Securing Wireless Access

[Guest Two For Me]

This post is prompted by a previous topic started by Snowball entitled More Than Just One which was locked by a certain moderator who seemed unwilling to acknowledge the meaninglessness of "same IP" tracked by the BW site that captured trunk IP aggregators and not individual IP addresses since he has a habit of relying on this so called "same IP" gambit to substantiate his comments on numerous threads.

In locking the previous topic, he inadvertently prevented Snowball from receiving inputs on how to secure his wireless access.

So Snowball this is for you.

I am enclosing the following link to give you an overview. If you follow the links within the micro site, you will find some helpful resources to secure your wireless network.

http://www.practicallynetworked.com/suppor...less_secure.htm

Just to be cheeky - whether you secure your wireless router or not has no impact on me since I don't use wireless nor have I ever piggybacked on your network! :whistle:

On a more serious note however, you might want to secure your wireless network to prevent unauthorised access and thereby prevent bandwidth leakage which would slow down your connection speed.

If the instructions seem complicated, you might want to contact Netgear or Starhub to help you with step by step instructions instead.

More immediately, you can do the following as an interim measure.

1) Turn off your modem when you do not need to connect to the internet. Without a modem connection your wireless access will not be able to be used to connect to the internet.

2) Switch from wireless to wired access for your computer(s) connection to the router and disable the wireless access. Since your router will only now serve wired connections, it would substantially reduce the ability of third parties to access your LAN as a result of signal leakage. :thumb:

In the meantime don't be alarmed!

The so called "same IP' that a certain moderator constantly harps about is a trunk IP that the ISP assigns to a particular geographical area to facilitate online access by individual subscribers. This individual IP address is unique to each computer / LAN and is only known to the ISP and is not visible to tracking by sites such as BW. This is why the ISP's help is sought even by the police when investigating seditious online postings. If this were not the case then wouldn't the sites itself on which the offensive posting occurred be able to furnish the full particulars of the poster to the police?

In addition, if sites such as BW had the ability to track individual IP addresses, wouldn't a zealous moderator be able to identify your specific location and mine for that matter down to the street and even house number? :twisted: As it is, the IP addresses that a site such as BW's can track, only shows a general geographical area e.g Bishan - Toa Payoh and not something specific such as 18 Braddell View # 08-69!!!

I hope this helps.

Others who have more tips are invited to share as well!

[reflection]

If what you claim is technically true, then forumers from the same geographical area risk themselves of being misunderstood if forum administrators decide to use trunk IPS to pinpoint individual forumers.

Are there any IT experts in security able to verify what you claim ?

[Guest Two For Me]

If what you claim is technically true, then forumers from the same geographical area risk themselves of being misunderstood if forum administrators decide to use trunk IPS to pinpoint individual forumers.

Are there any IT experts in security able to verify what you claim ?

Dear Reflection

The evidence speaks for itself.

Here are some resources to verify this -

http://www.whatismyipaddress.com/

http://www.ip-adress.com/

You can check your own IP address and see what information it provides. If indeed the trace can capture a unique individual IP address, the same address will be captured no matter which site you use to check your IP. :whistle:

Instead this is what you will find - the IP address will be different for each site and you will get information on your ISP!!! This so called IP is the trunk IP of your ISP

Not to get too technical, internet architecture is such that online traffic conects through a series of nodes and not point to point.

ISPs provide the trunk IP by geographical area technically called WAN or wide area network.

Individual users subscribe to ISPs for internet access for their individual computers or LANs or local area networks also known as the home networks. (I am only referring to home use at the moment). These computers or LANs have individual IP addresses.

When one wants to connect to a particular website / forum etc, the local computer / LAN through a modem plugs into a WAN. Access is granted if it is a valid subscription. The WAN then connects through to the website / forum in the most straight forward of cases. Often however the WAN would connect to the website / forum through a series of nodes. What the website will then capture as IP address is the trunk IP or WAN and not the individual IP.

This is why (if you've already tried the abovementioned tests) different IP addresses will be generated despite using the same computer and same ISP because it is the WAN / trunk IP that is captured.

Which WAN one connects through is both geographical (both where you are located as well as the site's server location) and traffic dependent since more than one WAN per ISP is usually provided per pre-determined geographical area.

Hence if several users of the same ISP located in the same pre-determined geographical area are connecting to the internet at any given time and traffic conditions permitting, the same WAN would be accessed resulting in websites / forums capturing the so called "same IP" that is so often cited as evidence of something suspicious when in reality this "same IP' claim is meaningless.

Having said that it is certainly possible that some posters may well engage in pseudo dialogues in an online forum. However unless you have their individual IP and not the trunk IP / WAN, any claims of "same IP" is unsubstantiated.

The individual IPs are only known to the ISP whose assistance is sought by law enforcement authorities seeking to determine the identity of e.g. a seditious poster. You will notice that online posts are date / time stamped which enable ISPs to match their data logs to determine what is the originating individual IP address of the offensive post that is the subject of investigation.

In the absence of the information from the ISP on individual IPs, all claims of "same IP" are baseless, unsubstantiated, meaningless and misleading especially if used to justify scurrilous comments!

But don't just take my word for it!

Ask Iku Tube or Hendry Tan who seem to know their way around IT or even the ISPs themselves.

[reflection]

Two for me,

Though I am an IT idiot, I must say that you have given me useful information to understand the mystery of IP addresses. Based on the links you have provided, I agree that it is not fair to accuse or pinpoint a guest based on trunk IP.

Hence, no forum admin (unless it has special power or right given by its ISP) should anyhow point a finger at any guest. This brings to an important issue of network security posed by guest accounts. Registered members or unregistered guests who log into a forum during the same period should therefore be regarded as coincidence rather than mooching, unless there is ample evidence provided by the ISP.

I believe nobody would like to be misunderstood or falsely accused for misdeeds.

The only way to find out if someone is mooching or not is only to get confidential log details from the ISP to trace the individual IP address.

This discovery has few implications :

1. Irresponsible guests can create havoc in the network

2. Responsible guests can be impersonated by irresponsible guests

3. Even registered member can log in as guest to impersonate other guests

Of course the above scenario only restricts to forumers from the same geographical areas :

Gosh ! If a forum allows guest accounts, it is as good as opening the gate of Hell.

Reflection

- There is a price to pay for network insecurity

Edited February 8, 2009 by reflection

[HendryTan]

1. The current economic climate is not forgiving and the boss is pressuring us to work very hard. So I am not going to waste too much time with petty stuff.

2. I will not include background as these are found in several threads in the forum.

I did a quick investigation. The parties involved connected through proxy servers.

The IP address used resolves to a particular machine which happens to be a local ISP's "proxy" server. I don't think you guys want me to contact the ISP for further definitive confirmation either.

3. If you connect to a reliable ISP, an unique IP address is dished out to you most of the time.

I know some ISP who simultaneously dish out same IP. However they have worked it such that the probability of 2 persons getting the same IP is quite rare (< 1-2%). Add the odds of that these "small group" are (i) also gay and (ii) reading BW and (iii) replying to the same BW thread and (iv) about the same time.

I put the odds at much less than 1% - yes NOT zero.

4. Occum's Razor, I will lean on the simpler explanation that

- they both happen to use the same Proxy Server (only a few in Singapore) or

- they are sharing the same connection (bf, room mate etc)

5. To the gentleman above who theorize about trunk IP etc, you may like to check with your sources in more details.

6. Guys it will be end of CNY soon, and economy is getting tough, move on to real world stuff.

Cheers !

Hendry Tan

Mod cum Overwork Admin

[Guest Two For Me]

1. The current economic climate is not forgiving and the boss is pressuring us to work very hard. So I am not going to waste too much time with petty stuff.

2. I will not include background as these are found in several threads in the forum.

I did a quick investigation. The parties involved connected through proxy servers.

The IP address used resolves to a particular machine which happens to be a local ISP's "proxy" server. I don't think you guys want me to contact the ISP for further definitive confirmation either.

3. If you connect to a reliable ISP, an unique IP address is dished out to you most of the time.

I know some ISP who simultaneously dish out same IP. However they have worked it such that the probability of 2 persons getting the same IP is quite rare (< 1-2%). Add the odds of that these "small group" are (i) also gay and (ii) reading BW and (iii) replying to the same BW thread and (iv) about the same time.

I put the odds at much less than 1% - yes NOT zero.

4. Occum's Razor, I will lean on the simpler explanation that

- they both happen to use the same Proxy Server (only a few in Singapore) or

- they are sharing the same connection (bf, room mate etc)

5. To the gentleman above who theorize about trunk IP etc, you may like to check with your sources in more details.

6. Guys it will be end of CNY soon, and economy is getting tough, move on to real world stuff.

Cheers !

Hendry Tan

Mod cum Overwork Admin

Dear Hendry

Thanks for your reply despite your hectic schedule.

I am delighted that you feel that this "same IP" matter is a petty one since it is not the posters who typically raise it but some moderators of this forum, one in particular to substantiate comments they make.

It is precisely because how a variety of posters connecting through different ISPs to this forum is unknown that the "same IP" gambit is meaningless since it is misleading when "proxy servers" are involved.

Proxy servers (or trunk IP in layman terms as opposed to individual IP) are part of the infrastructure nodes within WANs.

Hence when several distinct posters connect through a common proxy server of an ISP, this does not mean that they are the same individual IP nor are they moochers since the BW site only captures the proxy server's IP. Had the matter remained a mere comment about the potential of multiple posts by a single individual, the matter would have remained petty. However when the two individuals then challenged that assertion the moderator proceeded to make outrageous and scandalous claims.

In the course of making these outrageous and scandalous claims, a criminal accusation of mooching was levelled without due diligence to ascertain prima facie evidence. The repetition and continued publishing of such scurrilous claims without prima facie evidence is tantamount to engaging in defamation and since perpetrated by a moderator of this forum, it jointly and severally exposes the administrator(s) and moderators to potential civil and criminal liabilities. Surely you do not consider that to be a petty issue?

Might I suggest for the good of this forum that moderators cease and desist from engaging in such cavalier behaviour immediately. It would be a pity if this forum were to meet a premature demise as a result of such reckless disregard by rogue moderators.

[HendryTan]

Thanks for your feedback, I suggest you speak to your friends too about the technical issues. I am still of the view that the tools of IP uniqueness is a valid and valuable tool for our running of this forum.

BW is a moderated forum and will stay so in the foreseeable future. The mods are all unpaid volunteers who do it for passion and out of our own time. Each mod have different personality, background and it is this diversity that results in different type of posts we write and our different style adds some character in this BW forum. Certain variation in style and standards in moderation are thus expected.

As you are aware, we are non-commercial. We thus can work and have some fun. Strait-jacking all the mods to maintain uniformity in standard (factory style forum with no character ?) is not our aim.

We recognise we are not perfect either.

Have fun and post responsibly.

Cheers !

Hendry Tan

[Guest Two For Me]

Thanks for your feedback, I suggest you speak to your friends too about the technical issues. I am still of the view that the tools of IP uniqueness is a valid and valuable tool for our running of this forum.

BW is a moderated forum and will stay so in the foreseeable future. The mods are all unpaid volunteers who do it for passion and out of our own time. Each mod have different personality, background and it is this diversity that results in different type of posts we write and our different style adds some character in this BW forum. Certain variation in style and standards in moderation are thus expected.

As you are aware, we are non-commercial. We thus can work and have some fun. Strait-jacking all the mods to maintain uniformity in standard (factory style forum with no character ?) is not our aim.

We recognise we are not perfect either.

Have fun and post responsibly.

Cheers !

Hendry Tan

Dear Hendry

We certainly appreciate your position and do not dispute the usefulness of IP tracking but since it is not conclusive, your moderators should be aware and prepared to give the benefit of doubt when legitimately protested.

It is not too difficult to see that different posters have particular styles and relatively unique cadence. Taken together, moderators should be able to distinguish such instances where they may have erred in presuming that the "same IP" rendered several posts suspicious.

We do not expect the forum to be un-moderated and we certainly appreciate the various posting styles but making a criminal accusation without prima facie evidence is unacceptable. It is this that must cease and desist. Doing so will not reduce the diversity or cause the forum to lose its character but failing to do so could embroil the administrator(s) and moderators in legal action. Are you suggesting that prospective legal action does not concern you?

It matters not whether the administrator(s) and / or moderators are volunteers or paid employees nor whether the site is commercial or not, the potential civil and criminal liabilities are equally detrimental.

[GachiMuchi]

Two for Sex, you are really a pain in the butt. Our IT expert, Hendry had already given you an explanation of his views and yet you still want to argue that you are right. What a self centered, egotistical prick you are. Oops, did I just used some bombastic English to "Suan" you?

Who are you to insist for me to "desist"? Your father don't own this forum. Only petty, idiots like you with small dick think you can get away with such threats. :yuk:

Hello. You are an Anonymous Guest posting on a Gay forum. Go and find out more from your lawyer friend.

By the way, if I did defame, I defame Two for sex. Is your name Two for Sex? Wah lau eh. You got NO CASE.

What a sore looser with a capital "L"

[Guest Two For Me]

4. Occum's Razor, I will lean on the simpler explanation that

- they both happen to use the same Proxy Server (only a few in Singapore) or

Dear Gachi Muchi

n

Hendry's explanation dovetails with mine but I guess the significace of an ISP's common proxy server escapes you what with all the technical jargon! :twisted:

Two for Sex, you are really a pain in the butt. Our IT expert, Hendry had already given you an explanation of his views and yet you still want to argue that you are right. What a self centered, egotistical prick you are. Oops, did I just used some bombastic English to "Suan" you?

Who are you to insist for me to "desist"? Your father don't own this forum. Only petty, idiots like you with small dick think you can get away with such threats. :yuk:

Hello. You are an Anonymous Guest posting on a Gay forum. Go and find out more from your lawyer friend.

By the way, if I did defame, I defame Two for sex. Is your name Two for Sex? Wah lau eh. You got NO CASE.

I sure that argument worked well for the seditious poster. "It was my nick that did it, not me, so you've got no case" :whistle:

Oh and what happened to that seditious poster now?

[GachiMuchi]

We do not expect the forum to be un-moderated and we certainly appreciate the various posting styles but making a criminal accusation without prima facie evidence is unacceptable.

Unacceptable? Haha. To a nameless and faceless ghost on the net? Who are you trying to kid?

It is this that must cease and desist.

Says who? You?

Doing so will not reduce the diversity or cause the forum to lose its character but failing to do so could embroil the administrator(s) and moderators in legal action. Are you suggesting that prospective legal action does not concern you?

Threats like this is so amateurish. I think you watched too much American court dramas or worst, too much Alley McBeal.

It matters not whether the administrator(s) and / or moderators are volunteers or paid employees nor whether the site is commercial or not, the potential civil and criminal liabilities are equally detrimental.

You failed to realised that you post as a nameless, faceless ghost (aka anonymous guest). You have never contributed anything to the forum except the few lousy post and here you are making threats and demands? Uncle have been threaten since young, your threats only makes you looked stupid. You are really pathetic thinking that your lousy threat will scared people.

[HendryTan]

Dear Two For Me

I thank you for your feedback and your concerns. I assure you we know what we are doing.

The greatest help the user community can help us is to : post interesting articles / discussions within our published guidelines.

With this post, I will end this conversation and go back to clear my backlog of work in the office.

Cheers !

Hendry Tan

Admin cum Mod

[IpMan]

post deleted

 

Edited February 14, 2016 by IpMan

[Bern]

Hi IpMan,

It is safe to assume ALL company pc usage are monitored to a certain extent. I would suggest to not use it for any activity you do not wish to potentially expose yourself to. If you really have to, refrain from connecting to the company's wifi and do it on your own phone/tablet instead.

Btw you just replied to a 5 year old topic. Next time, start a new thread instead.