Internet assigned numbers authority?

[Detox]

Not sure this is the right section of forum but here goes... Move if not plz ;-)

I am getting UDP incoming attempts on port 68 CONSTANTLY for the past couple days, seems to be increasing in frequency, from IP 10.33.96.1 which when backtraced shows no path but direct, and whois in Sygate Personal Firewall says this is the "Internet assigned numbers authority" in Marina Del Ray, California. I seem to recall some time back getting some similar activity from the same "authority" name but with a street address in Netherlands somewhere...

edited to add this - sometimes this ip attempts to ping me, at which time the "destination" shows my actual IP... Of course that's ICMP, but all the UDP attempts show destination IP as 255.255.255.255

Anyway, anyone know what this is about? Or is it more likely someone spoofing??

Detox

mentioned this in a reply to Mike (were you posted about the chiclet )

strange...very strange that others are not reporting it also.......perhaps their firewalls

snowman

oh..the url is correct....not spoofed

[JacK]

Quote:

quoting: Detox link=board=23;threadid=2855;start=0#19338 date=1028695227]
Not sure this is the right section of forum but here goes... Move if not plz ;-)

I am getting UDP incoming attempts on port 68 CONSTANTLY for the past couple days, seems to be increasing in frequency, from IP 10.33.96.1 which when backtraced shows no path but direct, and whois in Sygate Personal Firewall says this is the "Internet assigned numbers authority" in Marina Del Ray, California. I seem to recall some time back getting some similar activity from the same "authority" name but with a street address in Netherlands somewhere...

edited to add this - sometimes this ip attempts to ping me, at which time the "destination" shows my actual IP... Of course that's ICMP, but all the UDP attempts show destination IP as 255.255.255.255

Anyway, anyone know what this is about? Or is it more likely someone spoofing??

Hi,

Nobody involved but you

Communication between :67 et :68 are due to DHCP.
10.33.96.1 non portable IP, address of one of your NIC

Rgds,

JacK

Jack

just for my person information please.....a few days ago I blocked port 68 udp inbound and re-routed outbound to myself.....have not noticed an ill effects but would appreciate your opinion if possible.

thank you

snowman

Jack

I've located an answer.....no need for a reply...thank you just the same


snowman

[Prince_Serendip]

Hi Detox! You could get set up with D-Shield so you can start finding out what all your alerts are on your Firewall Logs. Here's the link. It's free and private/secure.

http://www.dshield.org/index.html

They also have Whois, Port Lookups, etc. It does not matter which Firewall you use to be able to make reports.

IMO, based on my experience via D-Shield, UDP alerts are very low priority, not dangerous.

BTW, to find out about the Internet Assigned Numbers Authority go to this link (I'm a member of ISOC. "Internet Society of Course!" LOL.) https://www.isoc.org/internet/infrastructure/

[Detox]

Jack, may I ask what DHCP is

[Paul Wilders]

Detox,

The Dynamic Host Configuration Protocol (DHCP) is an Internet protocol for automating the configuration of computers that use TCP/IP. DHCP can be used to automatically assign IP addresses, to deliver TCP/IP stack configuration parameters such as the subnet mask and default router, and to provide other configuration information such as the addresses for printer, time and news servers.

regards.

paul

[Detox]

Hm, could it be related to my recent IP change? I'm on cable... this is the second time my IP has changed in 2 years or so.

Hope some of you will enjoy knowing some of this information.



IP address



An identifier for a computer or device on a TCP/IP network. Networks using the TCP/IP protocol route messages based on the IP address of the destination. The format of an IP address is a 32-bit numeric address written as four numbers separated by periods. Each number can be zero to 255. For example, 1.160.10.240 could be an IP address.
Within an isolated network, you can assign IP addresses at random as long as each one is unique. However, connecting a private network to the Internet requires using registered IP addresses (called Internet addresses) to avoid duplicates.

The four numbers in an IP address are used in different ways to identify a particular network and a host on that network. Three regional Internet registries -- ARIN, RIPE NCC and APNIC -- assign Internet addresses from the following three classes.

Class A - supports 16 million hosts on each of 127 networks
Class B - supports 65,000 hosts on each of 16,000 networks
Class C - supports 254 hosts on each of 2 million networks
The number of unassigned Internet addresses is running out, so a new classless scheme called CIDR is gradually replacing the system based on classes A, B, and C and is tied to adoption of IPv6.


http://www.webopedia.com/TERM/I/IP_address.html


Who Owns the Internet?
No one actually owns the Internet, and no single person or organization controls the Internet in its entirety. More of a concept than an actual tangible entity, the Internet relies on a physical infrastructure that connects networks to other networks. There are many organizations, corporations, governments, schools, private citizens and service providers that all own pieces of the infrastructure, but there is no one body that owns it all. There are, however, organizations that oversee and standardize what happens on the Internet and assign IP addresses and domain names, such as the National Science Foundation, the Internet Engineering Task Force, ICANN, InterNIC and the Internet Architecture Board.

http://www.webopedia.com/DidYouKnow/Internet/2002/WhoOwnstheInternet.asp


_______________________________________________________________________
AND I THOUGHT SOME OF YOU MIGHT BE INTERESTED IN THESE ARTICLES. (available at the link below)



Solutions for IP address shortage - article
Provides details on subnetting, private addressing, classless inter-domain routing (CIDR), and the IP version 6 protocol upgrade. From the March 1997 issue of Data Communications Magazine.


TCP/IP and IPX routing tutorial
This tutorial supplies information on setting up a relatively simple WAN-connected internetwork or Internet-connected LAN. Includes explanations of IP addresses, classes, netmasks, subnetting, routing, several example networks, and a basic explanation of IPX routing


Changing an IP address in Windows 95
Provides simple instructions for changing an IP address in Windows 95.


Classes of IP addresses
Describes the classes of IP addresses and contains links to a collection of RFCs relating to IP addresses.


Configuring IP
This document, from Cisco Systems, describes how to configure the IP protocol.


Fast Guide to DNS
Explanation of DNS concepts such as IP addresses, resolvers, domain name servers, redundancy, e-mail routing, and domain name allocation.


Find out your IP address
This site displays your current IP address.


IP address construction
This article explains dotted decimal notation and flat and hierarchical networks and includes links to related information.


IP address to longtitude/latitude
Provides a form that converts host names, domain names, or IP addresses to locations with longitude and latitude data. US sites are resolved to the city, Canadian sites to their province, and other non-US sites to the country's capital.


IP addressing overview
Contains a basic overview of IP addressing.


IP addressing tutorial
This short tutorial convers the basics of IP addressing and includes a form to enter an IP address and find out its class, network address and node address.


LearnToSubnet.Com
An educational course on addressing TCP/IP Networks that includes IP Addresses and Subnetting. Topics include: Binary Math, IP Addressing (IP Address), Subnet Mask, and Custom Subnet Mask.

http://www.webopedia.com/TERM/I/IP_address.html