Why is this strange IP address in Network connections?
host the code
Gee, I was about to host the code suggested above, but I suddenly recalled that hits at puppylinux.org are always at the overload end, so that got me frozen.
I see no problem with icanhazip.com, although I used to visit who.is for my ip address.
I see no problem with icanhazip.com, although I used to visit who.is for my ip address.
Puppy user since Oct 2004. Want FreeOffice? [url=http://puppylinux.info/topic/freeoffice-2012-sfs]Get the sfs (English only)[/url].
One of the problems that this discussion highlights is that the community does NOT have a document (oh pray tell, a standard) that we understand to contain what ports a distro uses. Since there is none, the community will continue to see these kinds of alarms crop up, then a fire-fight surface where it becomes a distraction.
For those who dislike this protocol for system behavior, there have been altenative(s) presented.
We have, in this thread, identified that there is not a corruption as the behavior provides a service to the system. IS THIS SERVICE BAD? we have NOT seen any evidence that there is misuse or corruption.
Why is this getting the attention it is garnering??? IS THERE SOMETHING WRONG THAT THIS OPERATION IS DOING.
Again I share that your system on your LAN is doing things that most users are unaware. It has been doing it, by standard architecture, for almost 30 years. Most of you are unaware. Because it does "good" things for you should we have cause for alarm and call for the LAN to be trashed because you didn't know it was doing good things for you? This kind of reasoning is escaping me and maybe others.
HOW HAVE YOU BEEN HARMED?
And maybe a better question is: How will any change improve things such that we see an improvement in the system's performance or its network performance and behavior?
Let's get the emotions behind us and focus on the system improvement for user benefit without putting ANY additional burden on the distro users.
Here to help
For those who dislike this protocol for system behavior, there have been altenative(s) presented.
We have, in this thread, identified that there is not a corruption as the behavior provides a service to the system. IS THIS SERVICE BAD? we have NOT seen any evidence that there is misuse or corruption.
Why is this getting the attention it is garnering??? IS THERE SOMETHING WRONG THAT THIS OPERATION IS DOING.
Again I share that your system on your LAN is doing things that most users are unaware. It has been doing it, by standard architecture, for almost 30 years. Most of you are unaware. Because it does "good" things for you should we have cause for alarm and call for the LAN to be trashed because you didn't know it was doing good things for you? This kind of reasoning is escaping me and maybe others.
HOW HAVE YOU BEEN HARMED?
And maybe a better question is: How will any change improve things such that we see an improvement in the system's performance or its network performance and behavior?
Let's get the emotions behind us and focus on the system improvement for user benefit without putting ANY additional burden on the distro users.
Here to help
Apparently puppy 4.3.1 does not make any of these connections when booted, so I think it is unfair to suggest that it is 'expected' behaviour and that it has been so for 30 years.gcmartin wrote:Why is this getting the attention it is garnering??? IS THERE SOMETHING WRONG THAT THIS OPERATION IS DOING.
Again I share that your system on your LAN is doing things that most users are unaware. It has been doing it, by standard architecture, for almost 30 years.
One of the reasons I first started using Puppy was that I had discovered the Gibson Research Institute "shields up" site and become concerned about how unreasonably 'open' my Windows system was, according to the tests available there.
By contrast, Puppy seemed better locked down, and I felt happier using Puppy rather than Windows. My attitude was probably poorly informed, but nonetheless I felt that a 'quiet' system must be better than one that opened ports without user consent or knowledge. To learn that recent puppies have several connections open from boot time has awakened me to the fact I know way too little about how to keep my system secure.
You may be right. Are you suggesting that each of these connections is just a 'safe destination' rather than an 'unnecessarily open port'?After thinking thru the concern being pushed, it occurs that the problem MAY be that its not known the difference between "port" versus "destination". This lack of knowledge could be the root of discomfort.
First of all your PC is not connected to Nugget enterprises (or to icanhazip.com or anything else if you do not have initiated a web/ftp/etc connection)greengeek wrote:Also...I'm probably blind, but I cannot see any response that has provided a justification for a connection with Nugget enterprises - which as far as I can see is nothing at all to do with icanhazip.
Did I miss something? Why is my PC connecting to Nugget enterprises?
type
Code: Select all
netstat -an | grep -E 'ESTABLISHED|CONNECTED'
The address that you see, and usually has the FIN/TIME_WAIT1/2 status, is the remote server (wait/)closing the connection that ipinfo initiated to find your external IP.
See image
Now why Nugget enterprises when we ask our IP frm icanhazip.com?
icanhazip.com has IP 216.69.252.100. The site is hosted in charlie.colo.mhtx.net that has a range of 9 IP and charlie.colo.mhtx.net is hosted in Nugget Enterprises, Inc that has all the IPs from 216.69.252.0 to 216.69.252.255.
When a site is hosted in a cluster, although receive requests at a specific IP, can service these requests from any IP of the cluster, depending on the topology of the system.
What you actually see is the IP from the remote cluster that icanhazip.com is hosted on, that is closing the connection.
I hope that's clear enough.
Edit: Add connection close states image
Last edited by mavrothal on Sun 12 Jan 2014, 17:30, edited 1 time in total.
In your words, please explain what this thread opened as? Please. Help us understand, in summary, how you see this thread's subject and its opening thread. And should you consider open ports via a LAN card as having nothing to do with any of what is asked, please share it for me. Thanks.anikin wrote: ... This discussion has nothing to do with ....
Please articulate clearly as you seem to have a better idea.
Well raffy can't host the file.. that's ok.
Try this.
Try this.
- Attachments
-
- ipinfo.gz
- gunzip, make executable and place in /usr/sbin overriding old version
- (1.59 KiB) Downloaded 256 times
Puppy Linux Blog - contact me for access
Another solution addressing concern to web connect ID issue
Thank @01Micko. A thought-thru option. Thanks
"Check to allow external IP from icanhazip.com" can be misleading if you have not followed this and similar threads.01micko wrote: Try this.
"Check to find your external IP through icanhazip.com" is more accurate I believe.
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==
Any more transparent now and we risk breaking under the strain..
- Attachments
-
- ipinfo.gz
- second one
- (1.72 KiB) Downloaded 260 times
Puppy Linux Blog - contact me for access
True but I do not think that this 3-year+ functionality should be removed in the defaults.01micko wrote:Any more transparent now and we risk breaking under the strain..
What about
"Check to block finding your external IP from icanhazip.com"
and
Code: Select all
[ -f $HOME/.ipinfo ] && . $HOME/.ipinfo || CB0=true
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==
@mavrothal, I don't get the hysteria either.. FFS they use Google!
Puppy Linux Blog - contact me for access
Speaking of.......01micko wrote:@mavrothal, I don't get the hysteria either.. FFS they use Google!
http://www.washingtonpost.com/blogs/the ... r-hacking/
James C wrote:Speaking of.......01micko wrote:@mavrothal, I don't get the hysteria either.. FFS they use Google!
http://www.washingtonpost.com/blogs/the ... r-hacking/
Anyway, I do use google with a touch of contempt! I consider them linux "rapists" but sometimes it's handy for my own reasons. Self preservation is at the top of my list so I use sparingly.
Ah.. right now I have better things to do.. k3.10.26 and k3.12.7 have just been released!
Puppy Linux Blog - contact me for access
I don't understand the responses here. It looks like you guys are seeing some sort of xdialog that is not coming up on my system. I installed mick's updated ipinfo script and now have a clean "staistics" tab in ipinfo (which is excellent - thanks mick), but not any of the interactive stuff that others appear to be reporting. Could someone post a screenshot of what I seem to be missing please? Ta.mavrothal wrote:"Check to allow external IP from icanhazip.com" can be misleading if you have not followed this and similar threads.
"Check to find your external IP through icanhazip.com" is more accurate I believe.