help me understand IP addresses
 

The banning of a particular troll on the technical forum got me thinking…and I realized I don’t understand how this works. NOTE: I’m not up to anything mischievous here! I just want to understand.

I did some searching on Google, and it appears that an IP address can come from a computer, or another piece of hardware such as a router.

So I’m wondering….

I have multiple computers plugged into a Linksys router; do they all appear as the same IP address on the internet?

Does one’s ISP have anything to do with an IP address?

Couldn’t a banned person just buy a used router on ebay for $40 each time they get banned?

I'm guessing that managing banned people is an ongoing game of cat and mouse. Must be a lot of work.

Every device on an IP network needs a unique address. You most likely have a private address at home; reserved IP space not routed externally. Simply, your linksys hides the IP's of your lan behind it's external interface address.

This address can be public or private, it's assigned by your ISP. In some cases your ISP gives your router a private address, so there is NAT happening twice.

Also, your ISP can give you a dynamic (changes) or static (fixed) address. So, when you connect to Pelican Parts to buy car parts you could be coming from the same source or not, depends on how your ISP assigns addresses.

On the back end, IP's can be blocked one at a time or in ranges. It's possible to block an entire ISP's space, but then you are limiting your sales.

private adresses all have the same range, 192.168.1.x

this range never get's routed to other pc's , hence they can be used for Network Adress Translation

eg , you get one public adress from your isp 234.234.234.234 , and yoru router translates that to and from your pc's in the 192.168.1 range...

it's also a good security measure , since your pc's are not accessible to the internet, just your router is...

as for blocking ip adresses, that works as long as the ip adress of the offender doesn't change to often, like on dial up modem... in those cases mods can ban a complete range , such as 234.234.234.x , or even wider 234.234.x.x but that has the disadvantage of banning everybody on the same network as the offender...

Stijn's points are valid. In the case of my favorite little troll (aka Alina), her IP address changes because her ISP hasn't assigned her a static address. (I believe most ISP's assign dynamic IP's).

-Z-man.

you could contact the ISP, and file a complaint for repeat offending , in this day an age, you have a good chance that the ISP will drop Alina like a brick... trolling ,repeat violations , it's not hacking but it's not something ISP's like to see on their networks...

and maybe if they don't drop her, they might give a static ip to alina's account, so you can properly ban

either that or pass on the ip adress to a select few l33t haxors on the board.. and we'll make the problem go away :D

Very cool:)

Can't you just stop all inputs from the MAC address. Most people can't spoof them.

Stijn - not all private addys are in that set of subnets - there are also 10.0.0.0/8s, 172.16.*, etc. There are also reserved blocks and "hidden" things - for example, there's this great server for p0rn at 127.0.0.1 - visit it some time! Also, there are ranges reserved for other things, like 44.0.0.0/8 is all reserved as a HAM to IP gateway for packet radio data or email.

Oh yeah? Try me.;) Easily done actually....

Moreover, MAC addresses are only visible on the local segment. The MAC address on a packet is changed at each hop along a route.

Frankly, forget the technical solutions. DHCP addressing makes it a near impossible task. Svandamme is right, simple get a solid lock on the persons IP on day, then complain to high heaven to their ISP. Most ISPs are not interested in trouble. Throw around terms like 'legal action' for good measure.


Hmmmm...not exactly. Most of the routers/access points that you get for consumers use this as their address range. But the actual reserved private ranges are:

10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255

The 169.254.0.0 – 169.254.255.255 range is also reserved for automatic IP addressing in non DHCP environments.

LOL! Funny, I have the same server on my network......:D

i was like simplyfing things a bit to much since home routers generally use the 192.168.1.x range...i do know about the others(work for a major linux company, backliner, but not in a linux team), it's just that they don't have much meaning to the average home user...it was a poor explanation, i agree

Err...MAC addresses do not appear in a IP (nor TCP) packet header. MACs are only used for a local network's ARP, and will not be 'filterable' (is that a word :)) in a routed IP network.

I have never heard of troll Alina. Is that a trolette? What kind of trolling does she do?

Aurel

LOL. Dear lord, you get enough engineers in a room.....

You are correct. The MAC is not part of the IP headers itself.

You can make filtering decisions based on MAC address's, but these are not IP filters (Layer 3).

so tempting...oh so tempting...

But I'll take the higher ground and figure out a legal way to get rid of the pesky troll... now where'd I put the number to the bat cave? Er, I mean the Pelican Cave? (Paging Mr. Wayne Dempsey... :D )

-Z-man.

I think we need to just go whole hog, and geek out on a discussion of the history of IP subnet 0 (192.168.0.x).

should be easy enough to find the isp from the ip adress
then look on their site for contact details, of when not sure, simply mail to abuse@alinasisp.net... that's the default alias for reporting abuse..

Wayne started it.... :)

HardDrive - if we did that we'd have to get in a discussion about who deserves a class A subnet more - MIT or the country of China? What about IPv6 vs. IPv4? Proper implementation of RFC1149 or even IP over Bongo Drum?

Just block 224.0.0.1, that'll fix it.



probably better if we just all convert to Appletalk.

For anyone that wants to understand IP addressing better, this doc is great and has been around forever.

http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf

It's probably more and less than most people would want to know, but thought I'd offer it up to the non-techie people that visit this thread.

IPX/SPX and DOS VLM's ;)

Not as much fun as SNA, but I like the nice long addresses.

there was this time where there was this netware for SAA box running , back in 99, and the manager insisted that the bugger had to patched with the netware32 "upgrade" , totally ignoring my warnings about saa not beeing supported anymore and the patch most likely killin the box...guess what, it killed the box.. while i'm working at it , the clock ticks, and suddenly they tell me , btw, if this thing isn't backup in the next hour we ,shut down the plant because we need our safety procedures for the next shift... that'll cost us 250K and hour...don't let us down champ!

also had a Siemens Comet, of which they told me : if it goes down, we're screwed, those who built this thing @ Siemens retired... when you run the backup , follow each command to the letter, no mistakes !!

and obviously on day 1 of my command, i follow the backup procedure to the letter, and the rotten thing stops responding on the terminal...quick call to my predecessor : "just bang the keyboard a bit, see if it helps"

aah, the good ol days, when 'puters were still tricky , heavy and misterious...

My first job out of college was with IBM @ RTP working on SNA microcode development ...then a communications systems programmer for many years. This IP stuff is primitive :)...not really, just different, but I did prefer the "good 'ole days"...

SNA and Source Route Bridging makes me want to hurl. I'm afraid I'm just a young whippersnapper. I like my layer 3 and IP.

I've been doing mostly IP stuff for the last ten years or so, so I understand what ya mean by SRBing. There are more elegant solutions (DLSW), like I said, native IP is 'primitive'. Hey, what are we doing talking about this crap here in PPOT....you must be a "liberal neocon", let's change the subject :)