Archived from groups: microsoft.public.windowsxp.newusers (
More info?)
Hi Joe
I checked the ipconfig you mentioned, the result was the same IP [my]
address & the same Subnet as the alert from NIS. You suggested not to block
them unless my IP addy is configured statically. I have a constant connection
to the net and I have an ADSL broadband connection. I have blocked that
connection can I reconfigure it or should I wait until it tries to connect
again and then allow the connection.
Cheers
indiana
"joeu2004@hotmail.com" wrote:
> I did not see your original question.
>
> "indiana" wrote:
> > Can someone plz explain how a pc finds its own IP address.....
>
> That will depend on how you connect to your ISP.
> Typically, DHCP is used to request an IP address
> from your ISP. That is, your IP address is assigned
> dynamically. You might be assigned the same IP
> address each time you start your system, if you
> do that often enough.
>
> In some circumstances, the IP address will be
> assigned and configured statically. That is,
> your ISP determines your IP adress one time, and
> it is becomes part of your system's TCP/IP
> configuration.
>
> DHCP is a network protocol -- a method by which
> your system's DHCP client communicates with a
> DHCP server that is typically running on another
> system.
>
> > When I want to connect to a site on the web does the connection
> > go through my ISP first, then redirected to the web site I want.
>
> That depends on a number of factors, including ISP
> network design and whether or not you rely on a web
> proxy server. Go to
http://whatismyipaddress.net .
> Compare the IP address it shows with the IP address
> that you see when execute the command "ipconfig" in
> the window that you open with Start -> Run -> "cmd".
>
> > How does the loopback work?
>
> I am not exactly sure what you are asking. From your
> following question, I wonder if you mean: what does
> NIS mean by the term "loopback"?
>
> To be honest, I am not sure. Strictly speaking, the
> "loopback IP address" is 127.0.0.1. It is a way for
> your system to address itself without known its own
> IP address (or before one is assigned).
>
> However, IP also "loop back" packets that are
> addressed to a local IP address. I usually include
> such packets when I speak of "loopback". I don't
> know if NIS counts them as "loopback".
>
> "Loopback" packets do not appear on the wire.
> 127.0.0.1 packets are always looped back within IP.
> Usually the same is true for self-addressed packets.
>
> (For testing purposes, a config option might allow
> self-addressed packets to be looped back within the
> driver.)
>
> (Rarely and also for testing purposes, there are
> hacks that allow self-addressed packets to go out
> on the wire. You should never encounter this
> situation, since it requires a special topology
> to be useful.)
>
> > I received a alert from NIS '04' inbound UDP packet.
> > Local address,service is (255.255.255.255,bootps(67))
> > Remote address,service is (JDCS(192.168.1.9),bootpc(68))
> > Process name N/A. I am not sure whether to allow or
> > block the connection,what do you suggest.
>
> I do not block them, unless my IP address is
> configured statically.
>
> But I say that with some uncertainty. See below.
>
> > Does it have
> > something to do with the PC finding it's own IP address.
>
> Perhaps. DHCP is a superset of BOOTP, an earlier
> network protocol for a system to use to discover
> its own IP address (and more). DHCP uses the same
> port numbers and op codes. So the "BOOTP" packets
> that NIS would block might be your DHCP packets
> and responses from a legitimate DHCP server.
>
> So blocking "BOOTP" theoretically could prevent
> your system from getting an IP address and functioning
> on the internet.
>
> But this is where my uncertainty lies.
>
> First, DHCP packets are distinguishable from
> "non-DHCP" BOOTP packets. So it is possible that
> NIS only blocks the "non-DHCP" BOOTP packets. If
> that is the case, there should be no harm in blocking
> "BOOTP" packets.
>
> (I like to block every protocol that I have no use
> for because I am not smart enough to know if and
> how a hacker could exploit it for malicious purposes.)
>
> Second, I experimented with blocking inbound and
> outbound "BOOTP" packets in NIS. My system networking
> still functioned normally after I restarted it,
> acquiring its IP address dynamically from both
> dial-up (AOL) and cable networks. (I believe DSL
> would behave equally well.)
>
> Ostensibly, that would seem to confirm that NIS
> only blocks "non-DHCP" BOOTP packets, and there is
> no harm in blocking them.
>
> However, I confess that I am not familiar with all
> the details of Win XP. It is possible that the
> system relied on stored IP information, since the
> DHCP lease time had not expired. Thus, it is
> possible that networking would stop working later,
> when the lease expires, when I block "BOOTP" in NIS.
>
> Historical note: BOOTP was originally designed
> for bootstrapping diskless systems. It was not
> intended to dynamically assign IP addresses. It
> was simply a way to build cheaper hardware, depending
> on one expensive system to provide disk storage.
> So I would not expect a PC to depend on "non-DHCP"
> BOOTP for IP address discovery. I would expect it
> to use the DHCP extensions.
>
> On the other hand, when I configure NIS to block
> "BOOTP" messages, the NIS statistics do show that
> the system sends some "BOOTP" messages outbound.
> Moreover, the AOL 9.0 client sends two BOOTP
> messages outbound when it starts up, in both "home"
> dial-up) and "home network" modes.
>
> A trace of network activity would dispose of my
> uncertainty. I don't have time to do that right
> now.
>
> Bottom line: I play it "safe" and do not block
> "BOOTP" messages in NIS.
>
>
Facebook
Twitter
Instagram