LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   IP address obfuscation (https://www.linuxquestions.org/questions/linux-security-4/ip-address-obfuscation-833820/)

Noway2 09-22-2010 12:00 PM

IP address obfuscation
 
I have noticed over the years that in various posts, not just here but anywhere, that there is a general trend to hide or obfuscate ones IP address, both public and private and I have found myself wondering if there is real and practical reason for this or if it is just a matter of comfort level?

As I see it is: 1 - your public IP is going to be found in a matter of minutes by several bots, 2 - if you run any sort of public server you want your IP to be determinable, 3 - if you have a dynamic IP it is going to change anyway. I can see some minor benefit to hiding a private (LAN) IP because it is one more minor hurdle to find the LAN machines, but more often than not, even this is identified in an email header or other sorts of information, even if it isn't translated through a NAT router. In other words, I don't see where hiding it in a tech support forum buys you any protection and I am curious if I am missing something?

AlucardZero 09-22-2010 12:22 PM

It's just security by obscurity. Which cannot be relied on, but is valuable. You don't want to invite bots / spammers / script kiddies to your door if you don't have to.

anomie 09-22-2010 02:37 PM

Quote:

Originally Posted by Noway2
In other words, I don't see where hiding it in a tech support forum buys you any protection and I am curious if I am missing something?

To flip the question on its head, there are certainly cases where sharing 'net facing IP addresses in a forum post is of no benefit, and the IPs can be obfuscated without the point being lost.

OTOH, I've seen cases where someone decides to post a networking question (e.g. about routing or packet filtering), and then obfuscates the IPs such that no one knows what the hell he is talking about, and troubleshooting becomes impossible.

In terms of the value of "hiding" an IP (when it's already being logged by a web server), I'll defer to the previous reply.

unixfool 09-22-2010 02:47 PM

It's just a set of numbers, right? Yeah, in a text book maybe. When assigned to a machine and when it is a public IP, it becomes a beacon/location/address.

I think it depends on how you're looking at things (cup empty, cup full).

I've posted my public IP in forums before and noticed spikes in scanning and exploit attempts in system logs. None of it hurt me but I still should've been more discreet when it comes to sharing my IP address with the masses...because I wasn't affected THIS TIME.

If you're uncomfortable with exposing your system to spamming attacks and such, it probably is a good idea to mask your IP.

To each his/her own...


All times are GMT -5. The time now is 11:20 AM.