Re: doc question on private network IP allocation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2011-10-17 at 13:16 -0700, Joe Zeff wrote:
> Back when I did tech support for an ISP, I used to tell callers that
> having a dynamic IP address made their computer more secure,
> especially on dial-up. Why?  Well, even if somebody managed to get
> into their computer they'd never be able to find it again once the
> owner had logged off the net because next time they'd have a different
> IP.  

Then you lied to them.  If you get hacked once, once was enough.  It
isn't necessary to be hacked again.  And an attack over IP can be purely
random.

I'll give you a case in point.  A friend of mine called me to say he was
installing XP, would I like to have a look.  So I went, and watched him
get infected four seconds after connecting to his ISP, and was unable to
remove the infection (Windows wouldn't let his anti-virus software
change the file that Windows let the malware change).  So, he formatted
and re-installed, and was infected again, and again just a few seconds
after logging onto his ISP, the next time.  Again he had to wipe and
reinstall to get rid of it.  And I can't remember if he got three
infections in a row, but he certainly did get re-infected at later time.

Having a dynamic IP didn't help him in the slightest.  It was an
un-targeted attack at his entire ISP.  And doesn't help the next person
that was a target.

But taking steps that actually *are* security steps, do make a
difference.  Fooling around with dumb things that aren't security steps
do not help.  There are a lot of myths about security, and it's
astounding how people keep perpetuating them, even when it's explained
to them to the contrary.

> Yes, I knew about rootkits back then, but it was a case of KISS. 

A case of over-simplifying things to the point that you pass on useless
and incorrect information.

- Trust me, you're safe.
- Why do I need to trust you?
- Because I'm not being honest with you.

> Hell, I can also remember assuring callers that email viruses were 
> impossible right up until the day the first one hit.

A rather telling tale.  Are you going to continue to argue that other
things are true/untrue, despite demonstrations to the contrary, until it
hits you in the face?

-- 
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.



-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux