Can hackers hit me while I'm on dialup ? - Security

This is a discussion on Can hackers hit me while I'm on dialup ? - Security ; I understand that 'allways-on users' are permanently connected to the net, with their own IP ? But I'm allocated an IP tempoarily while I'm connected - typically for 4 minutes ? So it's unlikely that 'scanners' would find my presently ...

+ Reply to Thread
Results 1 to 18 of 18

Thread: Can hackers hit me while I'm on dialup ?

  1. Can hackers hit me while I'm on dialup ?

    I understand that 'allways-on users' are permanently connected
    to the net, with their own IP ?

    But I'm allocated an IP tempoarily while I'm connected - typically
    for 4 minutes ?

    So it's unlikely that 'scanners' would find my presently allocated
    IP & port while I'm 'dialed-in' ?

    What port am I allocated, or does it auto-change when I ftp or
    http-fetch ?

    Does the ISP gateway offer any protection ?

    When I use lynx to fetch a http, does the remote server know
    my allocated IP ?

    I can't run as nonroot because I can never get out of crisis-mode
    for long enough to not have to need root facilities for something.

    Thanks for any info,

    == Chris Glur.



  2. Re: Can hackers hit me while I'm on dialup ?

    In article <1175488811.515545@vasbyt.isdsl.net>,
    news@absamail.co.za writes:
    >I understand that 'allways-on users' are permanently connected
    >to the net, with their own IP ?
    >
    >But I'm allocated an IP tempoarily while I'm connected - typically
    >for 4 minutes ?
    >
    >So it's unlikely that 'scanners' would find my presently allocated
    >IP & port while I'm 'dialed-in' ?


    Yes, they can find you. They won't know who it is, but they don't
    care. They may decide you are not interesting because there are
    so many other/better targets that are permanently connected.



    >What port am I allocated, or does it auto-change when I ftp or
    >http-fetch ?
    >
    >Does the ISP gateway offer any protection ?


    It could, but it doesn't have to.

    >When I use lynx to fetch a http, does the remote server know
    >my allocated IP ?


    Sure. If it didn't it wouldn't know where to send your data to.

    >I can't run as nonroot because I can never get out of crisis-mode
    >for long enough to not have to need root facilities for something.


    Bad idea.

    Keep two windows open. Only use the root one when you need it.

    >Thanks for any info,
    >
    >== Chris Glur.
    >
    >


    --
    These are my opinions, not necessarily my employer's. I hate spam.


  3. Re: Can hackers hit me while I'm on dialup ?

    news@absamail.co.za writes:

    >I understand that 'allways-on users' are permanently connected
    >to the net, with their own IP ?


    >But I'm allocated an IP tempoarily while I'm connected - typically
    >for 4 minutes ?


    >So it's unlikely that 'scanners' would find my presently allocated
    >IP & port while I'm 'dialed-in' ?


    IP. port is subaddress, and is in most cases a standard.
    It is possible.


    >W hat port am I allocated, or does it auto-change when I ftp or
    >http-fetch ?


    >Does the ISP gateway offer any protection ?


    They might.


    >When I use lynx to fetch a http, does the remote server know
    >my allocated IP ?


    How do you think they send stuff back to you?


    >I can't run as nonroot because I can never get out of crisis-mode
    >for long enough to not have to need root facilities for something.


    No idea what this meaans but it sounds silly


    >Thanks for any info,


    >== Chris Glur.




  4. Re: Can hackers hit me while I'm on dialup ?

    On Sun, 01 Apr 2007 23:40:16 -0500, news@absamail.co.za wrote:

    >I understand that 'allways-on users' are permanently connected
    >to the net, with their own IP ?


    The internet is just a large public network so everyone who connects
    to it has to have a public IP address somewhere along the line,
    whether it is their PC or their modem/router.

    The fact that your IP changes every time you dial in does NOT make you
    safe from hackers though. Hackers and script-kiddies just scan for
    vulnerable IP addresses and have no regard for who you are or where
    you are - so any IP with open ports will do for their needs and they
    will usually try to probe for root command-prompt access or test for
    known weaknesses in server ports.

    >But I'm allocated an IP tempoarily while I'm connected - typically
    >for 4 minutes ?


    Most dial-ups I have used kept the same IP for the duration of the
    call or about 2 hours - whichever was the shorter.

    >So it's unlikely that 'scanners' would find my presently allocated
    >IP & port while I'm 'dialed-in' ?


    Untrue - it's just down to luck. Remember, they are not scanning to
    find *you*, they are just scanning for vulnerable IPs.

    The only benefit a dial-up connection gives you is that it is
    inherrantly slow and relatively short-lived. So, it it unlikely that a
    hacker could do much while you are online and if they found a weakness
    then they would have to be very quick to exploit it. Though, that fact
    shouldn't stop you setting up a good firewall and closing unnecessary
    services on the computer.

    >What port am I allocated, or does it auto-change when I ftp or
    >http-fetch ?


    Ports are not 'allocated' as such ... ports are the sub-addresses
    through which you communicate with the different kinds of server. Some
    client ports change but I would be more worried about any open server
    ports on your computer. Just because you are surfing the web while you
    are dialed in doesn't protect you from a hacker simultaneously
    attacking an open SMTP port on your machine.

    >Does the ISP gateway offer any protection ?


    Ask your provider if they do any filtering - but I doubt it.

    >When I use lynx to fetch a http, does the remote server know
    >my allocated IP ?


    Yes, but again why worry? Are you using such insecure websites that
    you suspect the owners of the site will try to hack you while you are
    browsing their site?

    >I can't run as nonroot because I can never get out of crisis-mode
    >for long enough to not have to need root facilities for something.


    Hmm, it's one thing to su into root to fix a problem - but you
    shouldn't be dialing-up the internet from root. Why not connect to the
    internet from a user with less access if you are worried about being
    hijacked?

    Basically, you should be running a firewall on any computer that
    connects to the internet. Sounds like you can block all new
    connections instigated from outside because nobody should be
    connecting to your computer from the outside world - you just seem to
    use it for doing your own browsing etc.

    Chris R.

  5. Re: Can hackers hit me while I'm on dialup ?


    > I can't run as nonroot because I can never get out of crisis-mode for
    > long enough to not have to need root facilities for something.


    There is never a need to log in as root. If you need to do something as
    root just do it in a shell, you do know how to spell su don't you?

  6. Re: Can hackers hit me while I'm on dialup ?

    Hal Murray wrote:

    > In article <1175488811.515545@vasbyt.isdsl.net>,
    > news@absamail.co.za writes:
    >>I understand that 'allways-on users' are permanently connected
    >>to the net, with their own IP ?
    >>
    >>But I'm allocated an IP tempoarily while I'm connected - typically
    >>for 4 minutes ?
    >>
    >>So it's unlikely that 'scanners' would find my presently allocated
    >>IP & port while I'm 'dialed-in' ?

    >
    > Yes, they can find you. They won't know who it is, but they don't
    > care. They may decide you are not interesting because there are
    > so many other/better targets that are permanently connected.
    >
    >
    >
    >>What port am I allocated, or does it auto-change when I ftp or
    >>http-fetch ?
    >>
    >>Does the ISP gateway offer any protection ?

    >
    > It could, but it doesn't have to.
    >
    >>When I use lynx to fetch a http, does the remote server know
    >>my allocated IP ?

    >
    > Sure. If it didn't it wouldn't know where to send your data to.
    >
    >>I can't run as nonroot because I can never get out of crisis-mode
    >>for long enough to not have to need root facilities for something.

    >
    > Bad idea.
    >
    > Keep two windows open. Only use the root one when you need it.
    >
    >>Thanks for any info,
    >>
    >>== Chris Glur.
    >>
    >>

    >

    I was discussing this with my wife, who is on only very briefly - on ADSL,
    but not powered up most of the time. In that situation, they would not
    list her as a desirable one to take note of. She is using Windows with a
    firewall, and the rest of Computer Assocs' internet security suite.

    Doug.
    --
    Love is not love
    Which alters when it alteration finds
    - Shakespeare.


  7. Re: Can hackers hit me while I'm on dialup ?

    On Sun, 01 Apr 2007 23:40:16 -0500, news@absamail.co.za wrote:
    >
    > What port am I allocated, or does it auto-change when I ftp or
    > http-fetch ?


    I assume that by "port" you mean IP address. If you point
    your browser to www.whatismyip.com, you'll see the IP
    address that your ISP has assigned to you. You might get a
    new one every time you dial in, but it also might tend to
    stay the same.

    > When I use lynx to fetch a http, does the remote server know
    > my allocated IP ?


    Yes. That's the address that it uses to send you the content.

    > I can't run as nonroot because I can never get out of crisis-mode
    > for long enough to not have to need root facilities for something.


    That sounds crazy. Constantly being in crisis mode seems
    unnecessary, and profligate use of the root account seems
    like a poor remedy. Could this newsgroup help with the
    crisis?

    --
    To email me, substitute nowhere->spamcop, invalid->net.

  8. Re: Can hackers hit me while I'm on dialup ?

    Doug Laidlaw writes:

    >Hal Murray wrote:


    >> In article <1175488811.515545@vasbyt.isdsl.net>,
    >> news@absamail.co.za writes:
    >>>I understand that 'allways-on users' are permanently connected
    >>>to the net, with their own IP ?
    >>>
    >>>But I'm allocated an IP tempoarily while I'm connected - typically
    >>>for 4 minutes ?
    >>>
    >>>So it's unlikely that 'scanners' would find my presently allocated
    >>>IP & port while I'm 'dialed-in' ?

    >>
    >> Yes, they can find you. They won't know who it is, but they don't
    >> care. They may decide you are not interesting because there are
    >> so many other/better targets that are permanently connected.
    >>
    >>
    >>
    >>>What port am I allocated, or does it auto-change when I ftp or
    >>>http-fetch ?
    >>>
    >>>Does the ISP gateway offer any protection ?

    >>
    >> It could, but it doesn't have to.
    >>
    >>>When I use lynx to fetch a http, does the remote server know
    >>>my allocated IP ?

    >>
    >> Sure. If it didn't it wouldn't know where to send your data to.
    >>
    >>>I can't run as nonroot because I can never get out of crisis-mode
    >>>for long enough to not have to need root facilities for something.

    >>
    >> Bad idea.
    >>
    >> Keep two windows open. Only use the root one when you need it.
    >>
    >>>Thanks for any info,
    >>>
    >>>== Chris Glur.
    >>>
    >>>

    >>

    >I was discussing this with my wife, who is on only very briefly - on ADSL,
    >but not powered up most of the time. In that situation, they would not
    >list her as a desirable one to take note of. She is using Windows with a
    >firewall, and the rest of Computer Assocs' internet security suite.


    You think that there is list somewhere that people make decisions on? Most
    cracks are done by robots-- computers that simply sit there scanning
    networks. Your neighbour for example with a program which waits for a
    packet from some IP address and then attacks that.
    She is also running windows. That makes her desireable. There are lots of
    cracks.


    >Doug.
    >--
    >Love is not love
    >Which alters when it alteration finds
    > - Shakespeare.



  9. Re: Can hackers hit me while I'm on dialup ?

    I demand that Peter Pearson may or may not have written...

    > On Sun, 01 Apr 2007 23:40:16 -0500, news@absamail.co.za wrote:
    >> What port am I allocated, or does it auto-change when I ftp or http-fetch?


    > I assume that by "port" you mean IP address. If you point your browser to
    > www.whatismyip.com, you'll see the IP address that your ISP has assigned to
    > you.


    That's not necessarily true - for me, it reports the IP address of an
    ISP-provided HTTP proxy.

    [snip]
    --
    | Darren Salt | linux or ds at | nr. Ashington, | Toon
    | RISC OS, Linux | youmustbejoking,demon,co,uk | Northumberland | Army
    | + Use more efficient products. Use less. BE MORE ENERGY EFFICIENT.

    Prune juice. A warrior's drink.

  10. Re: Can hackers hit me while I'm on dialup ?

    Peter Pearson wrote:
    > [snip]
    > I assume that by "port" you mean IP address.


    No, "port" is *not* IP address - port is a logical queue that allows
    process to process communication. IP uses IP addresses TCP/UDP uses ports.

    If you want to know more, find and examine the file called 'services' -
    that will give you an idea of what ports are all about.

    > [snip]


  11. Re: Can hackers hit me while I'm on dialup ?

    On 2 Apr, 20:45, Darren Salt
    wrote:

    > That's not necessarily true - for me, it reports the IP address of an
    > ISP-provided HTTP proxy.


    This is true for most ISP clients these days: it's easier, and safer,
    to put your clients behind a NAT than for the ISP to pay for
    externally visible IP addresses for their users. But that hardly means
    you're safe: unless your ISP is very careful in their setups, anyone
    behind the NAT along with you can also reach you, and the infected
    boxes and zombies and cracked servers inside your ISP's own network
    *will* reach out and touch you.


  12. Re: Can hackers hit me while I'm on dialup ?

    On 27 Apr 2007 01:02:56 -0700, Nico wrote:
    > On 2 Apr, 20:45, Darren Salt
    > wrote:
    >
    >> That's not necessarily true - for me, it reports the IP address of an
    >> ISP-provided HTTP proxy.

    >
    > This is true for most ISP clients these days: it's easier, and safer,
    > to put your clients behind a NAT than for the ISP to pay for
    > externally visible IP addresses for their users. But that hardly means
    > you're safe: unless your ISP is very careful in their setups, anyone
    > behind the NAT along with you can also reach you, and the infected
    > boxes and zombies and cracked servers inside your ISP's own network
    > *will* reach out and touch you.


    Interesting. I had no idea that ISPs were acting like giant
    versions of my router.

    How will the zombies in the ISP's network find victims? Does the ISP
    assign each customer a non-routing IP address like 192.168.x.x,
    and the zombie just search that space?

    (I'm just asking for general information. I believe my ISP, Charter
    Communications, assigns routable IP addresses. Supporting evidence
    is that my net-facing equipment, a VOIP phone adapter, reports that it
    has been assigned the same IP address that www.whatismyip.com reports
    when I browse to it.)

    --
    To email me, substitute nowhere->spamcop, invalid->net.

  13. Re: Can hackers hit me while I'm on dialup ?

    On 27 Apr, 16:16, Peter Pearson wrote:
    > On 27 Apr 2007 01:02:56 -0700, Nico wrote:
    >
    > > On 2 Apr, 20:45, Darren Salt
    > > wrote:

    >
    > >> That's not necessarily true - for me, it reports the IP address of an
    > >> ISP-provided HTTP proxy.

    >
    > > This is true for most ISP clients these days: it's easier, and safer,
    > > to put your clients behind a NAT than for the ISP to pay for
    > > externally visible IP addresses for their users. But that hardly means
    > > you're safe: unless your ISP is very careful in their setups, anyone
    > > behind the NAT along with you can also reach you, and the infected
    > > boxes and zombies and cracked servers inside your ISP's own network
    > > *will* reach out and touch you.

    >
    > Interesting. I had no idea that ISPs were acting like giant
    > versions of my router.


    *MANY* do. Public IP addresses cost money, and involve support costs.
    It's much cheaper to buy only a few public IP addresses for your whole
    company, and put all your customers behind a "non-routable" IP
    address, such as 10.* or 192.168.*.

    > How will the zombies in the ISP's network find victims? Does the ISP
    > assign each customer a non-routing IP address like 192.168.x.x,
    > and the zombie just search that space?


    If you're both on the same side of the NAT, you can see each other.
    Preventing such clients from seeing each other costs hardware and
    firewall setups to do: it's usually easier to just put everyone in the
    same subnet or a few subnets.

    Then there are the cracked-wide-open-by-the-crackers routers and
    corporate switches scattered around the world: The crackers can, and
    do scan inside such exposed private subnets for targets.

    > (I'm just asking for general information. I believe my ISP, Charter
    > Communications, assigns routable IP addresses. Supporting evidence
    > is that my net-facing equipment, a VOIP phone adapter, reports that it
    > has been assigned the same IP address thatwww.whatismyip.comreports
    > when I browse to it.)


    Some companies do, for other reasons. For an example, AOL does not
    normally provide publicly accessible IP addresses.


  14. Re: Can hackers hit me while I'm on dialup ?

    On 27 Apr 2007 09:11:42 -0700, Nico wrote:
    > On 27 Apr, 16:16, Peter Pearson wrote:
    >> On 27 Apr 2007 01:02:56 -0700, Nico wrote:
    >>
    >> > On 2 Apr, 20:45, Darren Salt
    >> > wrote:

    >>
    >> >> That's not necessarily true - for me, it reports the IP address of an
    >> >> ISP-provided HTTP proxy.

    >>
    >> > This is true for most ISP clients these days: it's easier, and safer,
    >> > to put your clients behind a NAT than for the ISP to pay for
    >> > externally visible IP addresses for their users. But that hardly means
    >> > you're safe: unless your ISP is very careful in their setups, anyone
    >> > behind the NAT along with you can also reach you, and the infected
    >> > boxes and zombies and cracked servers inside your ISP's own network
    >> > *will* reach out and touch you.

    >>
    >> Interesting. I had no idea that ISPs were acting like giant
    >> versions of my router.

    >
    > *MANY* do. Public IP addresses cost money, and involve support costs.
    > It's much cheaper to buy only a few public IP addresses for your whole
    > company, and put all your customers behind a "non-routable" IP
    > address, such as 10.* or 192.168.*.


    [snip]

    Interesting. Thanks.

    --
    To email me, substitute nowhere->spamcop, invalid->net.

  15. Re: Can hackers hit me while I'm on dialup ?

    On 2 Apr, 15:06, General Schvantzkoph wrote:
    > > I can't run as nonroot because I can never get out of crisis-mode for
    > > long enough to not have to need root facilities for something.

    >
    > There is never a need to log in as root. If you need to do something as
    > root just do it in a shell, you do know how to spell su don't you?


    Typing "sudo" in front of twenty commands in a row does nothing for
    your security and merely aggravates your RSI. There are trade-offs.


  16. Re: Can hackers hit me while I'm on dialup ?

    ["Followup-To:" header set to comp.os.linux.security.]

    On 2007-05-03, Nico wrote:
    >>
    >> There is never a need to log in as root. If you need to do something as
    >> root just do it in a shell, you do know how to spell su don't you?


    > Typing "sudo" in front of twenty commands in a row does nothing for
    > your security and merely aggravates your RSI. There are trade-offs.


    So type "sudo -s" to get a root shell, run your 20 arbitrary commands
    that absolutely require root, then exit the shell.

    --

    John (john@os2.dhs.org)

  17. Re: Can hackers hit me while I'm on dialup ?

    On 4 May, 01:34, John Thompson wrote:
    > ["Followup-To:" header set to comp.os.linux.security.]
    >
    > On 2007-05-03, Nico wrote:
    >
    >
    >
    > >> There is never a need to log in as root. If you need to do something as
    > >> root just do it in a shell, you do know how to spell su don't you?

    > > Typing "sudo" in front of twenty commands in a row does nothing for
    > > your security and merely aggravates your RSI. There are trade-offs.

    >
    > So type "sudo -s" to get a root shell, run your 20 arbitrary commands
    > that absolutely require root, then exit the shell.


    Well, that's what I do. But then I'm functionally logged in as root.


  18. Re: Can hackers hit me while I'm on dialup ?

    On 2007-05-12, Nico wrote:

    > On 4 May, 01:34, John Thompson wrote:
    >> ["Followup-To:" header set to comp.os.linux.security.]
    >>
    >> On 2007-05-03, Nico wrote:
    >>
    >> >> There is never a need to log in as root. If you need to do something as
    >> >> root just do it in a shell, you do know how to spell su don't you?

    >>
    >> > Typing "sudo" in front of twenty commands in a row does nothing for
    >> > your security and merely aggravates your RSI. There are trade-offs.


    >> So type "sudo -s" to get a root shell, run your 20 arbitrary commands
    >> that absolutely require root, then exit the shell.


    > Well, that's what I do. But then I'm functionally logged in as root.


    Ok. So you only have to type "sudo" once. not twenty times, right? Exit
    when your done -- no more root shell exposed to random foolishness.
    Where's the problem?

    --

    John (john@os2.dhs.org)

+ Reply to Thread