IP address worry

Started by wander, October 27, 2017, 12:52:42 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

wander

Last night my net went out and after resetting my router and having the net come back, my IP address switches to one that is in a different location to myself.

I'm worried when the net went out that my comp may have auto-connected to a public wifi spot and left my net connection to be malicously fiddled with. I only noticed when I saw google located me in a different city and not the usual of listing my postcode.

I know Krack is a thing, so far nothing bad is happening with my comp, though I am worried people may be able to see the data I'm sending/being sent.

Any advice or ways I can sift out anything? My net security is up to date and hasn't found anything after a full system scan, though I still feel a lil insecure after discovering this.

Sprikut

I think I can help. I'll PM you and we can work out some testing processes.

wander

Thanks, PM reply has been sent.

I know the new IP is a link local one, so it could be just what my ISP is using from possibly their old server going down... Or something. I'm not knowledgeable on the ins and outs at this depth tbh. ^^;

Vekseid

Most major sites, Elliquiy included, will raise the riot act with your browser if the ssl is interfered with.

Missy

IP's also change periodically, and sometimes display incorrect locations as well. It's fairly ordinary actually to see dozens of IP addresses associated with a single account over a space of years within a sites ACP, if you looked them all up, some of them would relate erroneous locations as well.

Rook Seidhr

Quote from: Vekseid on October 27, 2017, 11:45:37 PM
Most major sites, Elliquiy included, will raise the riot act with your browser if the ssl is interfered with.
Unfortunately, without an extended-validation certificate, a moderately sophisticated attacker located physically nearby can conduct a man-in-the-middle attack over unencrypted wifi--and with KRACK in play, all wifi is effectively unencrypted.

I've been the victim of such attacks myself in the past. Once I didn't notice that PayPal was showing up as merely "Secure" instead of "PayPal, Inc. [US]" until after I'd typed in my password. I switched to cellular data and changed my password immediately.

wander

SSL and ACP is a lil above my experience in computer lingo, though my router is password protected and I'll always use 'https' rather than 'http' to look at sites.

I believe what probably has happened was my ISP's server went down and the local link IP that google and my net security picked up is from my ISP whilst they sort things out. Or something like that.

My computer isn't acting funny, I don't have any bank details on line to steal anyway. That I'm here alright and all seems secure after what Veks said makes me feel a bit more comfortable also.

Missy

Administrative Control Panel, sometimes just CP. Every forum has one.

Vekseid

Quote from: Missy on October 28, 2017, 01:08:49 AM
IP's also change periodically, and sometimes display incorrect locations as well. It's fairly ordinary actually to see dozens of IP addresses associated with a single account over a space of years within a sites ACP, if you looked them all up, some of them would relate erroneous locations as well.

They may display wrong locations but this is usually the fault of the GeoIP location service. If you know how to look up routing this resolves most such discrepencies. You can't for example route anything smaller than a /24, and it is rare to see blocks smaller than a /22.

Moving to SSL also stabilizes things with some providers who liked to cache non-SSL data. *cough* AOL *cough*

I've been toying with the idea of ASN-based security a lot these past few years, as well.

CriminalMindsFan

I've noticed that after an outage, my location on Facebook can change by a few miles. But the IP address often remains the same or a few of the numbers are different than previous time I looked at it.