Newsgroups: alt.internet.wireless,comp.os.linux.networking,microsoft.public.windowsxp.network_web,microsoft.public.windows.server.general,microsoft.public.security
Subject: Re: Why IP address is fixed everytime connected to the Internet?
References: <[email protected]>
[email protected] writes:

> I want to ask who assigns the IP address to a machine that connects to
> the Internet?  The ISP, the network card (i.e. MAC address??), or the
> router?

Typically it is assigned by your ISP. 

Most ADSL users nowadays get the address through DHCP protocol 
from the ISP DHCP server. When the PC boots up and is set to 
use DHCP, then it sends a request packet "please give me my IP address" 
as a broadcast message. The ISP DHCP server receives that 
requequest and send back the answer telling that IP address and 
other network settings to use. DHCP is very common way to 
get the IP setting on comporate LANs, cable modem systems 
and in ADSL systems. 

Otherway to get the IP address automatically is though PPP 
connection. Some Internet connections are formed using PPP 
(on normal modem connections), PPPoA (some ADSL systems) 
and PPPoE (some cable modems etc.). PPP has build in capability 
for handshaking the needed IP address settings when the 
connection to PPP server (the router on the ISP end) is formed. 

Then there are also users that have fixed IP addresses. 
They have been given those addresses in the paper agreement 
when they joined to the service, and then user has configured 
that address as fixed IP address to his/her computer.

> It seems like my IP address is fixed everytime connected to the
> Internet, 

ISPs have typically configured their DHCP servers in such way 
that the same users get the same IP addresses often. 
The DHCP server keep tracks of the IP addresses it had "leased out", 
the MAC addresses of the devices that they have been given to, 
lease time (for how long time the lease was given for) and 
when the lease was given. 

Usually when a server gets a request for IP address, 
it checks for its records to find IP address that was 
earlier given to that MAC address from where the 
request came from. If it is found, the same address is 
generally given. If the MAC address is not found in the 
records, then a new free not used IP address is selected 
from the list of free addresses, and this is marked to belong 
to that MAC address. When all addresses are once used, 
the server starts to mark the oldest (not used in long time) 
IP addresses as free for reuse by other users. 

This is basically how DHCP server work. This is idea. 
Specific operation details can vary between different 
server implementations and how the server is configured.

> it seems very unsecure because it allows hackers track the
> computers more easily.

Fixed IP is very unsecure only when your computer is unsecure.
If you have secure computer system you have nothign to worry. 
Internet has worked from the beginning with the idea that 
the computer have pretty fixed IP addresses (at least the servers).
If you plan to run server on your computer, you really 
like the benefits of having fixed IP address that does not change 
(There are also dynamic name services that allow using 
non fixed IP addresses to run a server, it works in most 
cases, but if your address happens to change at some time 
all the currently open connections get cut and the server might 
be inaccessable to other user for some time, even hours depending 
on name  server settings). 

Fixed IP is a good thing. Your job is to keep your computer 
secure. The security consists of safe enough operating system 
(sensible operating system selection and keeping it up to date), 
sensible system configuration (firewall setting, no unnecessary 
services, no file sharign for whole Internet), using safe 
applications (suitable web browser selection, keeping applications 
up to date, no P2P application to share all yuour files). 
Possibly addign a properly configured extenal firewall device 
added to your system. 

Using all the time changing IP addresses would not help 
you mich in the security picture. There are systems that 
constantly scans different IP addresses to find computers 
that have security problems in them for this particular 
virus/worm/hacker to use. Propablity of those random 
scanners to find your computer first time is pretty much 
same if your IP address is fixed or changing. And when 
you have got some exploit in your computer, that software 
can easily report your current computer IP address to 
some hacker server every time you turn it on without 
you knowing of it if your system is unsecure. 
Changing IP addresses ecery time does not solve the 
securty problems. In some cases it migh t seem to add 
security, but the general thign is that constantly changing 
IP addresses creates more problems than what it can solve 
(it can't solve the security or privacy issues well). 

> I thought the IP address should be dynamic, and each time when we
> connect to the Internet should have different IP address.

This is how things sometimes are, but this is not how 
thing should be or would be best. There are systems to 
access Internet that tend to be more or less permanent 
IP addresses, and then there are systems that tend to 
give every time new different address. 

I prefer the systems that give fixed addresses. 
They have more benefits. 
 
> Is there a way that makes the IP address in my machine becomes dynamic?
> Please advise. thanks!!

Some ideas:

Keep your computer powered down fo so long time so that your 
old address is marked as "free" and used by other user. Then 
you get a new address when you connect to Internet. 

Select such operator/service that tends to give different 
IP addresses every time (dial-in modem ISP services, some 
cellular phone data services etc..).

Change your network card to a new card evry time you want 
to change IP address. New Ethernet card has (or should 
have to be proper, there are some sad exceptions to this) 
an unique MAC address in it. New MAC unknown MA address 
gets a new IP address from the ISP (unless the ISP has 
made some limitations to this, for example fixing IP 
addresses to some other properly in their network 
like your ADSL modem / cable modem serial number, 
some user account information on PPP based connections). 



-- 
Tomi Engdahl (http://www.iki.fi/then/)
Take a look at my electronics web links and documents at 
http://www.epanorama.net/

 
| Submit site | Info | Advertise | Feedback | Disclaimer | Privacy | Ad. FAQ | Legal Notice |
Copyright © 1994-2007