[Dshield] Hiding IP's

Brian Dessent brian at dessent.net
Mon Aug 22 03:56:06 GMT 2005


Aaron Lewis wrote:

> My original thought was to mask my public IP address to everything on the
> net. Not really sure. Hadn't thought it through that far. I guess you really

Any time two computers on the internet establish a TCP connection, each
knows the others IP address with near 100% certainty.  It used to be
that the random number generators used to choose initial sequence
numbers in common TCP/IP stacks were substandard, allowing for the
spoofing of the three-way handshake, but this has not been the case for
a long time.  Anyone that tells you that spoofing a TCP connection is
easy or trivial is probably lacking clue.

The consequence of this is that there is no true way to hide an IP
address.  You can route access through a proxy, or some other "routing
network" such as tor or freenet.  Freenet is its own isolated network
without access to what we generally call "the internet" so it's not of
any use for everyday activities.  Tor is more useful for general web
surfing, but it can be slow.

Most software that you see advertised to "hide your identity" simply
uses a list of anonymous proxies.  Most of these are discovered through
scanning IP space, and the majority of them exist due to
misconfiguration or negligence.  Therefore you are on questionable
grounds legally if you use a random proxy that you get from a list, as
this is probably commiting a computer crime.  However, the enforcibility
of this is rather slim.

So, in summary.  Give up on the notion of "hiding your IP address."  It
is certainly possible to hide behind proxies and the like, but at the
end of the day the machine you are directly connected to ALWAYS has your
address, by definition of how the internet works.

Brian


More information about the list mailing list