jmcc wrote:

Frightened Albanian wrote:

tell us more

By Irish internet, I am referring to Irish internet users. Most of them would be using a combination of dialup (typically a new IP from a limited pool of IPs on every connection) or retail broadband (dynamic IP assigned for a limited period, again from a pool of IPs). Some of the more expensive DSL packages can assign a fixed IP and most business DSL packages tend to allocate a few fixed IPs.

At the moment, I'm actually updating the global IP ranges databases here so I actually have a snapshot of all Irish IPs in additon to those of other countries. Some other databases here track all active domains in com/net/org/etc and their movements.

Regards...jmcc

Where's here? (my bold)

So you're saying that within a range of IPs, any node could be any of those IP addresses and some ISPs use proxies so you could get a completely random set of IPs over time for one node? Could I have yours once and you have mine and we're working from home?

What about IPv6 - is that the coming instantly recognisable 666 brand on every gadget stuck to the online world?

IT - New Bill will allow data obtained outside legal guidelines to be used

"PHONE CALL, e-mail and internet information obtained outside legal guidelines could still be used for investigations under proposals in a new Bill on storing and accessing electronic data.
....
The Department of Justice also proposes to redefine serious crime from the current definition of a crime punishable by a minimum sentence of five years, to any crime with a minimum sentence of 12 months.

The proposed legislation also places data security and management requirements on the service providers that hold call and internet data, but does not state who will pay for those costs...."

The costs involved are the costs of recording everything you do on the internet includung every keystroke and making it accessible to the Government. There is also considerable cost in constantly tracking the location of your phone and keeping an historical record.

Auditor #9 wrote:

Where's here? (my bold)

Well I could say NSA for the effect it would have. My main work deals with domains and hoster statistics. I'm not sure if it is ok to post the URL here as it might be considered advertising but the website shows the hosting history for domains in com/net/org/biz/info/etc going back to 2000 and also has the monthly stats for the main domains like .com/net/org/biz/info/ie etc.

Quote :

So you're saying that within a range of IPs, any node could be any of those IP addresses and some ISPs use proxies so you could get a completely random set of IPs over time for one node? Could I have yours once and you have mine and we're working from home?

Each node would, theoretically, have a limited pool of addresses. So users connecting or dialing in to that node would get an IP from this pool. So more than one user could, over time, have a single IP. And as for the geographical nature of these IPs, the lowest level to which they could be tracked, without the cooperation of the ISPs or telcos, is the node. Going deeper would require that the ISP or telco provides log details of which user account was using that number.

Quote :

What about IPv6 - is that the coming instantly recognisable 666 brand on every gadget stuck to the online world?

It is a great idea in theory. However it has to be implemented first. Implementing it on the internet will be easier. However the consumer end of things will take a lot more work.

Regards...jmcc

So out of a pool of IPs, what are the chances that two people will be getting the same IP? I understand if this might be happening from an internet café or a college computer room or some other public computer - but if I'm posting from home and you're posting from home ....

Auditor #9 wrote:

So out of a pool of IPs, what are the chances that two people will be getting the same IP?

It would be a function of the number of IPs and the time for which they are used. With a predominantly dialup node the chances would be higher than with a DSL node. Without knowing the number of IPs involved, the number of users, and the usage patterns, it would be difficult to give an estimate.

Quote :

I understand if this might be happening from an internet café or a college computer room or some other public computer - but if I'm posting from home and you're posting from home ....

A lot of people may turn off the router or modem along with the computer when they finish. That would mean that the IP then goes back into the pool for reassignment. But even so, some ISPs only allocate the IP on a limited time basis. So even if a user stays connected, the IP may change. The period/lease time varies from ISP to ISP from what I remember.

Regards...jmcc

jmcc wrote:

Auditor #9 wrote:

So out of a pool of IPs, what are the chances that two people will be getting the same IP?

It would be a function of the number of IPs and the time for which they are used. With a predominantly dialup node the chances would be higher than with a DSL node. Without knowing the number of IPs involved, the number of users, and the usage patterns, it would be difficult to give an estimate.

Quote :

I understand if this might be happening from an internet café or a college computer room or some other public computer - but if I'm posting from home and you're posting from home ....

A lot of people may turn off the router or modem along with the computer when they finish. That would mean that the IP then goes back into the pool for reassignment. But even so, some ISPs only allocate the IP on a limited time basis. So even if a user stays connected, the IP may change. The period/lease time varies from ISP to ISP from what I remember.

Regards...jmcc

In the first bit would you generally say the chances were reduced (of users sharing IPs) if users were far from each other geographically? I'd imagine an ISP gives IPs according to node or router so geographically one area should dynamically dip into a static pool of IPs - ISPs hardly provide addresses from a national pool?

Is there a reason an ISP would swap in another address during a connected session or am I understanding you that an IP is assigned for X time and gets swapped out after ?

Auditor #9 wrote:

In the first bit would you generally say the chances were reduced (of users sharing IPs) if users were far from each other geographically? I'd imagine an ISP gives IPs according to node or router so geographically one area should dynamically dip into a static pool of IPs - ISPs hardly provide addresses from a national pool?

The pool is static but the users are not. If the users were on geographically separate nodes then the chances would be reduced considerably. If an ISP was providing addresses from a single national pool then it could be more complex.

Quote :

Is there a reason an ISP would swap in another address during a connected session or am I understanding you that an IP is assigned for X time and gets swapped out after ?

Much of this would have been from the old days (the early 1990s in Ireland) where ISPs jealously guarded fixed IPs and charged for them. They wanted to upsell users to more expensive business packages. The same rationale probably applies these days. It also makes a lot of sense from an ISP design point of view in that retail and business customers can be kept separate.

This gives some of the background: http://en.wikipedia.org/wiki/DHCP

Regards...jmcc

So you'd be very familiar with the whole set up of this kind of thing in Ireland jmcc?

What about the Google phone-mapping - do you think that's a bit too intrusive? I know you have to choose it but what's to stop them choosing it for you ?

Auditor #9 wrote:

So you'd be very familiar with the whole set up of this kind of thing in Ireland jmcc?

I examined the possibility of setting up an ISP in Ireland in the 1990s. Apart from that, my knowledge of ISP practice might be a bit dated. However my knowledge of domains and IP stuff would be far more current.

Quote :

What about the Google phone-mapping - do you think that's a bit too intrusive? I know you have to choose it but what's to stop them choosing it for you ?

It can be. But there is no such thing as privacy on the internet. The funny thing is that you get journos rambling on about the state intruding into the privacy of individuals while they completely ignore how businesses collect and analyse information that is far more intrusive.

Regards...jmcc

And continuing our interview (are you having a sandwich beside your workstation?) - the idea of the 'Dark Internet' is as much a fantasy as responsible banking so?

Auditor #9 wrote:

And continuing our interview (are you having a sandwich beside your workstation?)

No.

Quote :

the idea of the 'Dark Internet' is as much a fantasy as responsible banking so?

The Dark Internet, (the databases and private websites) exists. As for responsible banking you'd have to ask FF or the banks.

Regards...jmcc

Thanks to SANS.org:

Australian Police Could be Granted Remote Computer Investigation Privileges (March 9, 2009) Proposed legislation in the Australian state of New South Wales would give police the authority to remotely break into certain crime suspects' computers to conduct investigations. Those targeted by the investigation could be prevented from learning of the investigation for up to three years. The permission would be given only in cases in which the alleged crime is punishable by seven or more years in prison.

http://news.cnet.com/8301-1009_3-10191514-83.html?tag=mncol;title

http://www.zdnet.com.au/news/security/soa/NSW-Police-to-get-hacking-powers/0,130061744,339295354,00.htm