Firewall/security stuff

[Garrett]

While goofing around on Trillian (a multi-chat for the uninformed) I noticed that it displays IP's for people on ICQ. then I noticed that several AK'ers IP's are displayed as 0.0.0.0. Namely Pix and Palooka (at this time). What kind of security functions do you have to prevent such things from being displayed?

Im fairly new at this firewall/router stuff. I was lazy so I bought a nice Linksys router/firewall. and its exactly as easy to use as id hoped.

[Slaughter]

Pix shows to me as 0.0.0.0 but I see Pal's just fine.. as well as yours

[the wolffman]

in trillian's preferences, go to the privacy screen (located in the icq category in the navigation menu to the left). at the bottom of the preferences, you can opt to show your ip address to everyone, users on your contact menu only (recommended), or allow no one to view your ip address (though truely that isn't possible).

[Garrett]

hmm, thats interesting. I had some people i know with trillian (but arent on my list) to check for my ip, i had it set to show people on my list my ip. but they could see it anyways.

by not allowing anyone to see my ip, it says no direct connections allowed. will this disable my ability to send/recieve files?

[Zorro]

the underlying operating system has to know what the ip of your IM partner is at all times. Unlike AIM, ICQ defaults to direct connection of clients to one another all the time. Since the only way to ensure the correct transmission of point to point communication, the OS has to know the final destination IP address for anything to work properly. It's actually quite easy to get around the [lame] security system of Trillian and ICQ clients by dropping to a DOS prompt and typing

netstat -a

If you're doing a lot of stuff on the 'net, you'll have to look pretty hard for the connection set there for your IM partner, but it will be there listed under a TIME_WAIT (connection no longer being used, will be closing connection permanently after a predefined timeout period) or ESTABLISHED state (connection is actively transmitted or sending data). Some operating systems will even show CLOSED connections for a brief time after they're closed. Linux is one that I can think of off hand. Note that in order for you to see this information, you'll have to send or receive a message to a person on your buddy list. Otherwise, there is no TCP connection, and you'll have no luck at all discerning IPs. Also, there are instances where your client may not be able to get the actual IP address of the recipient. If, for instance, the recipient is protected by a firewall that disallows direct TCP connections to what are called ephemeral ports (ports with numbers above 1024; sometimes called "non-root" ports, since on UNIX operating systems you have to be a root, or administrative, user to initiate a daemon or process that will listen on ports from 0-1023). These kinds of firewalls break MANY, MANY end-user applications like voice comm programs, games, etc. which most corporate firewall administrators have no problems with. But, in the case of ICQ, it can "fall back" to a proxied mode of communication, delivering messages by passing them to the server first instead of sending them directly to the ICQ client of your IM partner. In this mode of operation, the OS will never know the destination IP of the host in question.

[Hale]

Wow.

I just turned DMZ on when I installed my router so I don't have to worry about it.

[Pixelsponge]

Not sure why you weren't able to see mine, I don't have any security stuff installed and I didn't have that option set so just my contacts can see my number (although I changed it to that now).

I am using Trillian also.

[Garrett]

Bow to Zorro, for he knows all!
:P

[The Wraith]

If all of you reading along do not immediately "see" a fundamental problem in the participation involved in this thread, you need to be shot in the face. The content held within, with exception, is irrefutable evidence that just because something is easy to do does not mean:

a. You should do it
b. You have any idea what you're doing
c. You have any business doing things you're completely ignorant about.

I don't know the first thing about rocket science, which is why, you don't see me building ICBMs in my backyard. While not equal in complexity or the amount of upper level math involved, the same can be said for network architecture. I'm inclined to mail out (completely free) actual routers and watch you all cry when you attempt to understand and comprehend their configuration, or the impacts involved with fundamental concepts. Yes, you know, real routers - not those shrunken, pre-canned, commercial retail appliances, overgrown and oversimlied proxy servers with application level gateway settings that pass themselves off as actual layer 3 devices. Do you even realize what happens to your IP packets as you proxy? Could you identify a proxied packet through a non-proxied one? Go back to your AOL. It suits you.

"I was lazy so I bought a nice Linksys router/firewall. and its exactly as easy to use as id hoped."
- I will have you know, this statement just makes me puke, lest there be any confusion.

[Garrett]

Funny how i didnt pretend to know anything about them. I was actuially just hunting for a router, and then i thought...hell, why not find one with firewall capabilities.

i dont know how to create something from scratch, so i spend money to have it pre made, and relatively easy to use.

Wow, logic, Ill refrain from that for a bit while you catch up Wraith.

[The Wraith]

How adorable. The mention of logic and hinting I need to "catch up". That's so painful. You've struck me down, yo. Your words hurt man, they hurt. Now, if only they had any relevance and were actually applicable to the conversation. Here, Garrett, I'll use really small words in the hopes you might actually attain a level of reading comprehension necessary to fumble through cereal box instructions on how to tie your shoes. That velcro can sure be a bitch, eh? Here, sloooooowly...

Why would you be "hunting for a router" if you have no concept of the functions of a router? You obviously have no knowledge of the technologies involved, yet, you just "need" it. Pssst, you didn't actually buy a router, don't confuse yourself. People have no business dabbling into network engineering when even identifying the principles of PDU encapsulation throughout the OSI model baffles them. Can you even spell 'OSI'? Do you know anything about it? I ask, not in its relevance to routing or switching, but in its long lasting accemptence as a fundamental curriculum of networking knowledge. Frankly, you'd be better served by playing with Play-doh, or possibly, trying to figure out how silly putty works.

I don't have high hopes for you. Your post has already been a major let down in my life. I'm not sure how I'm going to go on. I'll have to cope, somehow. Here. Come closer. Hold me.

[Garrett]

Your the funniest guy in the world wraith. damn reading your posts makes me laugh so hard. What would the world be like without people like you.

[[AK]Bribo]

I guess the next time I need to buy a car I better start studying the physics of the internal combustion engine.

Wraith - your logic is flawed. Just because you don't understand every nuance of a piece of hardware doesn't mean you can't use it. We do this all the time. Routers are no different and with a bit of research, documentation and a few friends on the Internet you can build yourself a relatively secure little home network.

You need to buy yourself another dog and quit your bitchin', boy.

[Hale]

As an IT professional, I find that most people that go around belittling others for some perceived lack of knowledge don't really know nearly as much as they think they do themselves.

I've also found that trying to hold a constructive conversation with them is a waste of time. Then again, what I do I know? I'm a happy Linksys customer.

[Wickhawk]

"You need to buy yourself another dog and quit your bitchin', boy"

Remind me never to piss you off Bribo, ....ROFL...that was great

*stares at Linsys router in the corner*

[AK]Wickhawk