Hi, does anyone know much about these different types of software that are suppose to hide your IP address in different ways... usually by masking it with a fake IP address.. ? I've been getting some mixed info on whether they actually work or not. Some people say they do, others say they don't. I've literally been getting port scan attacks like every 5 minutes for the past 2 days. Just wondering if a program like this might be able to help me by making my IP address inaccessible or hidden. I've tried resetting my IP address manually, but I'm not sure if it's working or not, because it still hasn't changed, and it's been over a day now. Any advice as to which of these IP hiders would work the best? Thanks very much. M.
It could be random port scanning to. My connection is under constant bombardment. It doesn't always indicate a targeted attack as much as someone just looking for an easy target. When you say resetting your address manually, I'm presuming that your just refreshing your DHCP, and depending on your ISP it will either change or stay the same. I'm on cable, and even though my service is supposedly Dynamic, my IP hasn't changed in months. Usually it only changes when theres some sort of network reorganization (forcing my IP to change significantly, such as to a whole new subnet.). As long as you have some form of Firewall, you should be fine. Something to check would be to see if it blocks or drops ICMP traffic. If you are responding to ICMP traffic, its a dead giveaway that a computer is located at a specific IP address. That and making sure you don't have responding ports are the two ways I know of to "disappear" although it only partially. You can check at GRC, following the path to "Shields-Up" (Sorry, can't link it directly) and it will probe your system. Also, its a great site for just general information. IP Hiding, I'm presuming by using proxy's or services like Tor, I have mixed feelings about. I don't use any personally, but unless your sure that you can route everything through one, there is always room for leakage. I've seen a report somewhere, though I don't remember where, that there is some method of actually defeating them on web pages, but I'm uncertain as to how it was done. Hope this helps some.
It's quite strange actually.. I haven't had any port scans for months on end.. and then suddenly after visiting certain political websites, I've gotten these port scans every few minutes non-stop, for two days straight now.. all coming from the same IP address. I've tried manually resetting my IP by doing the "ipconfig /release", then "ipconfig /renew" commands. I've also ran a check at sheilds-up. None of my ports were visible, and everything passed except the Ping Reply failed. "Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation." I've read something about this happening to users who get their connection through a router, and that's how I get my connection, so I'm not sure if I can actually do anything about passing the Ping Reply test. I'm surprised there seems to be this general uncertainty with regards to all these different IP hiding software. There's quite a number of different ones, and they average around $20-$30 bucks.. I'd think there was something to them if they're charging all that.. I mean, why would people continue to buy them if they really don't do anything..?
If you have a router, like a linksys between your modem and your PC, renewing via ipconfig does absolutely nothing to your public IP. Look at ipconfig's output, if your ip is 192.168.x.x (x.x being any two numbers) then your PC is on a private IP address not visible to the outside world. Are you just on cable/satellite/dsl? Most likely your router just needs to be adjusted (easy fix) to block ICMP. As for the $20-$30 "annonomizer" software and services that are sold, I only wish to refer back to a famous quote by P.T. Barnum: "There's a sucker born every minute." Most security in the world, both online and real world, is not as much actual security as it is the impression of security, not to say there are some genuine things out there. A lot of stuff is also targeted at the less-than-knowledgeable audience. But thats what we're here for, everyone has a chance to learn.
Is there any other way to renew my IP? I have cable. How could I adjust my router to block ICMP? Thanks so much. M.
Re-starting the router, that is, turning it off then back on, can result in a change of IP address. Practically speaking, you don't want to do that too often. As long as you are behind a firewall, you shouldn't have any problems. The port scan attacks you refer to aren't attacks; they are just port scan probes to see if any are open. If any were open, that may lead the way for more invasive attempts.
That one you'll need to check your manual for. Too many different ones out there to give step-by-step directions on.
Maya, A basic firewall (either a software one running on your PC like Windows XP's own firewall) or a hardware one on a router will serve to block incoming probes. The fact that you are seeing "port scan" reports suggests you are running a software firewall and that should suffice - if the repeated alerts bother you, it should be possible to disable them (while still having the scans blocked). While there is a lot of malware (and compromised systems) doing systematic scans for vulnerable PCs to infect, another possibility is that you have been assigned an IP address last used by someone running a file-sharing program. In that case, other users of that P2P network will keep trying to connect to you since they have no way of knowing that the IP address has changed owner. If you only see lots of scans occasionally, this is the most likely cause. "IP hiding" (and solutions like Tor or commercial products like XeroBank) is advisable if you wish to conceal your location from websites you connect to - or if you wish to prevent others with access to your network connection (people in your household, your ISP, your government) from seeing what you do online. These products will not deal with port scans.
