Comprised IP address?

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Comprised IP address?

Ian Tresman
I'd appreciate some user IP address advice.

My Web site was attacked by someone with an IP address that is used
on Wikipedia by someone who has not logged into a personal account.
They have suggested that their User IP address may have been compromised.

Is the following accurate:

If their User IP was identified with, for example, a college, then
several people could indeed be using the same Wikipedia User IP address.

But if their IP address is identified with a private residential
broadband account, then the only ways it could be compromised is:

a. Someone else has access to the same computer
b. The home computer has a Trojan giving access to an intruder

Regards,
Ian Tresman
 


_______________________________________________
Wikitech-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: Comprised IP address?

Jim R. Wilson
It's _possible_ to lose your IP to someone else.  I believe this is more
likely for DSL than Cable.

On 3/13/07, Ian Tresman <[hidden email]> wrote:

>
> I'd appreciate some user IP address advice.
>
> My Web site was attacked by someone with an IP address that is used
> on Wikipedia by someone who has not logged into a personal account.
> They have suggested that their User IP address may have been compromised.
>
> Is the following accurate:
>
> If their User IP was identified with, for example, a college, then
> several people could indeed be using the same Wikipedia User IP address.
>
> But if their IP address is identified with a private residential
> broadband account, then the only ways it could be compromised is:
>
> a. Someone else has access to the same computer
> b. The home computer has a Trojan giving access to an intruder
>
> Regards,
> Ian Tresman
>
>
>
> _______________________________________________
> Wikitech-l mailing list
> [hidden email]
> http://lists.wikimedia.org/mailman/listinfo/wikitech-l
>
_______________________________________________
Wikitech-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: Comprised IP address?

Ian Tresman
At 21:33 13/03/2007, you wrote:
>It's _possible_ to lose your IP to someone else.  I believe this is more
>likely for DSL than Cable.

Sure, but
(a) not for a static IP address ?
(b) for a dynamic IP address, it would be unlikely that if you lose
an IP address, you'd get it back.
(c) You wouldn't lose the same IP address on several ocassions to the
same culprit?

Regards,
Ian

>On 3/13/07, Ian Tresman <[hidden email]> wrote:
> >
> > I'd appreciate some user IP address advice.
> >
> > My Web site was attacked by someone with an IP address that is used
> > on Wikipedia by someone who has not logged into a personal account.
> > They have suggested that their User IP address may have been compromised.
> >
> > Is the following accurate:
> >
> > If their User IP was identified with, for example, a college, then
> > several people could indeed be using the same Wikipedia User IP address.
> >
> > But if their IP address is identified with a private residential
> > broadband account, then the only ways it could be compromised is:
> >
> > a. Someone else has access to the same computer
> > b. The home computer has a Trojan giving access to an intruder
> >
> > Regards,
> > Ian Tresman
> >
> >
> >
> > _______________________________________________
> > Wikitech-l mailing list
> > [hidden email]
> > http://lists.wikimedia.org/mailman/listinfo/wikitech-l
> >
>_______________________________________________
>Wikitech-l mailing list
>[hidden email]
>http://lists.wikimedia.org/mailman/listinfo/wikitech-l


_______________________________________________
Wikitech-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: Comprised IP address?

Thomas Dalton
> Sure, but
> (a) not for a static IP address ?
> (b) for a dynamic IP address, it would be unlikely that if you lose
> an IP address, you'd get it back.
> (c) You wouldn't lose the same IP address on several ocassions to the
> same culprit?

a) Definitely right
b,c) Probably right

_______________________________________________
Wikitech-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: Comprised IP address?

Andre Engels
In reply to this post by Ian Tresman
2007/3/13, Ian Tresman <[hidden email]>:

> If their User IP was identified with, for example, a college, then
> several people could indeed be using the same Wikipedia User IP address.
>
> But if their IP address is identified with a private residential
> broadband account, then the only ways it could be compromised is:
>
> a. Someone else has access to the same computer
> b. The home computer has a Trojan giving access to an intruder
>

c. They have an unprotected wireless network

And of course there is also the possibility that their IP is neither college
nor private but (for example) an ISP-based cache.

--
Andre Engels, [hidden email]
ICQ: 6260644  --  Skype: a_engels
_______________________________________________
Wikitech-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: Comprised IP address?

Oldak
In reply to this post by Ian Tresman
On 13/03/07, Ian Tresman <[hidden email]> wrote:

> At 21:33 13/03/2007, you wrote:
> >It's _possible_ to lose your IP to someone else.  I believe this is more
> >likely for DSL than Cable.
>
> Sure, but
> (a) not for a static IP address ?
> (b) for a dynamic IP address, it would be unlikely that if you lose
> an IP address, you'd get it back.
> (c) You wouldn't lose the same IP address on several ocassions to the
> same culprit?

Don't AOL pool their IPs among users?

--
Oldak Quill ([hidden email])

_______________________________________________
Wikitech-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: Comprised IP address?

Ian Tresman
In reply to this post by Andre Engels
At 23:25 13/03/2007, you wrote:

>2007/3/13, Ian Tresman <[hidden email]>:
>
> > If their User IP was identified with, for example, a college, then
> > several people could indeed be using the same Wikipedia User IP address.
> >
> > But if their IP address is identified with a private residential
> > broadband account, then the only ways it could be compromised is:
> >
> > a. Someone else has access to the same computer
> > b. The home computer has a Trojan giving access to an intruder
> >
>
>c. They have an unprotected wireless network
>
>And of course there is also the possibility that their IP is neither college
>nor private but (for example) an ISP-based cache.

1. That would imply it's shared... and there would probably be a
record of it during a Google search?

2. And if I ping the IP address, it should be active 24-hours a day,
nor when the customer is out at work?

Regards,
Ian



>--
>Andre Engels, [hidden email]
>ICQ: 6260644  --  Skype: a_engels
>_______________________________________________
>Wikitech-l mailing list
>[hidden email]
>http://lists.wikimedia.org/mailman/listinfo/wikitech-l


_______________________________________________
Wikitech-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: Comprised IP address?

Ian Tresman
In reply to this post by Oldak
At 01:22 14/03/2007, you wrote:

>On 13/03/07, Ian Tresman <[hidden email]> wrote:
> > At 21:33 13/03/2007, you wrote:
> > >It's _possible_ to lose your IP to someone else.  I believe this is more
> > >likely for DSL than Cable.
> >
> > Sure, but
> > (a) not for a static IP address ?
> > (b) for a dynamic IP address, it would be unlikely that if you lose
> > an IP address, you'd get it back.
> > (c) You wouldn't lose the same IP address on several ocassions to the
> > same culprit?
>
>Don't AOL pool their IPs among users?


a. Do you mean a dynamic IP address... in which case a customer could
end up with any one of numerous IP addresses?

b. As it is, I know they are with Comcast, who have identified their
IP address as a residential customer.

Regards,
Ian


_______________________________________________
Wikitech-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: Comprised IP address?

Neil Harris
In reply to this post by Thomas Dalton
Thomas Dalton wrote:

>> Sure, but
>> (a) not for a static IP address ?
>> (b) for a dynamic IP address, it would be unlikely that if you lose
>> an IP address, you'd get it back.
>> (c) You wouldn't lose the same IP address on several ocassions to the
>> same culprit?
>>    
>
> a) Definitely right
> b,c) Probably right
>
>  
a) Don't forget about BGP prefix hijacking attacks, or (less likely)
direct attacks on your ISP's routing architecture, either of which would
have the same effect without a site compromise; or the use of insecure
wireless networks, which would allow an external attacker to use the
same IP address without authorization...
>
>
>  


_______________________________________________
Wikitech-l mailing list
[hidden email]
http://lists.wikimedia.org/mailman/listinfo/wikitech-l