Adv. TCP/IP settings - DNS tab - Register this connection's addres

G

Guest

Could some one please explain, in layman terms, when it is necessary to check
the above setting and when it is necessary to clear it?

(I'd be happy to receive a pointer to a suitable web page with a good
description/explanation.)

I have googled the string "Register this connection's addresses in DNS" and
about 75% of the pages that I skimmed recommend checking the box while 25%
recommend clearing the checkbox. I suspect the answer will be, "it depends on
your network's connection to the internet" so here is my situation:

Home Network:
1. cable modem
2. router
3. switch
4. Four PC's

5. The router is configured to "connect on demand"
6. The router is set to ignore WAN side requests (a.k.a. stealth mode)
7. Each PC uses a static IP address.
8. Each PC boots into Windows XP Professional.
9. My ISP does not support customers who choose to use a router.

10. The network switch is probably not a relevant factor - it's there to
allow me to also have an ATA (for VOIP) and a network printer since my router
has just four LAN ports.

My motivation for the question arises from the fact that certain websites
will alert me that they know my IP address. These sites routinely identify my
WAN-side IP address which is dynamically assigned using DHCP but for all
intents and purposes it is a static address since my ISP seems to have
reserved an IP address for my cable modem's MAC.

_Occassionally_ a site will advise that they ALSO know my LAN-side IP
address. (eg 192.168.yyy.xxx)

!!! This is a surprise to me because I thought that my router's NAT based
firewall effectively hides that level of detail. !!!

In my search for reason's why I came accross the "Advance TCP/IP Setttings"
- "DNS" tab - "Register this connection's address in DNS" and am wondering
whether this setting is relevant. I've set it both ways and it has no effect
but I wonder if that is just because the ISP's DNS server has already cached
this information.

Thank you for your consideration of this question.
 
C

Chuck

Could some one please explain, in layman terms, when it is necessary to check
the above setting and when it is necessary to clear it?

(I'd be happy to receive a pointer to a suitable web page with a good
description/explanation.)

I have googled the string "Register this connection's addresses in DNS" and
about 75% of the pages that I skimmed recommend checking the box while 25%
recommend clearing the checkbox. I suspect the answer will be, "it depends on
your network's connection to the internet" so here is my situation:

Home Network:
1. cable modem
2. router
3. switch
4. Four PC's

5. The router is configured to "connect on demand"
6. The router is set to ignore WAN side requests (a.k.a. stealth mode)
7. Each PC uses a static IP address.
8. Each PC boots into Windows XP Professional.
9. My ISP does not support customers who choose to use a router.

10. The network switch is probably not a relevant factor - it's there to
allow me to also have an ATA (for VOIP) and a network printer since my router
has just four LAN ports.

My motivation for the question arises from the fact that certain websites
will alert me that they know my IP address. These sites routinely identify my
WAN-side IP address which is dynamically assigned using DHCP but for all
intents and purposes it is a static address since my ISP seems to have
reserved an IP address for my cable modem's MAC.

_Occassionally_ a site will advise that they ALSO know my LAN-side IP
address. (eg 192.168.yyy.xxx)

!!! This is a surprise to me because I thought that my router's NAT based
firewall effectively hides that level of detail. !!!

In my search for reason's why I came accross the "Advance TCP/IP Setttings"
- "DNS" tab - "Register this connection's address in DNS" and am wondering
whether this setting is relevant. I've set it both ways and it has no effect
but I wonder if that is just because the ISP's DNS server has already cached
this information.
Click to expand...

A lot of web pages will display information relevant to your computer. Not all
information displayed in your browser gets transmitted to the website, it just
gets displayed from settings in your operating system. They display the
information to you, routinely, as a service.

You could verify, using a packet sniffer, what gets sent out. If you BUY
PortExplorer (only the paid version has this feature), you get a lightweight
packet sniffer.
<http://nitecruzr.blogspot.com/2005/05/essential-tools-for-desktop-and.html#DiamondCS>
http://nitecruzr.blogspot.com/2005/05/essential-tools-for-desktop-and.html#DiamondCS

Now the "Register this connection's address in DNS" is for LANs that have a
local DNS server, and probably doesn't apply in your case. Or do you have a
server? Or do you (your computer) just go straight to your ISP's DNS server?

If there was any embarrassing information about you, available to any hostile
website, you can bet that Steve Gibson would have caught it. He catches
everything else, including stuff that doesn't exist.
<http://nitecruzr.blogspot.com/2005/05/security-by-obscurity.html>
http://nitecruzr.blogspot.com/2005/05/security-by-obscurity.html

You can check out Steve's website, and see what he can tell you. This is the
most direct link available; on this page, select "ShieldsUP!".
<http://www.grc.com/default.htm>
http://www.grc.com/default.htm

ShieldsUP! will display your public IP address, and the reverse lookup for that
address. And that's it. If your computer (or your NAT router) was leaking LAN
details, I suspect that Steve would have written about it by now.

There actually was a website, sometime ago, which contained code to make your CD
tray open. The website convinced a few unwary folks that their computer was
0wn3d. Gave a big laugh to others. But it did promote some security awareness,
so it wasn't all bad. Maybe that's what some of these websites that you have
been hitting are intended to do. Share a list of these websites, and I suspect
some security experts will tell you what their ability is.
 
G

Guest

Thanks for a prompt reply!

Chuck said:
Now the "Register this connection's address in DNS" is for LANs that have a
local DNS server, and probably doesn't apply in your case. Or do you have a
server? Or do you (your computer) just go straight to your ISP's DNS server?
Click to expand...

OK, thanks. I do not have a local DNS server. I do use the ISP provided IP
addresses for their DNS servers.
If there was any embarrassing information about you, available to any hostile
website, you can bet that Steve Gibson would have caught it. He catches
everything else, including stuff that doesn't exist.
Click to expand...

Fair enough. GRC is the site I have used to verify the stealth nature of my
ports ... well at least whenever Azureus is not running. GRC's site was not
one that reported my LAN-side private IP address. But even so I take your
point that advertising that LAN-side IP address probably does not constitute
any privacy or security threat.
 
C

Chuck

Thanks for a prompt reply!



OK, thanks. I do not have a local DNS server. I do use the ISP provided IP
addresses for their DNS servers.


Fair enough. GRC is the site I have used to verify the stealth nature of my
ports ... well at least whenever Azureus is not running. GRC's site was not
one that reported my LAN-side private IP address. But even so I take your
point that advertising that LAN-side IP address probably does not constitute
any privacy or security threat.
Click to expand...

YW. Stay safe - and paranoid - just not TOO paranoid. ;)
 
N

N. Miller

My motivation for the question arises from the fact that certain websites
will alert me that they know my IP address. These sites routinely identify my
WAN-side IP address which is dynamically assigned using DHCP but for all
intents and purposes it is a static address since my ISP seems to have
reserved an IP address for my cable modem's MAC.

_Occassionally_ a site will advise that they ALSO know my LAN-side IP
address. (eg 192.168.yyy.xxx)

!!! This is a surprise to me because I thought that my router's NAT based
firewall effectively hides that level of detail. !!!

In my search for reason's why I came accross the "Advance TCP/IP Setttings"
- "DNS" tab - "Register this connection's address in DNS" and am wondering
whether this setting is relevant. I've set it both ways and it has no effect
but I wonder if that is just because the ISP's DNS server has already cached
this information.

Thank you for your consideration of this question.
Click to expand...

The Advanced TCP/IP Settings menu has no relevance to a web site being
able to reveal your private LAN IP address. On all sites I have visited
which do that, the site uses a Java applet to display your private IP
address on your screen for you to see. It is not clear to me that they
actually send that information from your computer to their computer;
though I suppose that they could with a Java trick. Go to one of those
sites with Java disabled and they can't find your LAN IP address. Be
sure you understand; this is Java, not JavaScript, I am speaking of.

The other point to keep in mind; so they know your LAN IP address, what
will they do with that knowledge? Unless they are trying to set up a VPN
tunnel, knowing your private IP address is of no use to them.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Static IP on a printer fails 6
How do I convert my second Router into an Access Point 0
Configuring IP address 1
DSL modem's IP must be outside the router's subnet? 4
DNS registration 3
Help with shield router 5
Simple DNS update question 1
Pc not grabbing an IP address 8

Top