[aclug-L] Re: Denied connections

[Ironrose <amccadden@xxxxxxxxxxx>]

You are right and I found out a rumour that the DHCP server(s) that Cox
us using has some serious problems.  I wonder if it is an overworked and
underspecs NT box.  After all they only have been running at 1.5mb, but
is suppose to be upgrading us users to 3mb. :-}

Chris Owen wrote:
> 
> On Sun, 26 Aug 2001, Bruce Bales wrote:
> 
> > I've had the same IP address since July 26 and I turned the modem off
> > for a week while we went to Colorado week before last.
> 
> While there are probably hundreds of different ways of doing DHCP, most
> implementations I've seen will usually give the same IP address back to a
> MAC address if that address is available when your computer requests the
> new IP address.
> 
> So if you have one IP address and your lease expires and you request a
> "new" one with most DHCP servers you will get back the same IP address as
> long as it is available.  Now that chances of that happening depend on a
> lot of factors, but when you have a finite number of clients on a server
> and they tend to all get their "own" IP address every time, the chances of
> "yours" being available are pretty good.  In such a model it wouldn't
> matter much when you rebooted your machine, but rather things would only
> change when the DCHP server was rebooted (asumming it didn't cache this
> type of data between reboots).
> 
> One would think that Cox would not necessarily want this type of behavior
> (which results in people having nearly static IP addresses), and would
> modify their DHCP client accordingly, but then again they are a cable
> company ;-]
> 
> Chris
> 
> > Ironrose wrote:
> >
> > > I have been told that that is true.  There are more users than they have
> > > IP addresses, that is why they use dynamic IP's, rather than static
> > > IP's.  They scan to see if someone is using the modem, and if they are
> > > not, the IP address is given to someone else.  This allows more people
> > > to use the KS cable with less expense.  This doesn't happen very often
> > > any more since KS cable bought more IP addresses.  This is the story I
> > > was given in my NT and Internet classes @ Butler.  :-}
> > >
> > > David Carmichael wrote:
> > > >
> > > > I do not know if the local RoadRunner Service does this.... But I heard 
> > > > on
> > > > "The Screen Savers" (TechTV) that some cable modem systems will ping
> > > > connected modems to know if they need to keep the reserved IP address 
> > > > open
> > > > or if they can reassign it to some other users system.
> > > >
> > > > ----- Original Message -----
> > > > From: "Bruce Bales" <bbales@xxxxxxxxxxx>
> > > > To: <discussion@xxxxxxxxx>
> > > > Sent: Sunday, August 26, 2001 7:29 PM
> > > > Subject: [aclug-L] Re: Denied connections
> > > >
> > > > >
> > > > > Yes, most of mine are ports 80 and 139, with an occasional 27374.
> > > > >
> > > > > Thanks for the explanation, James.  Makes sense and now I feel more
> > > > secure.  Also,
> > > > > telnet is turned off by the stock Frazierwall.
> > > > > bruce
> > > > >
> > > > > james l wrote:
> > > > >
> > > > > > Root/Great Overall Dictator replies:
> > > > > > > I've been leaving my Frazierwall firewall turned on 24/7 for 
> > > > > > > several
> > > > days.  It
> > > > > > > has been denying about 200 hits each 24 hours.  In the 24 hours
> > > > between about
> > > > > > > 0600 yesterday and 0600 today, I got almost 650 hits denied.  
> > > > > > > Kinda
> > > > makes me
> > > > > > > wonder what was going on before I got the wall up.
> > > > > > >
> > > > > >
> > > > > > Lots of the same here, mostly on port 80(http) (code red anyone?)
> > > > > > and a few on port 139 (smb).
> > > > > >
> > > > > > > A related question; What keeps someone from breaking in on one of 
> > > > > > > the
> > > > ports that
> > > > > > > is not denied by the firewall?
> > > > > > > bruce
> > > > > > >
> > > > > >
> > > > > > Essentially each connection opens a 'tunnel' to the outside and if 
> > > > > > the
> > > > packet
> > > > > > is not sent as a response over one of these tunnels, it denys the
> > > > packet.
> > > > > > Unless, you specifically allow access to say port 80 (forewared to
> > > > another
> > > > > > machine), then there might be some problems.
> > > > > >
> > > > > > James L.
> > > > > > -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> > > > > > visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
> > > > >
> > > > > -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> > > > > visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
> > > > >
> > > > >
> > > >
> > > > -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> > > > visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
> > > -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> > > visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
> >
> > -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> > visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
> >
> 
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Chris Owen             ~  Hubris Communications  ~  Lottery (noun):
> PO Box 1969            ~  120 S Market Suite 101 ~     A stupidity tax
> Garden City, KS 67846  ~  Wichita, KS 67202      ~
> Voice: (620) 275-1900  ~  Voice: (316) 858-3000  ~
> Fax:   (620) 275-0313  ~  Fax:   (316) 858-3001  ~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi