can the administrator hide our IP address please
notsobright
Solar Expert Posts: 247 ✭✭
all of the posters here has their IP address in plain view.
I dont know if you are aware or not but this is a security risk for the average posters.
Please consider making this information only available to this sites administration.
I didnt know where else to post this so please excuse me if I have mis posted.
other than that, Thanks for a great service and forum!
I dont know if you are aware or not but this is a security risk for the average posters.
Please consider making this information only available to this sites administration.
I didnt know where else to post this so please excuse me if I have mis posted.
other than that, Thanks for a great service and forum!
Comments
-
Re: can the administrator hide our IP address please
notsobright,
Actually, a few years ago when I joined (or there was a major upgrade just after I joined)--I sent the same message to Windsun (our Admin/NAWS person here) saying the same thing...
His response at the time (as I recall) was that he did see this as a security issue... Everyone out there is already tracking IP addresses--and there is no added security not leaving the IP Address visible.
And, to a degree--I understand his point... Any of the older Windows PC's, right out of the box if connected directly to the internet will be scanned, found, and attacked within minutes--and probably hacked (I don't know about the current Windows releases with built in firewalls and such--if they are as vulnerable or not). Using a hardware/NAT (or at least a pre-configured) software fire wall is pretty much mandatory these days.
Also, having the IP Addresses visible has helped me (before I became a moderator) answer peoples questions without a round of "where are you at" -- I just use one of the various sites out there like Geobytes or IP Address Look-Up to get a rough location of where the poster is so that we can talk about specifics to their location (amount of sun, weather, international questions, etc.)... And the IP address is accurate enough in about 95% of the cases to allow us to give an accurate answer.
And, it even allowed me to recognize a "sock-puppet" we had here for a week or so (posting under different names but same IP Address) before I was an Moderator.
Now--I still am uncomfortable with the whole privacy issue... It is bad enough that Google, Yahoo, XYZ websites are tracking us with cookies and IP addresses--much of our privacy seems to "go away" with public addresses...
But, since we allow image postings (Flicker, and other images) and off-board links--anyone that makes a posting here and allows off-board images and/or follows links--is giving up that information anyway (as well as tracking by ISP's and any body in the chain between the personal computer and the web server) to anyone that chooses to make the effort to log access from posts made here...
So, the "anonymity" of not posting IP Addresses tends to be illusionary anyway.
Any-who--That is the set of issues as I understand them... Please feel free to add any concerns/reasons you think that the forum should hide IP addresses... I will send a link to Windsun for him to review the discussion when he gets a chance (Niel and I cannot change/reconfigure the BBS system--we just help with spam and off-topic posts).
Please note that Windsun has been working in the real world for the last few months on business (and web) stuff--So he has not be here to monitor/jump in like he normally does.
For anyone interested, here is a quick link where they can see what others can find out from their IP Address.
If you want to read more about security (note: GRC can be a conterversial character--but his website does a nice job of presenting basic security issues):
www.grc.com
Choose "Shields UP" from this link to see what can be found out from your connection.
Sincerely,
-BillNear San Francisco California: 3.5kWatt Grid Tied Solar power system+small backup genset -
Re: can the administrator hide our IP address please
it was quite common to reveal a posters IP in the early days and as time went on more and more BBS/forums removed them in favor of their members privacy.
this is currently the only forum I visit that still reveals this info.
I take extra precautions but generally the IP address that are accessing a network is easily available to the administrators but when its posted in the open like it is here it becomes available to anybody and in this case even lurkers who are non-members which should definately not be the case and should only be accessable to/by those who have a ligitamate reason for this info.
it seemed to me that the admin either doesnt understand the IP address issues or they have a complete lack of respect for their members right to privacy.
I was hoping the later was not the case but still remain hopeful that the admin will reconsider and elliminate this "feature"
thanks -
Re: can the administrator hide our IP address please
NSB,
I will send the link of this discussion to Windsun (our Admin) and hopefully he will be able respond in the near future.
Sincerely,
-BillNear San Francisco California: 3.5kWatt Grid Tied Solar power system+small backup genset -
Re: can the administrator hide our IP address please
I also think its a good idea to turn this feature off. I dont really mind staff to know IP addresses or even members that much, but to be left open to even guests is not so good -
Re: can the administrator hide our IP address please
as i told bb already, i don't see the need for the addresses to be here. i don't know all of the security issues with it being here, but minimally spammers can pick up on the addresses. administratively speaking for windsun, bb, and myself we do need to have access to those addresses and we can get that access. it may add another step for us in some circumstances, but i have no problems with that. -
Re: can the administrator hide our IP address please
The biggest issue I see with publicly posting the IP is that it opens people up to additional scrutiny and makes more information available about that person than would otherwise be visible.
Now some people may not mind/care - others would likely prefer to keep a lower profile.
Ideally, it would be a personal setting that the user could chose to enable/disable. -
Re: can the administrator hide our IP address please
I have turned off viewing of IP addresses for all but admin and super moderators, but as others have stated, any illusion of privacy is just that - an illusion
Anytime you do a search on Google or anything else, it logs your IP address. -
Re: can the administrator hide our IP address pleaseAnytime you do a search on Google or anything else, it logs your IP address.
Thanks for turning it off, though! -
Re: can the administrator hide our IP address please
Windsun, thank you! very much..
nice to see you are open to sugestions and request from the membership here.
I have experienced your companys great service as a customer and it is well beyond any I have delt with in the solar related biz and now I know You are no exception. must be a great place to work!
You and the superb moderator team make this place the top forum too, not only in this field but of the many that I am a member.
NAWS is first class.. All the way!
It never hurts to ask.. sometimes we are pleasantly suprised. Thanks Again. -
Re: can the administrator hide our IP address pleasenotsobright wrote: »Windsun, thank you! very much..
nice to see you are open to sugestions and request from the membership here.
I have experienced your companys great service as a customer and it is well beyond any I have delt with in the solar related biz and now I know You are no exception. must be a great place to work!
You and the superb moderator team make this place the top forum too, not only in this field but of the many that I am a member.
NAWS is first class.. All the way!
It never hurts to ask.. sometimes we are pleasantly suprised. Thanks Again.
I second on what notsobright says, this is a great place to learn(and a simple chuckle);) , I know that I have. Thanx every one! And O-yes NAWS also:D -
Re: can the administrator hide our IP address please
I thought would pass this tool on to the folks here. I personally don't trust Google's tracking of everything. It blocks their tracking ability. Online privacy is a subject I have researched a fair amount. This tool is totally free.
http://www.googlesharing.net/ -
Re: can the administrator hide our IP address pleaseI thought would pass this tool on to the folks here. I personally don't trust Google's tracking of everything. It blocks their tracking ability. Online privacy is a subject I have researched a fair amount. This tool is totally free.
http://www.googlesharing.net/
hi Bob, thanks I havnt heard about that one. I wouldnt use google even if they paid me to. I prefer Scroogle when a google search is needed otherwise I use ixquick or yauba.
heres Scroogles main page: http://www.scroogle.org/
Scroogles standard search page: http://www.scroogle.org/scraper.html
Scroogles secure (SSL) search page: https://ssl.scroogle.org/
and here is the ixquick page: http://www.ixquick.com/
and yaubas page: http://in.yauba.com/ -
Re: can the administrator hide our IP address please
A) 99.9% of you are accessing the net via NAT (Network Address Translation) which is built-in to your routers. By default, these things will only allow the establishment of *outbound* connections. I.e., a hacker out in the world - even if they have your IP - can only see the front side of your router. They can *not* send any packets past it to establish a connection to a machine behind the NAT. (Unless you have configured your router to forward inbound packets in to a particular machine.) They can't even see what machines are hidden behind the NAT.
Real hackers are auto-scanning EVERY public IP address block at ALL TIMES. Which means that they already KNOW your IP address and what sort of (Linksys, D-Link, 2Wire, Linux, Windows, whatever) box is listening on that IP.
C) There is almost NO possibility of a user machine behind a NAT router being hacked - UNLESS the user does something dumb like downloading and installing a spyware (which will establish its own outbound connection to its home server).
The reality is that servers get hacked. Private users screw up and install malware or virii.
Your BEST security step is to stop using Internet Explorer and stop using Outlook Express. Use Web and Email clients that are NOT integrated into the operating system. Oh, and if something pops up that you do not completely understand (Wanna Make Your Computer FASTER??????) then just click on no. If you don't know exactly what it does, DO NOT say yes to it.
Hiding the IPs on this forum is a nice, soft and squishy feel-good thing to do - but it's *totally* irrelevant in regards to security.
(Oh, and yes Google does log IPs, but their primary source of information is from PERSISTANT COOKIES. Every site of theirs (or their affiliates, or any site with Google Ads or a Google searchbox) that you goto asks your browser, "Hey you got a Google cookie? What's the ID?" and ding, they know what your browsing habits are.)
[EDIT: How can you tell if you are behind a NAT firewall? Easy. Check the IP address of your machine. If it starts with "192.168." or "10." then you are behind a NAT firewall - those IP blocks are reserved for "inTRAnet use" and are never used on the real Internet - they are ONLY used on private networks behind NAT.] -
Re: can the administrator hide our IP address please
dwh Excellent post. Most people have absolutely no idea - the average persons idea of net privacy is kind of like standing real still and maybe they won't see you. -
Re: can the administrator hide our IP address pleasedwh Excellent post. Most people have absolutely no idea - the average persons idea of net privacy is kind of like standing real still and maybe they won't see you.
Thanks, and good point.
There's a term that network engineers use to describe that mindset - "Security Through Obscurity", and believe it or not, that is actually a legitimate security technique.
Usually, security experts will simply say, "Security through obscurity doesn't work". That's the easiest way to get the point across, but it's not entirely accurate.
The truth is that security through obscurity is almost completely useless by itself, but when combined with other techniques it can add a touch of extra security. Security through obscurity is one of the techniques used by NAT - the router hides the machines that are behind it.
Of course, that's not the *main* technique, the real security of NAT comes from simply forbidding any machines out on the public internet from initiating any connections to machines behind the router - only connections that originated *from* the protected machine are allowed.
This is how spyware usually works. The user downloads something they think is nifty, and unbeknownst to them, it also installs a hidden program. Then the spyware - running on the protected machine itself - originates a connection *out* to its master server to report in.
Because Internet Explorer and Outlook Express are so tightly integrated into Windows, and because both those applications and Windows have code designed to make software installs "transparent", they are the *most* common way for a virus or malware to get installed. It just happens and most people never even know.
Of course, the greatest security threat (on non-server machines) is the "oooh, gee-whiz, clickity-click" type user...
In the security biz, we have a term for that (an acronym naturally) - PEBKAC:
Problem Exists Between Keyboard And Chair. -
Re: can the administrator hide our IP address please
Not to turn this into a security thread (and I am not the expert either)--Here are a few basic steps for Windows Machine users:
I will keep this short and sweet--please ask any questions...
First, to find out if you are behind a router/firewall... You can do a quick check by clicking on START; RUN, then type in "cmd" (or command without the ""). This is the old MS Dos Window. In the window, type ipconfig and you should see something like this:C:\Documents and Settings> ipconfig
Windows IP Configuration
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Ethernet adapter Wireless Network Connection 2:
Connection-specific DNS Suffix . : Home
IP Address. . . . . . . . . . . . : 192.168.2.4
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
Next, you should check that your windows xp firewall is turned on. START, SETTINGS, CONTROL PANEL, WINDOWS FIREWALL.
Next, you do have an up to date anti virus program?
If your is out of date, run its update or get one of the free ones out there... I am using AVG... It is not the best, but it is free and works.
http://free.avg.com/gb-en/download.prd-afg
I stopped using Norton/symantec/Mcafee etc. Expensive and really slowed my PC down a lot (Comcast does supply Norton or Mcafee type for their customers--perhaps your ISP does too).
Last I looked www.kaspersky.com was the most highly rated antivirus out there.
At this point, you should scan your computer with antivirus, or some thing like Malwarebytes, Ad-Aware, etc.:
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
Also, you should also run your Microsoft Updates (if you are not currently up to date).
I don't like using Microsoft's IE web-browser and Outlook mail programs... They always seem to have way too many holes, and way too many hackers looking for holes in those programs.
For email software to download messages to your computer, Thunderbird (same folks as Firefox) seems to work fine:
http://www.mozillamessaging.com/en-US/thunderbird/
And for a web-browser--I really like Firefox. There are others out there that are probably OK safety wise--but I really like the add-on/extensions that FireFox supports:
http://www.mozilla.com/en-US/firefox/personal.html
You can load fire fox, and still use IE8 (or your other browsers)--it will not change any of those programs/installations in any way.
Next, I like to download Spyware Blaster from Java Cool... Install and run the manual update once every few weeks. Blocks a lot of the hack sites and codes that are used to damage IE installations:
http://www.javacoolsoftware.com/spywareblaster.html
Next, after you have Firefox installed--the two basic security modules I always load are:
1. No Script:
http://noscript.net/
Basically, turns your browser into a "Dumb Browser". Will not run any fancy Java Scripts, Java, Flash, downloaded thing-a-mi-jigs, etc. unless you "white list them" (you have to right click on the S with a red circle to allow the site to run scripts on your computer). Sort of the opposite of anti-virus which lets stuff run, and then tries to stop bad stuff from happening.
No Script stops everything from happening unless you allow it (banking, wind-sun forum, etc.). Also stops a lot of the Flash video ads and flashing stuff on your screen. However, you will need to allow scripts for many of your websites (like banking and such)--but it is now your choice.Near San Francisco California: 3.5kWatt Grid Tied Solar power system+small backup genset -
Re: can the administrator hide our IP address please
2: Next I add an extension to FireFox called AdBlock Plus:
https://addons.mozilla.org/en-US/firefox/addon/4042/?src=api
This add-on does not actually do anything just yet. After you install it, you click down arrow next to the red ABP stop sign and select preferences. Then click on FILTERS, ADD FILTER SUBSCRIPTION, then select EASY LIST (and any more you may want).
Now, the program has a bunch of "rules" that will wipe out most of the ads on the US/English internet.
You can also right click on ads (for me moving/blinking/flashing type ads) and kill those too.
Now, your web browsing experience is like it was 20 years ago (boring, quiet, and a lot of text). You may also find it quicker too.
Take a look around the www.grc.com site--he also shows you how to turn off messenger, plug and play, etc... which will make life a little better for you too.
I am probably at the limits of what I can recommend--But, here is a good place if you want to read a bunch more about--take a look at this website:
mech's guide to Windows PC security
I have not done everything he has suggested--but it is a good idea to see what else can be done to make it safer for your pc/family stuff.
-BillNear San Francisco California: 3.5kWatt Grid Tied Solar power system+small backup genset -
Re: can the administrator hide our IP address please
AVG is a good anti-virus, but they do make it a bit obscure how to find and download the free version. They'd rather sell you a subscription.
Another good free anti-virus is "Avast!". You have to register it, and the freebie reg is only good for one year, but they make it easy to re-register for another year.
Note that both of these are free only for non-commercial use. You can legally use them on your personal systems, but not at work.
I use another freebie, "Spybot Search & Destroy" for anti-malware. You have to be careful though - if you just Google for it, the first couple of pages of results will lead you to unscrupulous people who are exploiting the name to try to sell you some other product. The TRUE Search & Destroy can be found at:
http://www.safer-networking.org/ -
Re: can the administrator hide our IP address please
DWH sent me a PM to correct a couple of my errors...
NAT Is Network Address Translation. (not "native").
The block for is 192.168.x.y for local addressing (not "192.x.y.z)...
I told you guys I was in over my head.
-Bill
PS: I also used to use Spybot Search and Destroy too... Very useful.Near San Francisco California: 3.5kWatt Grid Tied Solar power system+small backup genset -
Re: can the administrator hide our IP address please
lots of good advice!
wilders is the top security forum that Im aware of. for those intrested they are here:
http://www.wilderssecurity.com/index.php
BTW I wouldnt get too comfy thinking a router is bullet proof. lots of router pharming going on out there too. an out of the box setup hardly secure. lots of exploits available for the most common ones.
definately take some time to at least change the defalt name and passwords and try to learn more settings.
if you really want to get serious find a linux based router and checkout the opensource firmware for them. not only bullet proof but a serious increase in performance.
thats just the begining.. literally the sky is no limit with some of them. search linksys WRT54G mods. make your own hotspot, bridge, repeater, remote controlled video car/plane/drone! unbelivable what some have done with these routers. -
Re: can the administrator hide our IP address pleasenotsobright wrote: »lots of router pharming going on out there too.
That was my original point. Hiding your IP address on this forum does nothing to prevent that.an out of the box setup hardly secure
Actually, most ARE set to secure defaults. Such as disallowing management access from the outside, and not having any port forwarding enabled.lots of exploits available for the most common ones.
True, but that's almost always a firmware issue. And a lot of the exploits that you refer to apply to boxes with older (sometimes years older) firmware. And true, most people don't keep up with the latest updates so quite a few are vulnerable to this or that exploit.
But cracking (no pun intended...well maybe a little) a router on someone's home network is a pretty big waste of time for a hacker - it just doesn't get you anything worthwhile. What are they gonna do? Steal the pictures of grandma's cat? Carefully analyze someone's youtube playlist? Swipe their whole collection of Hello Kitty and Jessica Alba wallpaper?
The only ones who are truly serious about cracking home routers are those who run botnets, or those who seek to gather up as many credit card numbers as they can get. (And governments...but they are short-handed and have to financially justify the man-hours to crack something.) They want to infect as many machines as possible with their backdoor botnet client or their spyware. Even so, most botnet or spyware code comes to he machine because of something the user did, not because some pharmer cracked their commodity box router.
But those guys aren't getting your IP from this forum anyway - they are the ones I referred to who are scanning every available IP on the internet.definately take some time to at least change the defalt name and passwords and try to learn more settings.
Yes and no. I agree on changing the default passwords, but it's not really critical since most are configured by default to not allow management access from the WAN (the outside world for those who don't know this term). Some providers DO change the settings to allow outside management access, so that they can get in and do things that need doing, but they never leave the default passwords anyway. Default passwords are mostly only an issue if the router is attacked from the LAN (inside) side of the network.
As for encouraging novices to muck about with the settings, I would have to disagree. A default config would almost always be preferable to some change made by someone who doesn't know what they are doing.if you really want to get serious find a linux based router and checkout the opensource firmware for them. not only bullet proof but a serious increase in performance.
thats just the begining.. literally the sky is no limit with some of them. search linksys WRT54G mods. make your own hotspot, bridge, repeater, remote controlled video car/plane/drone! unbelivable what some have done with these routers.
That "bullet proof" part is a bit misleading. Just because something is bullet proof TODAY doesn't mean it will still be TOMORROW. Hackers are constantly seeking - and finding - exploits. When someone says "bullet proof", I translate that to, "well, no exploits have YET BEEN discovered". Give it time, someone will come up with a crack.
Well, except for Qmail. To this day (13 years now) no one has collected Dan Bernstein's $500 reward for anyone who could find a security hole in Qmail.
http://cr.yp.to/qmail/guarantee.html
Still and all, I stand by my position - the vast majority of people behind NAT are quite safe - from being attacked by hackers, not from their own screwups - and hiding your IP address on this forum does NOTHING to protect you from real hackers.
Anyway, you got what you asked for - the IPs have been hidden. So no worries, it's all warm and fuzzy goodness. I feel so much safer now! I wonder though...do YOU feel safer now?
I just wanted to make sure that people weren't overly alarmed by your request for a placebo. -
Re: can the administrator hide our IP address please
Anyway, you got what you asked for - the IPs have been hidden. So no worries, it's all warm and fuzzy goodness. I feel so much safer now! I wonder though...do YOU feel safer now?
I just wanted to make sure that people weren't overly alarmed by your request for a placebo.
I dont feel safer, my true IP was never revealed from the start.
placebo? I think we both know better.
your entrance timing on this topic and these latest remarks seem to indicate your not happy about the change. why is that? -
Re: can the administrator hide our IP address please
Lets ease up a bit folks... And where is that Jessica Alba wallpaper?
-BillNear San Francisco California: 3.5kWatt Grid Tied Solar power system+small backup genset -
Re: can the administrator hide our IP address please
I'm not going to get into the middle of this, but anything the admins can do to make this forum just a tad bit safer for its members is a welcome change. Thanks BB, Niel & Winsun. -
Re: can the administrator hide our IP address please
This has been a very interesting discourse. Thanks, all! -
Re: can the administrator hide our IP address please
Security worries are quite often misplaced. This was pointed out to me just yesterday, when a friends IRS tax return was stolen - from his mailbox, because he "did not trust" direct deposit "because there were too many hackers on the internet" (his quotes).
A few months ago a relative had their credit card into stolen - not online, but from a restaurant. -
Re: can the administrator hide our IP address please
I thought the internets were just a series of pipes coming into my house! I just let the water spill out on the outside.
I do have to say, it is a bit of an improvement over the juice can and string that we used to use. As has been suggested, the most secure way to stay secure is to stay off the net. Unfortunately, it is almost impossible to do so. Our neighbour (who used to say, "what the *$%* do I need a computer for?".) and then proceed to ask me to order something for him, discovered that he absolutely couldn't get customer service over the phone any more. Living in a very remote site, we have always ordered lot's of stuff from catalogues and mail order, but it is almost impossible to do these days, especially after there is an error. Calling "customer service" netted an endless loop, followed by endless holds (a bit of a problem when you are calling on a limited service cell phone!). The fact is business specifically discourages phone calls as they cos the business money.
Our neighbour accepted a gift of a lap top from his brother and a Sat Dish from me, and now has joined the 21st century, and indeed can't live without it.
Tony -
Re: can the administrator hide our IP address pleasenotsobright wrote: »your entrance timing on this topic and these latest remarks seem to indicate your not happy about the change. why is that?
The timing was nothing more than the whim of fate. I've been busy so I haven't had much time to keep up with this forum. When I have had time, I'd just quickly check the installer's forum since I feel that's where my experience (24,000 hours as a working electrician) can contribute the most. The last few days I've had the luxury to sit around surfing the net, so I've been catching up. Yesterday, I finally finished reading all of the threads that I'd missed. This was simply one of them.
As to not being happy about the change - the truth is that I couldn't care less about the change. My issue is with needlessly alarming people who don't fully understand the issues of internet security. To most people, the internet is some magical nebulous murky place, and hackers are evil sorcerers who cast their spells by the light of the moon.
But I also have > 20,000 hours as a working network engineer and sysadmin, so if I can shine a little light on the subject and dispel some of the mystery, then what the hell...I'll do it.
If not me, then who?
EDIT:
Oh, duh...now I get it. You are suggesting that perhaps I'm a hacker. Well...I am. And a pretty good one too. I've even been paid (OMG! NO WAAAAYYYY!) to crack security on commercial networks.
But the truth is, these people around here are safe from my nefarious plots - my collection of Jessica Alba wallpaper is already far larger than theirs. -
Re: can the administrator hide our IP address please
Who is Jessica Alba?
T -
Re: can the administrator hide our IP address pleaseWho is Jessica Alba?
T
she's a movie star.
http://en.wikipedia.org/wiki/Jessica_alba
you have been too isolated methinks.
Categories
- All Categories
- 222 Forum & Website
- 130 Solar Forum News and Announcements
- 1.3K Solar News, Reviews, & Product Announcements
- 191 Solar Information links & sources, event announcements
- 887 Solar Product Reviews & Opinions
- 254 Solar Skeptics, Hype, & Scams Corner
- 22.3K Solar Electric Power, Wind Power & Balance of System
- 3.5K General Solar Power Topics
- 6.7K Solar Beginners Corner
- 1K PV Installers Forum - NEC, Wiring, Installation
- 2K Advanced Solar Electric Technical Forum
- 5.5K Off Grid Solar & Battery Systems
- 425 Caravan, Recreational Vehicle, and Marine Power Systems
- 1.1K Grid Tie and Grid Interactive Systems
- 651 Solar Water Pumping
- 815 Wind Power Generation
- 622 Energy Use & Conservation
- 608 Discussion Forums/Café
- 302 In the Weeds--Member's Choice
- 74 Construction
- 124 New Battery Technologies
- 108 Old Battery Tech Discussions
- 3.8K Solar News - Automatic Feed
- 3.8K Solar Energy News RSS Feed