From: Michael S. Lorrey (retroman@turbont.net)
Date: Sun Aug 13 2000 - 14:44:06 MDT
Paul Hughes wrote:
>
> Zero Powers wrote:
>
> > My IP address only tells *you* which server I'm logged into (unless I have a
> > static IP), but my ISP keeps a log of what user is using which IP at which
> > time. So if I do something naughty, you can go to my ISP with (1) my IP
> > address and (2) the date and time of my naugty behavior, and they can track
> > me down and chastise me accordingly.
>
> Ok, regarding dynamic ip's. Then your typical ISP's IP number is fixed for the
> first three sequences: 123.345.132.xxx where .xxx is the dynamic part unique
> to each user logged into at the time???
I dont' recall off the top of my head, but I do know that when you are
using chat software, like MS Chat, and you bring up a list of all users
on the chat server, there is usually a column for their IP addy.
Anything that is not strictly a set of four numbers (###.###.###.###) is
a dynamic IP addy. Now, people using high speed connections, like DSL,
T-1, etc get static IP addys that are permanently theirs, and which you
can run a trace route straight to when tracking down. Of course, I could
be calling into my home system from anywhere, either over the net via an
anonymizer, or via a dial up connection into my machine over normal
phone lines. If I use the second type, I can still use dozens of PBX
systems to skip my calls off of before it goes to my home system or ISP.
What is a PBX? Its a commercial phone system, like at a doctor's or
dentist's office (like Merlin). Doctors and dentists are especially
vulnerable (as are lawyers and accountants) because they like to put as
much of their personal expenses on office equipment as possible, so when
they finish checking their office voicemail, they will press a key to
get the PBX to hang up and give them a dial tone. THing is that the dial
tone is on the PBX, not the persons local phone, so any long distance
calls made in this manner are on the PBX billing, not the bill for the
local phone (which is good if you are calling from a payphone or if your
cellphone long distance rates are sky high). If you ever saw the movie
"Sneakers", where they bounced calls all over the country before trying
to crack into a company system, this is how hackers use PBX systems to
anonymize themselves, because it takes a dedicated tracer to track down
someone who is doing this, and each leg of the chain gives you x amount
of time before they trace the place that call is calling from. Call up
one PBX, get a dial tone, call another PBX from there, get a dial tone,
etc.. for as many legs as you thing are necessary for security.
-- TANSTAAFL Mike Lorrey "In the end more than they wanted freedom, they wanted security. When the Athenians finally wanted not to give to society but for society to give to them, when the freedom they wished for was freedom from responsibility, then Athens ceased to be free." --- Edward Gibbon (1737-1794) "A person who wants a society that is both safe and free, wants what never has been, and what never will be." --- Thomas Jefferson "It's a Republic, if you can keep it..." --- Benjamin Franklin
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 15:30:25 MST