Register forum user name Search FAQ

Gammon Forum

Notice: Any messages purporting to come from this site telling you that your password has expired, or that you need to verify your details, confirm your email, resolve issues, making threats, or asking for money, are spam. We do not email users with any such messages. If you have lost your password you can obtain a new one by using the password reset link.

Due to spam on this forum, all posts now need moderator approval.

 Entire forum ➜ MUSHclient ➜ General ➜ Unable to Resolve Host Name...?
Unable to Resolve Host Name...?

It is now over 60 days since the last post. This thread is closed.     Refresh page

Pages: 1  2 

Posted by David Haley   USA  (3,881 posts)  Bio
Date Reply #15 on Thu 20 Nov 2003 01:55 AM (UTC)
Message
How do you know that someone isn't disguising port sniffer under "legitimate" data? Just like spammers are getting more and more clever about disguising their messages, I wouldn't be surprised if would-be hackers (or, hax0rs as they're known I guess) are trying smarter techniques. It could also be packets that are broadcasted to the whole network; that happens quite often. For example the network hubs in my room are always lighting up even if my computers are generating no traffic, it's just random noise over the network. When I turn on the packet observing programs, I can see what other people are sending over the ethernet network. Some of it even has "our" (quote, not emphasis) IP address on it, because it was traffic coming in from the outside through our router.
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone

http://david.the-haleys.org
Top
Posted by Shadowfyr   USA  (1,791 posts)  Bio
Date Reply #16 on Fri 21 Nov 2003 01:20 AM (UTC)
Message
Look.. I have no idea. I wasn't the one it happened to, however I generally assume that when someone that is an expert on how the internet really does things says that it works a particular way I tend to believe them. But even if not, then there are probably 100 pages for evey user on the internet all of which need an IP, not including the IPs of the tens of millions or more people online. There are only 999,999,999,999 possible IP addresses available many of them are bought up in blocks, so that a company could own everything in the range 800.0.0.0 through 800.100.255.255, even if they only use 10 of the addresses in the block. This farther restrict the ones available for directing information to other places. So, assuming that the minimum block size is 10,000 adresses, and only 50% of the ones available in each block are used at any time, that means that they are 'actually' only enough IPs for around 50 million users. AOL itself has more than that number of people and no matter how you do it, they *must* be an IP to connect to or P2P systems wouldn't work at all, since they connect using an IP address that has nothing to do with a DNS name or forknowledge about the IP of the actual router that redirects traffic on your network. It can't, because a connect request to your router's IP lacks any info on *which* machine needs to recieve the request, instead the router redirects to a virtual IP that it knows belongs to something internal to the network. However, that still requires a unique IP of some sort.

There simpler are not enough numbers to cover every server, networked computer (which in some systems could be thousands) and every single users, especially when ISPs and other businesses must buy more IPs than they expect to use, preventing anyone else from using them (in theory). The number just don't add up, even if you insist otherwise. Smaller blocks may be reasonable, but big ISPs are still going to buy rights to maybe 20% more addresses than they expect to use, at minimum, so same situation.
Top
Posted by David Haley   USA  (3,881 posts)  Bio
Date Reply #17 on Fri 21 Nov 2003 02:00 AM (UTC)
Message
OK... you asked for it *grin* Time to do some research on the topic...

All I can say is that your theory simply cannot work as it is stated. Let me take a simple example.

Let's assume that we have two computers, both of which are web servers, or POP3 servers, or any kind of server that listens for connection requests and responds - heck, even a MUD server. You, a user, send out a request to one of them, for your HTML or POP3 or whatever data, but you'll get two (or more...) replies! How are you supposed to know which one is right? How can your computer *possibly* know which response to accept? Of course this is not an issue *after* the connection is established - even if it sort of is, but let's forget about that for now - but just consider the problem for that first connection.

Or even consider your P2P argument. Because, as you so rightly stated, there are tons of computers running out there. So you send a p2p request - for, say, AIM file transfer - to IP w.x.y.z. Now, two computers share this IP address and both respond and accept - now what do you do?

Unless you have a really good explanation for how that is fixed up your sleeve, I just can't believe that two servers can share the same IP address.

Besides, if you do some research and digging, the numbers actually do work out...

This is information taken from the IP address authority:
http://www.iana.org/ipaddress/ipv6-allocation-policy-26jun02
Quote:

3.2.  Uniqueness

   Every assignment and/or allocation of address space must guarantee
   uniqueness worldwide.  This is an absolute requirement for ensuring
   that every public host on the Internet can be uniquely identified.


So therefore, it seems apparent that the standard itself requires that IP addresses be unique.

Another quote, from:
http://www.potaroo.net/ispcolumn/2003-07-v4-address-lifetime/ale.html
which is an article listed off of:
http://www.ripe.net/
which is the European Authority for IP addresses, which was listed off of:
http://www.iana.org/ipaddress/ip-addresses.htm
which is the World authority for IP addresses.
Quote:

There are three stages in address allocation. The pool of IP addresses is managed by the Internet Assigned Numbers Authority, IANA. Blocks of addresses are allocated to Regional Internet Registries, who in turn allocate smaller blocks to Local Internet Registries (LIRs) or ISPs.

Currently there are 3,707,764,736 addresses that are managed in this way.


So as you can see, your numbers are not accurate. If there truly are 999,999,999,999 addresses available, then we are quite far from running out. It also seems apparent that it is quite unnecessary to assign the same IP address twice - and this is even against the rules, as the quote above states, for the reasons that Nick and I mentioned.
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone

http://david.the-haleys.org
Top
Posted by Nick Gammon   Australia  (23,162 posts)  Bio   Forum Administrator
Date Reply #18 on Fri 21 Nov 2003 04:10 AM (UTC)

Amended on Fri 21 Nov 2003 04:39 AM (UTC) by Nick Gammon

Message
Quote:

There are only 999,999,999,999 possible IP addresses available many of them are bought up in blocks, so that a company could own everything in the range 800.0.0.0 through 800.100.255.255 ...


I see this subject is still kicking on, so I will make another couple of comments ...

There are not 999,999,999,999 IP addresses, I gather you are thinking IP addresses go from 0.0.0.0 to 999.999.999.999. However an IP address is a 32-bit number which is usually represented in "dotted decimal" notation by showing each byte with a dot between it, eg. 1.2.3.4. However a byte can only be in the range 0 to 255, so the highest possible IP address is 255.255.255.255. This still does not mean there are 255,255,255,255 addresses. There are 2^32 addresses which is 4,294,967,296 addresses.

This is less than 1% of the number 999,999,999,999.

Next, all those addresses are not available. For one thing, the entire range 10.0.0.0 to 10.255.255.255 is reserved for private networks, and thus you lose 16,777,216 addresses to that group alone, plus the other private subnets as well.

Next again, some addresses cannot be used, as an address with all one bits for the subnet is the "broadcast address" - which is used to broadcast to all stations on that subnet. For example, for Windows when it browses for other people on the nextwork, DHCP connections, and so on.

Your example IP of 800.0.0.0 could not exist. The highest value for any of the numbers between the dots is 255. I think this error was made in the movie "The Net" with Sanda Bullock. I quote from the "goofs" page of the IMDB listing for that movie:

"Factual Errors: When searching for Praetorian, Angela searches for the owner of IP address: 24.75.345.200 This address would be impossible on the Internet because no subnet address can be greater than 255. This is analogous to using an 8-digit phone number, not one starting with 555; there are validly formed addresses that could have been used instead. "


Finally I agree with Ksilyan that IP addresses must be unique.

For an analogy, imagine if there were two totally different places in the world which had an identical postal address. eg.

123 Main Street
Sometown
Texas
USA

How would a letter addressed to this address be delivered if that did not resolve to a single place? Would you have a 50% chance it would go to the "other" place of the same address, who would then throw it in the bin? Would you post two letters in the hope one of them made it? If you did that, would both letters not arrive at the same place anyway, which may well be the wrong one?

It is the same thing with IP addresses, they have to be unique or the system doesn't work.

- Nick Gammon

www.gammon.com.au, www.mushclient.com
Top
Posted by Samson   USA  (683 posts)  Bio
Date Reply #19 on Fri 21 Nov 2003 04:20 PM (UTC)
Message
Quote:

Angela searches for the owner of IP address: 24.75.345.200 This address would be impossible on the Internet because no subnet address can be greater than 255.


Yes. I spotted this one myself, but I always just assumed they did it on purpose to avoid the possibility of someone flooding a real address, much like they do with 555 prefix numbers on TV. I didn't really read anything more into it than that, certainly didn't use it to pick on the movie for factual errors :)

The whole reason they did the 555 thing with TV was because you had nutjobs who would actually call the numbers they made up, and sometimes there would be someone there. I'd hate for someone to see an IP on a movie or show and think "Hey, lets all bomb the place!" and have it be something vital by accident.
Top
Posted by David Haley   USA  (3,881 posts)  Bio
Date Reply #20 on Fri 21 Nov 2003 04:33 PM (UTC)
Message
Hmm, that's quite possible, even if I think you give them too much credit. :-) The thing is, when you see the absolute mess that most movies make out of the computer world, and how things *really* work, I wouldn't be surprised if it truly was a mistake on their part. After all, if they had wanted to give a non-bombable address, they could have given the localhost IP address (127.0.0.1) - but, I suppose, that IP address doesn't look as "cool". Still, it could have been a 192.168.x.y address, and that would have at least been on the local network or something. Didn't actually see the movie though... is it any good?
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone

http://david.the-haleys.org
Top
Posted by Shadowfyr   USA  (1,791 posts)  Bio
Date Reply #21 on Fri 21 Nov 2003 05:45 PM (UTC)

Amended on Fri 21 Nov 2003 06:05 PM (UTC) by Shadowfyr

Message
Hmm. Yeah. I keep forgetting that the ceiling on those things is 255. Oddly enough I have seen one case of someone used letters in what should be a numeric IP. Seems that the network in some places doesn't bother with the numberic number, but just redirects traffic based on the digits, so you can do some odd things. lol Hackers generally ignore what someone puts in specifications except as a starting point, so you have to expect some odd things. Then again, this could have just been a spoof in some email or the like.

However, it does make the situation potentially worse, assuming that I am not completely and totally wrong about some places doing it. Wish I could remember where I heard/read it... Having run a search on google I must admit that it looks like this is mostly an issue in internal networks running TCP/IP, which is more likely. Some networks apparently have very poor management and even one bad machine on it could mess up the cache for the network by refusing to release an internal IP that duplicated someone elses. However, this appears to be possible on the internet as well. Someone can accidently broadcast internal IPs into the outside world or even intentionally use an address they have no rights to. If the server that normally uses it was down, this would eventually poison all the DNS caches, resulting in traffic going to the invalid server. This trick can even be used on networks apparently to poison internal caches and hijack traffic.
Top
Posted by David Haley   USA  (3,881 posts)  Bio
Date Reply #22 on Fri 21 Nov 2003 06:00 PM (UTC)
Message
Well, what you may be thinking of is the fact that an IP number really just is one number, that is split into 4 bytes (hence the fact that it's capped at 255.) Therefore, it would be quite conceivable to have "letters" in its hexadecimal representation.

For example, if you have a.a.a.a, that means 10.10.10.10, and a.b.c.d means 10.11.12.13 ... etc.

I also wouldn't be surprised if some hackers:
a) didn't quite know what they were talking about, since a lot of so-called hackers (more like wannabees hax0rs - you know, those ub3r l33t ppl) only use script-kitties that do all the work for them;
b) thought it would be funny to put wrong ideas into the heads of the masses by writing so-called "technical articles"

Even if they don't want to follow the specification, they have to at some point or another, otherwise their traffic won't work on the network... and the whole point of being a hacker is to have your packets get around. :-) I wouldn't be surprised at all, though, if they used different notations for it, and wrote it down in hex instead of in decimal, or something like that. Maybe they think it's cooler... *shrug*

And yes, it is possible for one internal network to mess up its own caching and all that and therefore assign one IP to two computers, but if ever actually see that working you'll see that it seriously messses things up and it all stops working.
David Haley aka Ksilyan
Head Programmer,
Legends of the Darkstone

http://david.the-haleys.org
Top
Posted by Nick Gammon   Australia  (23,162 posts)  Bio   Forum Administrator
Date Reply #23 on Fri 21 Nov 2003 11:52 PM (UTC)
Message
Quote:

Didn't actually see the movie though... is it any good?


I saw it a while ago. It was fun if you ignore the factual problems, I think there were other errors, like a disk with a Mac virus infecting a mainframe, and towards the end, if I remember correctly, the "baddies" were after Sandra Bullock, and she popped the disk she had in her pocket into the disk drive of a PC/Mac/terminal/whatever, and the screen said "reading ... / deleting files", as if merely inserting a floppy disk could activate a virus like that.

Plus you have the things that movie makers seem to love, like screens which have about 3 lines of 20-point type (so the camera picks it up), rather than the tiny type most of us are used to.
- Nick Gammon

www.gammon.com.au, www.mushclient.com
Top
Posted by Nick Gammon   Australia  (23,162 posts)  Bio   Forum Administrator
Date Reply #24 on Sat 22 Nov 2003 05:42 AM (UTC)
Message
Quote:

The whole reason they did the 555 thing with TV was because you had nutjobs who would actually call the numbers they made up


The truly strange thing about this is that many TV programs and movies are about major crimes, murders, abductions, assaults, infidelity, drug running, wars, and violence in general. It doesn't seem to worry the producers that people might imitate the *major* plot of the show (eg. go out and kill someone) but they are really worried someone might pick up the phone and make a crank call.
- Nick Gammon

www.gammon.com.au, www.mushclient.com
Top

The dates and times for posts above are shown in Universal Co-ordinated Time (UTC).

To show them in your local time you can join the forum, and then set the 'time correction' field in your profile to the number of hours difference between your location and UTC time.

71,430 views.

This is page 2, subject is 2 pages long:  [Previous page]  1  2 

It is now over 60 days since the last post. This thread is closed.     Refresh page

Go to topic:           Search the forum

[Go to top] top

Information and images on this site are licensed under the Creative Commons Attribution 3.0 Australia License unless stated otherwise.

Home