Using private IP addresses to evade detection
Major advertising companies collect data from Internet users based upon several traceable parameters. Number one on the list is, of course, the IP address you use to connect to the Internet. Your E-mail address can be used to track you as well. Although your address usually can be traced back to your Internet Service Provider, once it reaches there, it is routed internally. Some web-based e-mail accounts display the senders real IP address in the header, so even if you use an anonymous account, you can be found by checking the IP address. Your IP address is also captured by opening an HTML e-mail web page. The web page can also place a cookie on your system, which can then be used to track you repeatedly. When you load software and run an executable program, your hard drive can be read, and programs that allow other access to your computer via the Internet can be installed.
Most people are aware of the various ways the security of their system can be breached. They may be unaware however, that besides using a firewall to warn you of Internet communications, there are fictional network ranges of IP addresses that reserved for private use and can never appear on the Internet. They can be used to circumvent the masked marauders of you network. The range of IP addresses to use are:
- 10.0.0.0 - 10.255.255.255 (10/8 prefix)
- 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
- - 192.168.255.255 (192.168/16 prefix)
These numbers and their use are described in RFC 1918 at: http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc1918.html.
As an example of how to set these addresses in Windows, open the Control Panel, then double click on the Network icon. Highlight the TCP/IP protocol and click Properties. If you have multiple listings, highlight the one that has the > pointed at your network card. Click on the IP Address tab then click next to "Specify and IP Address." Put192.168.0.x (for example) in the IP address block. The number "x" can be any number from 1 to 255. In the Subnet mask box put 255.255.255.0. Keep a good record of which number you assign to each PC so that there are no mix-ups in numbering. Just increment the last number by one as you add PCs to the network. The subnet mask will be the same on all of the computers. The final step is to click on the WINS Configuration tab and click on the "Disable WINS resolution" button. Click OK.
Barrie Sosinsky (firstname.lastname@example.org)is president of consulting company Sosinsky and Associates (Medfield MA). He has written extensively on a variety of computer topics. His company specializes in custom software (database and Web related), training and technical documentation.
Did this tip float your boat? If so, why not let us know? E-mail us and sound off.
The Concise Guide to Enterprise Internetworking and Security
Author : Joseph F Dries, III and Kyle Cassidy
Publisher : QUE
Published : Dec 2000
This book provides network professionals with information they need to securely design and maintain efficient, scalable Internet connections. It includes planning solutions, office bandwidth delivery technologies, security practices, hardware considerations, and testing.
This was first published in June 2001