admissions office. Five in the admin office. etc., etc., for a total of 100.

But they don't have 100 separate phone listings in the book, nore can these 100 lines be directly dialable from the outside.

Instead, the listing is for, let's say, 555-1001. You call into that and you get a "please punch in the extension number you want, or wait for an operator".

You punch in 115 for room number 15, and that phone starts to ring.

You can NOT cimply dial "555-0115" to get that room. If you try, you'll bother someone at the gas station.

Similarly, if someone in that room dials out to you, the caller id will show "555-1001" and "comm. hospital".

(the hospital actually has additional "trunks" rather than just the one line associate with 555-1001, but they don't have their "own" phone numbers. So it's not quite the same deal as the ISP. But they _don't_ have 100 trunks, just perhaps 20).

Carrying the analogy a bit farther, the hospital _will_ have, perhaps, two additional "outside', direct dial, numbers. One will be for the fax machine and one will be the "red phone" in the emergency department that the local disaster folk will call in on. But again, aside from these small additions, everything gets routed through that 555-1001 number.

Now there are ways for you, just like the hospital, to "look like" your "coming out" from another IP. It involves setting up a tunnel to a different internet provider and exiting to the general interent from there. This is , loosely speaking, called going through a proxy.

But you'd need an account at that second place.

This is handy, for example, if you're trying to view a "youtube" file that's restricted to only appear in the US and you're in the UK.

A similar term to "setting up a tunnel" is "establishing a virtual privte network connection". Not quite exactly the same, but close.

In these cases your local ISP "sees" that you've connected up to (for example) "acme proxy svcs". But they don't get to view the traffic you've got going there, In other words, if you're at a motel in Georgia, they won't see you're reaching out to "general-sherman-was-right.com".

Hope this helps.

This is just a test really. I am using TOR and I think the "source" will be somewhere in Canada. I will send another post in a minute without TOR which will have my real IP.

This one should have the real IP which is in the UK.

OK so that works.

The first post was "from" 209.44... and the second from

There is NO WAY to determine my real IP address from the first post. As long as TOR is working as advertised and has no back doors:)

So the web browser traffic is getting routed correctly over the TOR network and appears subsequently to originate in Canada.

The proxy that is installed you your PC when you install TOR is a special one that tunnels your traffic over the TOR network. At the TOR exit point the traffic is restored to its original form and is sent over the internet appearing to originate from the TOR exit node.

There are numerous commercial VPN solutions available. The only ones I have used have been corporate ones that can send *all* of the traffic originating from the PC over the tunnel. I have never tried or researched any of the end point hiding internet solutions but trust me, they will work as advertised. One use is to view TV programs over the internet. Most internet TV, e.g. BBC, is only viewable in the country of origin. By buying a commercial VPN solution you can appear at any time of your choosing to be in any country supported by your service provider.

You can do this with TOR too but as you have noticed the performance is quite poor and in effect it doesn't really work for internet TV in my experience.

By the way there exists a TOR proxy that can send some traffic over the TOR network and other traffic direct to the internet depending on the URL. Foxy Proxy.

So, if you have TOR compatible programs then you can use TOR to hide your address. Otherwise research commercial solutions. Choose solutions based in countries who won't talk to civil courts or law enforcement in your own country if applicable. According to Wikileaks, Sweden might be a place to start.

google [internet VPN country protocols]

returns as the top hit:-

I would think that for that kind of money you should get good performance.

it doesnt directly.

what usually happens at least for the class of VPNs based on tunnels, is that the end point / PC has a "native" IP address, and another one inside the tunnel.

depending on the VPN all useful / user traffic may have to follow the VPN, or you may be able to "split tunnel" and use some local addresses directly (eg for a local server or printer).

Most are client server, and designed with a central hub, where the far end of all the tunnels terminate, and where your traffic is released out onto the corporate net, or the Internet and so on.

Because VPNs are often for corporate use, they often use RFC1918 private addresses (as VPNs can use a lot of addresses, and public IPs are hard to get and justify for this) - so there is address translation between the VPN server and the generic Internet.

Se get a different nntp provider. Both Astraweb and Mixmin "privatise" your nntp posting host; they log it in case you do anything stupid. I don't actually see your ip in your headers, btw.

Now you're using Google. Get a better nntp provider.

Lets be clear about one thing. Your PC's address as seen on the internet is not usually one of it's own addresses as configured on any interface. The case where it is the address configured on an interface occurs if you are not doing NAT which these days is pretty rare for end user PCs. The one case where it does happen in the UK is where the ISP has provided an ADSL modem that connects to the PC by a USB cable. I don't know of any ISPs that do this with new installations.

The VPN provider just does NAT on your traffic and puts it on the internet. There is no way to tell where the traffic originated.

JoeSchmoe wrote in news:i6e3h8$lej$ snipped-for-privacy@speranza.aioe.org:

Why not ? What do you think is a problem with that ? (.....if you're not doing anything illegal, as you claim.)

It does sound like a strange idea in todays world of facebook/twitter/google where we are no longer supposed to have a sense of personal identity or even know what privacy means.

I am in the "don't do anything" category and I have no desire to have an anal probe each and every day because I value the idea of a personal identity and I value privacy.

This is the first VPN description I can understand.

Let me see if I have this straight (bearing in mind I'm not concerned with what the ISP sees, as I thought they could see everything anyway, but I'm just trying to be not have ALL my activities be associated with the same IP address).

- I sign up for proxy services at 'acme proxy services'

- I connect to acmeproxyservices.com

- The ISP sees THAT connection to acmeproxyservices.com

- I then make an http request for "general-sherman-was-right.com"

- And I make an nntp post to "pictures-of-the-devastation.com"

- And, I chat on irc channel "let's-talk-dixie-reparations.com"

- I think what you're saying is two things (please confirm)

- First, the ISP can't 'see' inside the packets to those sites

- Second, the END IP address for the http, nntp, and irc will be an IP address issued to "acmeproxyservices.com"

Is that right?

If so, would that end ip address (visible on the net) always be the SAME ip address or could it be a different IP address for each transaction?

:)

I'm not doing anything illegal when I mail a stamped letter, but I still lick and seal the envelope. And, guess what, I'm even using my own saliva!

Point is, we close our curtains at night; we seal our envelopes even if we're not sending out botulism spores; we whisper to our lovers in church even though we're not fomenting a conspiracy; we shut the bathroom door even though we're not performing lewd and lascivious acts in the men's room stall; we hide our diary under the bed even though we didn't threaten the President in invisible ink; we shut the closet doors when company comes over even though we don't have drug paraphernalia stashed about the kids' bedrooms; etc.

We have a right to SOME privacy ... don't we?

And changing the IP address is no different a privacy need.

I find the people who say the only ones who need privacy are those doing something illegal a bit threatening myself ... it scares me that people actually THINK that way. :(

But, back to the point, let's assume privacy is a basic human right.

The question is HOW to change the IP address when the ISP won't do it?

- VPN?

- Proxy?

- TOR?

- ???

I'm testing out these as we type ...