Replies to This Discussion

Permalink Reply by James Knott on October 4, 2011 at 8:06am

"You don't need to be an expert to get such metrics. The fact that there's a DHCP or NAT router on the tower does not hide the other fact that we constantly get the same few IPs being used on the Internet, and being trackable to a single tower, independantly of the user connected to it with its smartphone."

I never said there was DHCP or NAT at the tower. I had said it's further back in the network. Please explain how an IP address is traceable to a single tower, when the equipment to provide an address doesn't exist there. As I mentioned in another note, the company I work for (I'm the operations manager there) is working on a LTE roll out for a major carrier. At the cell sites, there is the incoming fibre, or in some cases microwave, that connects to an Ethernet switch and then to the radio base station. There is no other equipment that might affect the data connection. A cell tower, with respect to IP data, is essentially equivalent to a big WiFi hotspot. It simply bridges the data to the internal network, with routing, DHCP, NAT etc. performed elsewhere. The only IP addresses at the cell sites are those used for management of the equipment. If they did otherwise, with NAT, routing etc. at the cell site, it would be very difficult to move the phone while using IP, as the web site etc., that you're connected to would see different IP addresses as you moved, and think it's an entirely different connection.

As an experiment, connect to a site such as www.grc.com*, which displays the IP address that it sees, which would be the public address you NAT to and see if it changes as you move around town.

*You have to run the ShieldsUp! port scan. There are other sites that will display your IP address as well.

• ▶ Reply

Permalink Reply by Philippe Verdy on October 4, 2011 at 11:07am

There are tons of sites that will report you the public IPv4 address they see when you connect to them. Not a big deal. Personnally I will prefer getting this info from a known secure site rather than an unmanaged site or a commercial site that wants to sell you their security solution (using sometimes fake reports...)

Anyway, the "ShieldsUp!" port scan finds nothing on my PC, except its public IPv4 address, and it does not test the IPv6 address through which the test could be reached (does grc.com have an IPv6 address that I can connect to?).

Most personal firewalls today don't handle the IPv6 trafic, and won't block the IPv6 traffic, so port scans via IPv6 used by malwares may still find many more vulnerable clients than with IPv4. With the growing number of Internet users that have an IPv6 connection (even through a tunnel), this may be a concern.

 

Sometimes, some ISPs did not inform their customers before activating the IPv6 connectivity, this is the case of my ISP, and I noticed it working through a new tunnel only weeks after the change of its router firmware. How lame they can be ! Thanks I was not attacked, because I had previously already used some third-party Teredo tunnels, and preconfigured and checked my security, but may be the Teredo tunnel broker was implementing the firewall itself, but not my ISP.

 

So I had to check this again to see if I was vulnerable through this new unnoticed tunnel; it looks like my ISP filters (on its Cisco L2TPv2 tunnel) only a few wellknown ports used by Windows file/printer sharing, and outgoing SMTP connections, but nothing else (and there's no IPv6-to-IPv6 NAT: this is a lame bridge sharing data between distinct customers connected to the same L2TPv2 tunnel-broker, which also has severe bugs such as loosing essential IPv6 routing options needed for IPSEC, no longer working; my ISP has now suspended its experimentation and no longer adds new customers; Cisco will have to rework its bogous solution, or my ISP may use another technology for its final deployment)...

• ▶ Reply

Permalink Reply by James Knott on October 4, 2011 at 12:05pm

Sorry, I posted the wrong address from memory. The actual site is http://whatismyipaddress.com, as copied from my browser.

• ▶ Reply

Permalink Reply by James Knott on October 4, 2011 at 12:25pm

I can't edit or delete it, as we're only allowed 15 minutes to do so.  Perhaps one of the moderators could do it.

 

• ▶ Reply

Permalink Reply by James Knott on October 4, 2011 at 12:45pm

I've deleted it.

tnx

 

• ▶ Reply

Permalink Reply by James Knott on October 4, 2011 at 12:23pm

"Anyway, the "ShieldsUp!" port scan finds nothing on my PC, except its public IPv4 address, and it does not test the IPv6 address through which the test could be reached (does grc.com have an IPv6 address that I can connect to?)."

It shows the IPv4 address that you get through what the ISPs provide. At home & office, it shows the firewall address and not the local address. On smart phones, it shows the public address that's used for the various wireless devices. A few minutes ago, I got back from conducting my experiment to verify what I had said. I went to 3 nearby cell sites that are in a bent line. The approximate distances between sites are A-B 1 Km, A-C 2.3 Km and B-C 1.6 Km. At each site, I was no more than 50 m from the base of the site (tower or building and could look up at the antennas. I had with a Blackberry (work phone) and my own Android phone. The Android phone shows a public address that's assigned to my carrier. The Blackberry shows one for RIM, even though it's on the same carrier as my own phone. With both phones, I connected to that IP address site. On my Android phone, I also ran a utility called "G Tech Net Tools", which displays both the public and local IP addresses. As I went to the different sites, the Android always showed the exact same local and public addresses. The Blackberry would always get one of two sequential addresses and might change each time I refreshed the page. I always got the same two addresses at all three sites. This proves, at least on my carrier, that the phone's IP address is not dependent on the cell site, contrary to what you claim.

"Sometimes, some ISPs did not inform their customers before activating the IPv6 connectivity"

I thought we were discussing NAT and how each tower supposedly has only 1-3 public IPv4 addresses.

Remember this comment? "Typically, on a mobile cell, you just have a 1-3 IPv4 per cell" I'd like to know where you got that idea, which is incorrect.

• ▶ Reply

Permalink Reply by Philippe Verdy on October 4, 2011 at 12:42pm

May be your ISP uses adifferent strategy. Here I consistantly get the same few IPv4 addresses that almost never change, even when I'm connected with a different mobile phone (using a separate SIM card and distinct subscriber account from the same mobile carrier). The IPv4 address only changes when I move to another cell area (and it changes the same way on every phones). This means that there's no DHCP effectively giving a user-specific IPv4 address independantly of its cell position. The assignement of IPv4 addresses is geographically determined (the user access is checked by the GSM/UMTS/HSDPA network, but the IP routing, after untunnelling the authorized mobile transport is the same, we connect then to the same local proxy, which uses a private local IPv4 address; we don't have any public IPv4 address on the mobile device itself, the use of the proxy is mandatory, and it is used also to restrict the usable protocols to only HTTP, and HTTPS, and may be FTP but I never tested it; this proxy does not allow tunneling ICMP or UDP to/from the internet, except DNS only on the local link through a private local-DNS relay accessible with a static local-link IPv4 address).

• ▶ Reply

Permalink Reply by James Knott on October 4, 2011 at 12:59pm

Since the carriers use NAT for IPv4, I'd expect all the phones in an area to get similar public addresses (my Blackberry always got one of 2).  Now what are you referring to by cell area?  A single cell?  An area of a city?  Different city?  If the local or public IP addresses (or ports) changed as you moved, it would be impossible to maintian a TCP connection for any significant period of time.  It would also mess up many UDP services that are expecting to send the traffic to a specific address.  That said, if you travel far enough, you may get a different address, simply because you've moved from one segment of the carriers network to another.  Mobile IPv6 wll take care of that situation, as will some VPNs.

• ▶ Reply

Permalink Reply by Philippe Verdy on October 4, 2011 at 1:37pm

A cell is a cell: the area around a mobile network antenna (I know where they are located, their average radius is about 2 km large in my area). I don't speak about a city. Mobile networks absolutely don't care about city borders. You may even find embedded areas covered by a local cell (of just a few hundreds meters), where the larger cell creates a white zone. Here we also have "nanocells" created by home relays connected by a small USB key on DSL, fiber or cable routers (my mobile carrier is selling those small devices that can be connected on any Internet router from any ISP; it can be used by up to 5 mobile devices with a SIM card from the same mobile carrier; there's no additional usage cost than the purchase of the device; it is basically sold to extend the coverage of the mobile network within buildings, except that it does not use the mobile network infrastructure, but any available Internet infrastructure, on which it connects to the mobile carrier backbone via a VPN; the device can provide connectivity to any GSM or UMTS or HSDPA mobile device, within a very limited area and effectively creates another cell; as long as the device remains connected via Internet, its assigned IPv4 address over the VPN almost never changes). Other ISPs that also operate mobile networks are starting to bundle such device in their DLS boxes, and provide it with no additional cost (just like my ISP also integrates a firmware support in their "box" router to create an open Wifi hotspot accessible to every subscribers of FON in a perimeter of about 50 meters; at home I can detect about a dozen of those open Wifi nano-hotspots from various ISPs: although they are open, using it first requires logging with the ISP or with FON, in on a standard webpage relayed by the hotpsot which first appers before reaching any other website, or using a credit card to pay for one hour or one day; this hotspot is fully tunneled, secured, and has no access to the private LAN of the DSL/cable/fiber subscriber). There's probably similar services in other countries than France (notably with FON: my ISP subscription includes free access to all FON hotspots worldwide).

• ▶ Reply

• ‹ Previous
• 1
• 2
• 3
• 4
• Next ›
• Page