Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 27 Nov 2014, 18:00
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Why is this strange IP address in Network connections?
Post new topic   Reply to topic View previous topic :: View next topic
Page 12 of 15 [214 Posts]   Goto page: Previous 1, 2, 3, ..., 10, 11, 12, 13, 14, 15 Next
Author Message
anikin

Joined: 10 May 2012
Posts: 529

PostPosted: Fri 17 Jan 2014, 04:06    Post subject:  

01micko wrote:
Major Hayden got a bit peeved
Laughing
It's a bit old but really. shows the bloke is human. I have recently contacted him on twitter and indeed Nugget is his host in San Antonio, TX.
Here is the exchange. (Excuse my stupidity saying "ISP" instead of "host").

... Deep sigh ...

Here we come again.
Let's not discuss the issue at hand.
Let's talk about what's peripheral to it.
Here's a fat, red herring for you - major hayden.

How creative of you ...
Back to top
View user's profile Send private message 
mavrothal


Joined: 24 Aug 2009
Posts: 1808

PostPosted: Fri 17 Jan 2014, 04:17    Post subject:  

anikin wrote:

Let's not discuss the issue at hand.

After 11 pages there is little left to discuss I would think.
Let's wait for Atle's expert review and provide him/her with any info that (s)he may find relevant either way.

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
Atle

Joined: 19 Nov 2008
Posts: 291
Location: Oslo, Norway

PostPosted: Fri 17 Jan 2014, 10:44    Post subject:  

This expert view can only be there if I can get a grip on the actual facts and its hard to get them as I am confused on this issue as for now...

this is why i ask for a clarification on what is what...

I feel the entire thing is a bit confusing and unclear.
Back to top
View user's profile Send private message Visit poster's website MSN Messenger 
jamesbond

Joined: 26 Feb 2007
Posts: 2230
Location: The Blue Marble

PostPosted: Fri 17 Jan 2014, 11:28    Post subject:  

01micko wrote:
jamesbond, mavrothal.. (+ others knowledgeable in networking). What are your thoughts on this from a technical and moral perspective (moral as in from the user and the host, [eg a.root-servers.net] perspective) for use as a basic connectivity check ??

There are a lot of things we can check when it comes to basic connectivity. We can check whether a network interface has an IP address. We can check whether the machine has a default gateway. We can check whether the machine knows of a good nameserver assigned to it. All these can be checked, and all these checks are local - no connection to the outside world is needed.

But if you want to know whether you have connectivity to the Internet, all these are *not enough*. You need to "connect" ("ping" or "wget") to a known end-point (=server) in the Internet; there is *no avoiding it*. It is *not* enough to ping the default gateway; it is *not* enough to ping the available nameserver. Both of these are unreliable tests because these endpoints are still within your machine/network or ISP's network - thus what you're testing is your connectivity to your own or at best ISP's network.

The only sure way to test for connection to "the cloud" is by contacting something which is absolutely known to live in "the cloud".

It is similar on how you test Skype installation/connection. Sure, you can test whether you microphone, speaker, or webcam works; this can be done locally without contacting anyone. But all these don't guarantee that you can make or receive calls. The *ultimate* test is to call the "Echo" Skype number - you connect to a well-known Skype server that will pick-your call, and records your voice and replays it back for you.

From privacy point of view - there is not much difference between using "ping" or "wget" to test connectivity - they both leak about the same amount of information. "ping" is probably a better to use because many endpoints have it enabled automatically; while for "wget" to be successful the endpoint must knowingly runs HTTP service; plus its overhead is smaller than wget (layer 3 operation vs layer 7 operation).

A ping or two to test connectivity when you're running network-setup wizard won't load an endpoint at all - so it's of no consequence.

The choice of the endpoint to use for testing is arbitrary (although some endpoints are more unpopular than others - as this thread obviously exhibits Laughing); the main criteria being reliability (same IP address all the time; always on); so your choice of the root nameserver is wise. Of course, one can still debate that root nameservers are controlled by ICANN and ICANN is an American company and thus is beholden to the NSA ... but if we follow this kind of thinking till the very end then perhaps we all should disconnect the wire Rolling Eyes (or roll out our own Internet).

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send private message 
anikin

Joined: 10 May 2012
Posts: 529

PostPosted: Fri 17 Jan 2014, 13:45    Post subject:  

@Atle,
Just give them download links to any recent, pre-woof ce pups. Slacko, Precise, Upups, Dpups. Send them links to this and other threads. The experts don't need to have your opinion - they will make their own, based on test runs and reading this and other threads.

@Jamesbond,
I understand the technical side of what your're saying. However, I need to grasp the following: as my ISP's customer, I take it for granted, that I have fully paid for my internet connectivity. I don't need to worry about technical nuances. I can connect to anything - Skype, cloud, icanhazip and Google - no issues whatsoever. The connection is flawless, be it Windows, Mac or Linux. I pay them - they do the pinging. I will cautiously presume, that your explanation is about "professional" connectivity - ISPs, businesses, corporations. More importantly, your opinion will not be used to justify any questionable decisions.
Back to top
View user's profile Send private message 
mavrothal


Joined: 24 Aug 2009
Posts: 1808

PostPosted: Fri 17 Jan 2014, 17:05    Post subject:  

anikin wrote:
@Atle,
Just give them download links to any recent, pre-woof ce pups. Slacko, Precise, Upups, Dpups. Send them links to this and other threads. The experts don't need to have your opinion - they will make their own, based on test runs and reading this and other threads.


Well said.
(I thought that this expert is identified, contacted and agreed to review. Isn't it the case? Confused ?)

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
jamesbond

Joined: 26 Feb 2007
Posts: 2230
Location: The Blue Marble

PostPosted: Sat 18 Jan 2014, 00:08    Post subject:  

@anikin:
My write-up is a public response to Mick's public call for comment.

anikin wrote:
I understand the technical side of what your're saying. However, I need to grasp the following: as my ISP's customer, I take it for granted, that I have fully paid for my internet connectivity. I don't need to worry about technical nuances. I can connect to anything - Skype, cloud, icanhazip and Google - no issues whatsoever. The connection is flawless, be it Windows, Mac or Linux. I pay them - they do the pinging.
My write-up is not for arguing the need (or the lack thereof) for "checking internet connectivity". It is a statement of fact of what needs to be done *if you want to perform such checks* (that's what Mick asked).

Quote:
More importantly, your opinion will not be used to justify any questionable decisions.
Most of the write-up are facts, they are not opinions. The only opinions there are:
jamesbond wrote:
A ping or two to test connectivity when you're running network-setup wizard won't load an endpoint at all - so it's of no consequence.
and
jamesbond wrote:
but if we follow this kind of thinking till the very end then perhaps we all should disconnect the wire Rolling Eyes (or roll out our own Internet).

In any case, please feel free to interpret them as you wish. Just remember that others may have a different interpretation than yours.

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send private message 
anikin

Joined: 10 May 2012
Posts: 529

PostPosted: Sat 18 Jan 2014, 03:08    Post subject:  

jamesbond wrote:
Most of the write-up are facts, they are not opinions. The only opinions there are:

I should have used a better word. The one I meant - "authority", by which I mean your explanations of various computing/technical aspects, like PAE, etc, etc., which everyone, myself included, take as gospel. A few posts back, I made a comment about having a look at donor distros, can you share your opinion on that one? Is that an acceptable approach?
Back to top
View user's profile Send private message 
jamesbond

Joined: 26 Feb 2007
Posts: 2230
Location: The Blue Marble

PostPosted: Sat 18 Jan 2014, 11:14    Post subject:  

anikin wrote:
jamesbond wrote:
Most of the write-up are facts, they are not opinions. The only opinions there are:

I should have used a better word. The one I meant - "authority", by which I mean your explanations of various computing/technical aspects, like PAE, etc, etc., which everyone, myself included, take as gospel.
As Bruce Schneier said it - "trust, but verify".

Quote:
A few posts back, I made a comment about having a look at donor distros, can you share your opinion on that one? Is that an acceptable approach?

1. CentOS/RedHat - checks for updates at boot time and periodically.
2. Ubuntu - same thing. It was even worse - there was a period of time where every search query you put into their default dashboard (Ubuntu Dash) got sent directly to Amazon. Now that's a real concern!
3. Slackware - no updates checking by default, no contacting external servers by default at boot.
4. For Debian please check with pemasu or saintless; but I remember that some Debian derivatives do have updates checking.
5. Other large notable software pieces - libreoffice does update checking, Virtualbox too.
You can turn off all these but the *default configuration out of the box* is that they are all turned on.
I refer to "update checking" but the end result is the same - to perform update checking, it contacts a remote server (with all the consequences) to check whether updates are available.

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send private message 
gcmartin


Joined: 14 Oct 2005
Posts: 4447
Location: Earth

PostPosted: Sat 18 Jan 2014, 11:56    Post subject:  

As pointed out by the prior post, there are various OSes and subsystems that do presence checking for various reason. Most OS start their lives as LAN based and the internet is a necessary items for back-end operations. Because this is done, does NOT mean something malicious is active that is not in the best interest. Those developers intend to provide the best experience possible. In Puppy Linux case, the Prime developer started this approach to assist presence detection so the local PC user can have the best possible experience, recognizing that NOT EVERYONE has equal skills is system manipulation for presence. And, it makes easy to diagnose problems in some cases where the developers know that they are working with a system which operates as it does when evaluating a problem identified by a user. Since the prior detection method is/has been used across the board, I, personally, don't feel nor see, that there is/has been anything done to open PUPPY systems to exploit in today's world. ISPs have tended to operate with each's pool of IP addresses they own where static IP COST($) more to a user than the dynamic arrangement many of them use. Since many of us have a dynamic account with the ISPs, your current IP address on the internet does change from time to time, continuously.

FUD crept into this thread after the source reason was explained. In the request to "prove that others do it" is a continue to press a point.

A applaud the developers who have taken a look at this.

_________________
Get ACTIVE Create Circles; Do those good things which benefit people's needs!
We are all related ... Its time to show that we know this!
3 Different Puppy Search Engine or use DogPile
Back to top
View user's profile Send private message 
James C


Joined: 26 Mar 2009
Posts: 5939
Location: Kentucky

PostPosted: Sat 18 Jan 2014, 12:01    Post subject:  

jamesbond wrote:

4. For Debian please check with pemasu or saintless; but I remember that some Debian derivatives do have updates checking.


Vanilla Debian installs (KDE and Gnome) by default automatically check for updates at boot.Believe it can be disabled by the user though.

Updating Wheezy KDE as I type this.

Naturally, a link....
http://www.debian.org/doc/manuals/securing-debian-howto/ch10.en.html

Quote:
Since Debian 4.0 lenny Debian provides and installs in a default installation update-notifier. This is a GNOME application that will startup when you enter your Desktop and can be used to keep track of updates available for your system and install them. It uses update-manager for this.
Back to top
View user's profile Send private message 
mavrothal


Joined: 24 Aug 2009
Posts: 1808

PostPosted: Sat 18 Jan 2014, 13:02    Post subject:  

Actually a feature to check for puppy updates at boot may be a good idea specially for LTS puppies. If we could insert a script in the ibiblio puppylinux that could return the external IP if called (I do not know if this can be done without server access) could solve both issues at once.
_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
anikin

Joined: 10 May 2012
Posts: 529

PostPosted: Sat 18 Jan 2014, 14:45    Post subject:  

jamesbond wrote:

1. CentOS/RedHat - checks for updates at boot time and periodically.
2. Ubuntu - same thing. It was even worse - there was a period of time where every search query you put into their default dashboard (Ubuntu Dash) got sent directly to Amazon. Now that's a real concern!
3. Slackware - no updates checking by default, no contacting external servers by default at boot.
4. For Debian please check with pemasu or saintless; but I remember that some Debian derivatives do have updates checking.
5. Other large notable software pieces - libreoffice does update checking, Virtualbox too.
You can turn off all these but the *default configuration out of the box* is that they are all turned on.

In other words, not a single one of the above distros, has the "feature" we are discussing. Why should we?
jamesbond wrote:
I refer to "update checking" but the end result is the same - to perform update checking, it contacts a remote server (with all the consequences) to check whether updates are available.

You don't mean to say, that Puppy contacts icanhazip to check whether updates are available?
Back to top
View user's profile Send private message 
mavrothal


Joined: 24 Aug 2009
Posts: 1808

PostPosted: Sat 18 Jan 2014, 15:19    Post subject:  

anikin wrote:

You don't mean to say, that Puppy contacts icanhazip to check whether updates are available?

So at the end of the day the objection is that is
a) contacting some web site automatically for whatever reason
b) contacting icanhazip.com specifically or
c) that is getting the external IP of the machines (from any external site) ?

_________________
Kids all over the world go around with an XO laptop. They deserve one puppy (or many) too Very Happy
Back to top
View user's profile Send private message 
James C


Joined: 26 Mar 2009
Posts: 5939
Location: Kentucky

PostPosted: Sat 18 Jan 2014, 15:30    Post subject:  

It's a Puppy secret.....

https://scottlinux.com/2013/06/17/how-to-use-icanhazip-com-icanhaztrace-com-and-icanhazptr-com-with-curl/

Quote:
Major Hayden has created the epic site icanhazip.com which will show your current IP address. There are a few more additions to know about as well. Here is the scoop!
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 12 of 15 [214 Posts]   Goto page: Previous 1, 2, 3, ..., 10, 11, 12, 13, 14, 15 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1154s ][ Queries: 12 (0.0084s) ][ GZIP on ]