Solved

IP blocking

Posted on 2004-10-16
22
539 Views
Last Modified: 2013-11-16
I want to block anyone that trys to trace my IP, i want to keep certain people out of my business.  I am having problems with an ex getting into my stuff through my IP, can you help
0
Comment
Question by:corey27
  • 6
  • 3
  • 3
  • +6
22 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 20 total points
Comment Utility
??Use a firewall??

it dont matter who has your IP address if its sheilded

ZoneAlarm
The basic version is still free!
http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp;jsessionid=10lfaHFKttIAMkUvvZm1xhWKVLKHVeYPMJpXB1I1UxUpAC2ZioSE!1284415661!-1062696903!7551!7552!1822958594!-1062696904!7551!7552?lid=home_zainfo
Zone Labs offers a complete range of firewall products, from the free ZoneAlarm, to the comprehensive protection of ZoneAlarm Plus, to the ultimate privacy and security tools in ZoneAlarm Pro.

Black Ice Defender
http://blackice.iss.net/
BlackICE teams a personal firewall with an advanced intrusion detection system to constantly watch your Internet connections for suspicious behaviour.

Symantec's Norton™ Personal Firewall
http://www.symantec.com/sabu/nis/npf/
Keeps hackers out and personal data in. It makes robust firewall protection easy by automatically hiding your PC on the Internet and blocking suspicious connections. Norton Personal Firewall also protects your privacy by preventing confidential information from being sent out without your knowledge.

McAfee Personal Firewall
http://us.mcafee.com/root/package.asp?pkgid=101&WWW_URL=www.mcafee.com/myapps/firewall/ov_firewall.asp
Personal Firewall places a barrier between the Internet and your PC, helping to block hackers from accessing your computer and allowing you to digitally 'fingerprint' trusted applications. Every time your computer is probed or attacked, you get detailed reports and clear follow-up options.
0
 
LVL 3

Expert Comment

by:browolf
Comment Utility
You're gonna have to elaborate "getting into my stuff" so we can determine exactly what problem you have. you have a firewall yes?
0
 
LVL 3

Expert Comment

by:happythedog
Comment Utility
start here
http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
then use a cisco 2500 series router or a pix if youve got the cash to block the rest
0
 

Expert Comment

by:KlickSuperfly
Comment Utility
A few basic security suggestions:

1.  If you're on a high speed connection to the Internet make sure that you connect through a router even if you only have one computer at your location.  A router will block almost all incoming traffic and can even be configured to make your address invisible to others on the internet.  Your router can also be configured to allow traffic (that you specify) in.  A couple of suggestions would be the D-Link DI-604 or the Linksys BEFSR41.  Both are inexpensive and will be easy to find.
2.  If you're on dial-up internet, you don't have to worry that much about your IP because it will probably change each time you connect.  As PeteLong said above, make sure you have a software firewall installed.
3.  If you have a wireless network at your location make sure any shared folders on your computer(s) are protected with a password that would be hard to guess (IE: a word and some numbers - something49)
4.  If you're really paranoid: make sure that only people that you trust have physical access to your computer.  If had access to your computer they could install a trojan or remote login that would allow them access from anywhere.

Hope some of that helps.  If it doesn't, give us some more information and we'll see what we can do.
0
 

Expert Comment

by:KlickSuperfly
Comment Utility
Oh, one thing that I forgot to mention, if you surf the internet and visit websites, they can "trace" your IP (the server has to know where to send the information).

After I've read your question again it almost seems to me that you've got reason to believe that your ex has access to your computer.  (S)he might have installed the remote login software (something like VNC or RemoteAdmin) so (s)he can see what you're doing.  (assuming that you're on high speed like cable, dsl, or wireless) A router would fix that by blocking the ports that they use to access your computer.  The two routers I mentioned above are pretty much plug-and-play and will do what you need them to do right out of the box.
0
 
LVL 3

Expert Comment

by:happythedog
Comment Utility
D-Links and Linksys are **** , dont have the AAA features of a cisco , or the security. and port blocking can be done off of a fw such as BlackIce.
0
 

Expert Comment

by:KlickSuperfly
Comment Utility
From the Cisco website (http://www.cisco.com/warp/public/cc/pd/rt/2500/index.shtml) "Cisco 2500 series routers have reached end-of-sale and are no longer orderable."

Besides that, those routers cost over $1000 new, and a couple hundred used.  The 2600 series are the replacements and list at ~$2000 new, ~$500 used.  Granted, they offer unparalelled protection but I don't know many home users that will spend more than their computer is worth on a router.

At any rate corey27, as you can see there are methods from $0 (ZoneAlarm - thanks to PeteLong) all the way up to the very expensive (~$1000 if you've got deep pockets like happythedog does).

The D-Link and Linksys are affordable and will keep 99.996% of attackers out.  Routers are hackable, but it can take a very very long time to get through them and is usually not worth it.  My guess is that once your ex sees that you've thrown up an obsticle or two, (s)he will leave you alone (unless they are "boil-your-bunny" crazy).  In that case, buy a bat, bar your windows and doors, unplug the computer, and call the cops. ;-)
0
 
LVL 3

Expert Comment

by:Brucemat
Comment Utility
Install Zonealarm this should take care of the lo for you it wont allow people to trace you and it wil ask you weather you want people to access your stuff before letting them come in.

Ferther to this I would not keep critical information on an online conected machine unless you want people to access it.

To secure your machine up a bit more I would consider buying a hardware firewall this will meen you can still access the internet but you will be a stage removed from it so the people can not just access your machine directly.

I would also consider installing a more secure version of windows. I am not sure which version you are using but I would recoment eather windows 2000 pro or win xp pro (not the home version) as these versions of windows have better security features than other versions and will only let people you want to access data get access even if they have physical access to the machine (within reason)

Bruce
0
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
> ..  anyone that trys to trace my IP ..
impossible as long as your computer is connected to internet
0
 
LVL 2

Expert Comment

by:amzweg
Comment Utility
Use a public Proxy Server or connect via a NAT device.
If you use a public Proxy server it will not be your IP address listed in the log files off the websites you visit, it will be the IP number of the Proxy server.
Off course on the proxy server your IP number will be known, and you can NOT change that. - This is because when communicating the computer you are requesting data from need to know where to send it to.

If you are connected via a NAT device then the public IP address of the NAT device (eg router or modem) will be known and not your private IP address.
But if you are doing the webbrowsing etc from home then it is still your home the outside world can trace to.

A firewall will block you from reveiling more information than you want, but a trace to your firewall is still possible.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
>  Use a public Proxy Server or connect via a NAT device.
does not help that your IP is public.
It's the nature of internet that IPs are public.
0
 
LVL 2

Expert Comment

by:kpaske
Comment Utility
There have been some very good answers and suggestions here regarding making your computer more secure.  However, if you tell us how you think your ex is getting into your computer, we might be able to offer a more specific fix.  What is it that (s)he is doing?
0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
regarding "D-Links and Linksys are ****"

Any natting router, if no ports are open, will prevent someone from opening a connection from the outside.

Low end 'residential gateways' can provide perfectly adequate protection for a SOSO with no publicly accessible machines.
0
 
LVL 3

Expert Comment

by:happythedog
Comment Utility
sone alarm has many holes including  any non TCP UDP packet, Nat has its own set of flaws , as this is isnt a cracking/hacking site i would go into them here.
those routers are end of sale thats why you find the 2501 series for a few hundred on ebay. Bruce windoze is not a secure os by any means take a single look at microsofts own website,
new holes are discovered every day for windows , 2000 being four years old has had most of its holes patched ( we hope ) but am i the olny one who remembers the rather public
leaking of microsofts 2000 source code which is the foundation of xp?
go to a freebsd or a solaris box , much less risk, use the built in tools their you can secure a system to a medium degree
0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
Yes, you can get a 2500 for next to nothing.
The learning curve is rather steep for a hobbyist, there's no hardware or software support without expending additional money.
You could also pick up a 486 from the dump and run a linux firewall for nothing at all. Again - the learing curve is the price.
Beyond anti-virus and adware blockers, education is the only defense.
Learn what risk behavior is and avoid it.
Linux source code has been public from day one. It is not as target rich an environment as windoze, though.
I'm not sure what impact the leakage of micro$oft's source code had on vulnerability exploits, bit I suspect with the deluge of patches Redmond releases, it's probably minimal by now.

0
 
LVL 2

Expert Comment

by:kpaske
Comment Utility
OK, the question wasn't how to make a Windows network bulletproof.  We all know that isn't going to happen, and that's not what the author is asking.  The question was, how does the author keep his/her "ex" from browsing around his/her computer.  Depending on the "ex's" level of skill, it could be very simple.  My suggestion is this:  start off with the basics.  Make sure you have some sort of firewall software running.  The easiest solution, if you are running WinXP is to simply go into Windows update and install all the latest patches, including Service Pack 2 (SP2).  That will turn on the default firewall, and unless your "ex" is a fairly experienced hacker, it will likely block out any of his/her attempts to get into your computer.

Also, anti-virus and anti-spyware utilities are very important.  If you don't already use them, look into McAfee or Symantec's (Norton) anti-virus products, and use LavaSoft's Adaware (free) and Spybot Search and Destroy (also free).

0
 
LVL 3

Expert Comment

by:happythedog
Comment Utility
thats the major point i was driving at Linux is public, its perfectly legal for anyone to examing the source code and make changes ( most versions )
Windows is private its not legal to have windows source code without authorization from M$, so now development is stiffled nobody is going to fix something m$ missed.
and theirs new patches all the time its a patchwork operating system. go to freebsd , a linux firewall can be quite secure but youve got to extensivly test it. the 2501 is already tested and mature.
0
 
LVL 3

Expert Comment

by:happythedog
Comment Utility
By microsofts own admission SP2 makes some applications not work , including word 2000
0
 
LVL 18

Expert Comment

by:chicagoan
Comment Utility
It you suspect evesdropping, could the 'ex' have installed a logger? I'd wipe it.
0
 
LVL 3

Expert Comment

by:happythedog
Comment Utility
get a good DOS floppy.
Type Debug a white line will show then type the following script

type the text after the response without putting in a space between the response and what you type in.

A:\>debug <enter>
-fcs:200 400 0 <enter>
-acs:100 <enter>
-xxxx:0100 mov ax, 0 <enter>
-xxxx:0103 mov ax, cx <enter>
-xxxx:0105 out 70, al <enter>
-xxxx:0107 mov ax, 0 <enter>
-xxxx:010a out 71,al <enter>
-xxxx:010c inc cx <enter>
-xxxx:010d cmp cx,100 <enter>
-xxxx:0111 jb 103 <enter>
-xxxx:0113 mov ax,302 <enter>
-xxxx:0116 mov bx,200 <enter>
-xxxx:0119 mov cx,1 <enter>
-xxxx:011c mov dx,80 <enter>
-xxxx:011f int 13 <enter>
-xxxx:012l int 20 <enter>
-xxxx:0123 <enter> (without typing anything.)
-g <enter>
program terminated normally
If you are doing this debug routine to clear out a possible virus turn off your computer and wait and turn back on.
-q <enter>
Once back at DOS reboot your computer
This will clear HDD and CMOS to lowest levels , and is totally safe on ide/eide drives
http://www.computerhope.com/rdebug.htm#5
______________________________________________________________________________________________________________________________________________________
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now