Randomizing IP on DSL

[Old Fart]

I'm an old fart late to moving to DSL from dialup, where I've been fond of
my dynamic IP for various reasons.

What's the best way with DSL to approximate the daily or hourly changing
Internet address of a legacy dynamic IP?

Thanks,

Old Fart

[Anonymous]

Old Fart wrote:

> I'm an old fart late to moving to DSL from dialup, where I've been fond of
> my dynamic IP for various reasons.
>
> What's the best way with DSL to approximate the daily or hourly changing
> Internet address of a legacy dynamic IP?

This depends a lot on your ISP. Some will serve you up the same IP address
no matter what, until they decide it's time to change it. It's "tied" to
the MAC address of your DSL modem, which you can't adjust. At least not
without mucking up your connection.

The IP assignment is called a "lease". Depending on your OS, somewhere in
your network setup or networking tools there might be a utility that lets
you expire or let your lease go. Sometimes this is enough to get you a new
IP assigned. You can accomplish the same thing in effect, by powering down
your modem, waiting some amount of time (again determined by your
provider), and powering it back up. Either of these things may or may not
work.

The only other way I know of to force an IP address change, and again it
doesn't work in all cases, is to simulate an "attack" on your machine.
It's not too uncommon for an ISP to spot something like a Nessus or Nikto
probe and change your IP for you to fend of the attacker. How you manage
to make it look as though someone elseis probing you, is another matter
all together.

The bottom line is you're pretty much at the mercy of your provider. They
may make it easy for you to change your IP, and they may make
it impossible. All depends on how their DHCP servers and security are set
up.

[nemo_outis]

oldfart@yahoo.moc (Old Fart) wrote in
news:4675b730.22287671@news.west.earthlink.net:

> I'm an old fart late to moving to DSL from dialup, where I've been
> fond of my dynamic IP for various reasons.
>
> What's the best way with DSL to approximate the daily or hourly
> changing Internet address of a legacy dynamic IP?
>
> Thanks,
>
> Old Fart


Changing IP is not an end in itself - or at least it shouldn't be.

What are you trying to accomplish? To whom do you wish your IP to appear
different? Or, as is more likely, do you merely wish to prevent an
association between a particualr IP traceable to you and particular net
activities?

Yes, there are ways - with some ISPs - to get them to assign a new IP by
pulling various tricks. But before beating your brains out trying to push
on a string (since assigning an IP is ultimately up to your ISP, not you)
ask your self what you are really trying to do.

Regards,

PS I'm another old fart: 62 and counting :-)

[Hootowl]

On 18 Jun 2007 01:32:05 GMT, "nemo_outis" <abc@xyz.com> wrote:

>oldfart@yahoo.moc (Old Fart) wrote in
>news:4675b730.22287671@news.west.earthlink.net:
>
>> I'm an old fart late to moving to DSL from dialup, where I've been
>> fond of my dynamic IP for various reasons.
>>
>> What's the best way with DSL to approximate the daily or hourly
>> changing Internet address of a legacy dynamic IP?
>>
>> Thanks,
>>
>> Old Fart
>
>
>Changing IP is not an end in itself - or at least it shouldn't be.
>
>What are you trying to accomplish? To whom do you wish your IP to appear
>different? Or, as is more likely, do you merely wish to prevent an
>association between a particualr IP traceable to you and particular net
>activities?

Or, as I often do because I don't like scans (especially when they
come in at a roughly a dozen per second, practically stealing my
entire bandwidth.). I have my parameters set to my old dial-up
primary and secondary DNS, and thus get a new IP every time. I often
simply turn off my modem for a second or two. It takes a little
longer for it to reconnect than it did when I first went online, but
that usually ends the problem. If i'm still unhappy, I do it again.
Sometimes scans are incredibly prolific. Your ISP's system may not
work like Earthlink's, so YMMV.
>
>Yes, there are ways - with some ISPs - to get them to assign a new IP by
>pulling various tricks. But before beating your brains out trying to push
>on a string (since assigning an IP is ultimately up to your ISP, not you)
>ask your self what you are really trying to do.
>
>Regards,
>
>PS I'm another old fart: 62 and counting :-)
>
>

[Old Fart]

On 18 Jun 2007 01:32:05 GMT, you wrote:

>oldfart@yahoo.moc (Old Fart) wrote in
>news:4675b730.22287671@news.west.earthlink.net:
>
>> I'm an old fart late to moving to DSL from dialup, where I've been
>> fond of my dynamic IP for various reasons.
>>
>> What's the best way with DSL to approximate the daily or hourly
>> changing Internet address of a legacy dynamic IP?
>>
>> Thanks,
>>
>> Old Fart
>
>
>Changing IP is not an end in itself - or at least it shouldn't be.
>
>What are you trying to accomplish? To whom do you wish your IP to appear
>different?


> Or, as is more likely, do you merely wish to prevent an
>association between a particualr IP traceable to you and particular net
>activities?

Exactly, and the anonymity of a dynamic IP is really all I was after, but
it sounds as if I may be forced into what for me would be the overkill of a
proxy.


>Yes, there are ways - with some ISPs - to get them to assign a new IP by
>pulling various tricks. But before beating your brains out trying to push
>on a string (since assigning an IP is ultimately up to your ISP, not you)
>ask your self what you are really trying to do.
>
>Regards,
>
>PS I'm another old fart: 62 and counting :-)
>
>

[nemo_outis]

oldfart@yahoo.moc (Old Fart) wrote in
news:467675e9.3737984@news.west.earthlink.net:

>> Or, as is more likely, do you merely wish to prevent an
>>association between a particualr IP traceable to you and particular
>>net activities?
>
> Exactly, and the anonymity of a dynamic IP is really all I was after,
> but it sounds as if I may be forced into what for me would be the
> overkill of a proxy.

"Proxy" is, more or less the answer. But before focussing on the answer
let's explore the question a little.

I'm going to concentrate on surfing rather than email, newsgroups, irc,
etc. but some of the principles generalize.

Somewhat arbitrarily, let me propose several levels/motivations for
keeping things private: you fear inconvenience/annoyance, embarrassment,
litigation, prosecution, or murder ;-) Obviously, if you fear criminal
prosecution or being killed for your online actiovities then you must
adopt more secure methods than if you are just trying to avoid junk
email.

Potentially you can disclose your identity in a number of ways, which I
group for convenience as being determined by either the *content* of your
activities, or the *access pattern.* Content can be disclosed by
cookies, by java/javascript and such, and obviously by anything you write
in a message or even your writing style. Although it bridges to the
access pattern category, other disclosures, such as user-agent string or
even computer fingerprints (packet timestamps, etc.) could establish your
identity. Fortunately, aspects such as hardware fingerprints usually
only arise with the most serious adversaries. The content question also
depends on whether you make "ostensibly unrelated" visits to sites or
present a quasi-permanent persona to them (e.g., repeated posts under a
nym).

Determining who you are by access pattern could follow a number of broad
avenues: by info available at one destination site, by info available at
one destination site but with backtracking, by info available at/near
your origin, or by a global view (source through destination).

The last category is the province of major criminal/intelligence
investigations and will subsume the other categories; the best view of
your origin (and also all your destination activities if not
proxied/encrypted) is your ISP. The destination site looking backwards
is the view of end users or end destinations backtracking you.

As you can infer from the above a frequently-changing IP (from the same
ISP) provides only weak protection against only the weakest category of
adversary (a destination site or end user who is unwilling/incapable of
backtracking). If you need more than the weakest protection you must do
more.

As a minimum you should adopt strategies to limit your exposure to
endsites and - especially! - your ISP. That means some sort of proxy
with the link from your machine to the proxy encrypted. A single-hop
proxy (cotse, etc.) will give mild-to-moderate protection against
snooping by your ISP and backtracking without a subpoena. A single-hop
proxy gives reasonable privacy protection combined with little loss in
speed (and sometimes perks such as extensive email options to minimize
spam, etc.) Multi-hop encrypted proxies (a la Tor) are needed for more
serious protection but usually impose a performance penalty. Combine Tor
with helper apps (privoxy, vidalia, janusvm) for even stronger protection
minimizing some forms of "content" leakage. If you're a real nut, add
running your own Tor node into the mix (perhaps even an exit node,
although this can bring its own problems). This gives plausible
deniability that any of your surfing activities are attributable to you.

And harden your browser (at least something like Firefox with the
Noscript extension and cookies at least cut back to session-only).

Regards,

[Ari]

On 18 Jun 2007 15:24:39 GMT, nemo_outis wrote:

> Somewhat arbitrarily, let me propose several levels/motivations for
> keeping things private: you fear inconvenience/annoyance, embarrassment,
> litigation, prosecution, or murder ;-) Obviously, if you fear criminal
> prosecution or being killed for your online actiovities then you must
> adopt more secure methods than if you are just trying to avoid junk
> email.

Which was is your excuse "nemo"?

[THX]

"nemo_outis" <abc@xyz.com> wrote in message
news:Xns9952C6B825448abcxyzcom@204.153.245.131...
> What are you trying to accomplish? To whom do you wish your IP to appear
> different? Or, as is more likely, do you merely wish to prevent an
> association between a particualr IP traceable to you and particular net
> activities?

It's obvious what he is trying to accomplish. Security through obscurity.
You're not very obscure if you have a permanent IP address.

[nemo_outis]

"THX" <no@email.invalid> wrote in news:S1zdi.37616$1i1.30369@pd7urf3no:

>
> "nemo_outis" <abc@xyz.com> wrote in message
> news:Xns9952C6B825448abcxyzcom@204.153.245.131...
>> What are you trying to accomplish? To whom do you wish your IP to
>> appear different? Or, as is more likely, do you merely wish to
>> prevent an association between a particualr IP traceable to you and
>> particular net activities?
>
> It's obvious what he is trying to accomplish. Security through
> obscurity. You're not very obscure if you have a permanent IP address.


You're only very marginally more obscure having a varying IP address that
is obviously drawn from the pool assigned to a particular ISP, an ISP who
logs exactly when those IPs were assigned to its customers (and who perhaps
logs a great deal more than that).

Regards,

[Cyberiade.it Anonymous Remailer]

THX wrote:

> "nemo_outis" <abc@xyz.com> wrote in message
> news:Xns9952C6B825448abcxyzcom@204.153.245.131...
>> What are you trying to accomplish? To whom do you wish your IP to appear
>> different? Or, as is more likely, do you merely wish to prevent an
>> association between a particualr IP traceable to you and particular net
>> activities?
>
> It's obvious what he is trying to accomplish. Security through obscurity.
> You're not very obscure if you have a permanent IP address.

You're not any more obscure having a varying IP address assigned from a
constant pool of them by an ISP that logs every assignment, accessing
remote services that can easily identify you either way.

It's a fruitless goal, which you're trying to obtain by a process that
might itself cause you some of the problems you're trying to avoid. Namely
drawing attention to yourself.

Proxies, reputable privacy services, Tor, JAP, etc....

There's so many useful alternatives it's a waste of time to even debate
the issue, let alone waste time trying to actually do it.