Static versus dynamic IP address...

proto-fenix · 23rd July 2008, 9:38 AM

I am churning internet providers, and as a result I am changing from a dynamic IP to a static IP address.

Just wondering what differences/advantages there are in a static IP. A few of the thoughts I had were:

- If I have a predetermined IP, do I have to manually set it on my computer for my internet to work? (ie. will I be automatically assigned an IP from my ISP?)
- If I have more than one computer connected, do I have to manually set IP addresses for each? Or can I still use DHCP locally even though my ISP does not automatically assign one?
- Is it unsafe having the same IP address? Are you more susceptible to internet attacks?
- Are servers (FTP, email etc) easier to set up?

I had a quick google but wasn't able to find definitive answers I was happy with.

Thanks in advance.

Gumby · 23rd July 2008, 9:51 AM

1. Still use DHCP on the Internet interface. Only difference is they won't change the address returned to you.
2. Still use DHCP locally. Change of Internet provider won't alter your local setup.
3. No difference.
4. Makes it easier as you have a static IP, thus you don't need a DNS service that will update as your IP changes. Actual software setup of services is no different.

s3kemo · 23rd July 2008, 10:02 AM

Quote:

Originally Posted by proto-fenix

- If I have a predetermined IP, do I have to manually set it on my computer for my internet to work? (ie. will I be automatically assigned an IP from my ISP?)No, your modem is assigned that IP by your ISP. There are no configuration changes regarding dynamic/static external IP on your modem. The difference lies in when your modem loses its connection to the ISP. With a dynamic address you would be set another IP from the pool of available IPs, but with static you are guaranteed the same address.

- If I have more than one computer connected, do I have to manually set IP addresses for each? Or can I still use DHCP locally even though my ISP does not automatically assign one?No difference, as the static IP is assigned to the external interface of your modem. Your internal network doesn't require any changes.

- Is it unsafe having the same IP address? Are you more susceptible to internet attacks?Not any more than with a dynamic address, but if you get banned from a website by IP, you can't dodge that one like you can with a dynamic IP

- Are servers (FTP, email etc) easier to set up?Yes and no. DynamicDNS is a good work around for a dynamic external IP, but with a static IP it's easy to get a domain name, or access your internal network from a remote location as your IP remains the same.

EDIT: formatting change.

Spingo · 23rd July 2008, 10:06 AM

I'd argue that it is slightly less "safe" with a static IP address because the same "system" is presented on that given IP address while said system is switched on.

For instance, I can go along, connect to an HTTP service running on that IP address and potentially record various data regarding the what HTTP daemon is used, the version number etc. While that daemon may not be exploitable today, I may notice some time in the near future that an exploit for that web server is available. I can go into my logs and then see if your daemon has been patched or not. If it isn't, I can exploit away.

With a dynamic IP, I'd be less likely to be able to do this as your IP may have changed between the time that I did my initial scan and the exploit was available.

The lesson to be learnt here: Having a static IP address means that you should pay even more attention to security updates and ensure that your systems are up to date (even though you should still be doing this with a dynamically assigned IP).

Doc-of-FC · 23rd July 2008, 6:53 PM

Quote:

Originally Posted by Spingo

I'd argue that it is slightly less "safe" with a static IP address because the same "system" is presented on that given IP address while said system is switched on.

you're just as vulnerable with a dynamic IP, the amount of incoming exploit attempts between a static IP and a long connection duration dynamic IP spaced one ip out from each other will still be the same.

stalin · 23rd July 2008, 8:55 PM

The only place where a dynamic IP provides additional benfits over static is with a targetted attack.

If someone wants to attack YOU, and not just your IP, having a static IP will allow them to chip away at your defenses for an extended time, or to wait until your slow on your patches etc etc.

With a Dynamic IP in that situation, they have to find you each time. there are a number of relatively simple methods to do this, but it is another layer of 'defense'.

Having said that, personalised attacks are very rare compared to SK's so I would not consider it a plausible negative of a Dynamic IP.

Doc-of-FC · 24th July 2008, 9:11 AM

Quote:

Originally Posted by stalin

With a Dynamic IP in that situation, they have to find you each time. there are a number of relatively simple methods to do this, but it is another layer of 'defense'.

that's starting to sound like security through obscurity stalin......

Maybe you can hide in IPV6, but in IPV4 land, you're still 1 in 4,294,967,296 usable addresses, you will be found.

Spingo · 24th July 2008, 9:25 AM

It is security through obscurity - and as I clarified in my post, its no excuse not to take all other security-related precautions that you otherwise would.

Security through obscurity isn't the be-all-and-end-all of security, but it is another element of the broad picture that has some (albeit minor) merits.

Doc-of-FC · 24th July 2008, 10:21 AM

back to the OP's question:
- Is it unsafe having the same IP address? Are you more susceptible to internet attacks?

no its not unsafe, its just as safe as having a dynamic ip, an IP address is an IP address. regardless of lease time. are you more susceptible to internet attacks, not really. if you're going to be running a high profile website, do you really want this on a dynamic IP?

last time i checked, you will constantly get bombarded with random rogue RPC /DCOM / IIS / apache attacks on static and dynamic IP's.

so are you less safe, no
are you more safe, no
are you safer to shutdown your internet facing connection than wondering which of the two above ip address lease times are safer, yes.

static IP's usually are a good thing, it stops people trolling forums / IRC / most things where you can be IP banned.
although they are painful when when you prove someone wrong on efnet and they launch a DDOS attack against you.

phreeky82 · 24th July 2008, 10:49 AM

Actually as somebody pointed out earlier, it'll make SFA difference to random attacks. But if for some reason somebody attempts to specifically target you, then it probably is a little less safe.

23rd July 2008, 9:38 AM	#1
proto-fenix Member Join Date: May 2004 Location: alicesprings.nt.au Posts: 405	Static versus dynamic IP address... I am churning internet providers, and as a result I am changing from a dynamic IP to a static IP address. Just wondering what differences/advantages there are in a static IP. A few of the thoughts I had were: - If I have a predetermined IP, do I have to manually set it on my computer for my internet to work? (ie. will I be automatically assigned an IP from my ISP?) - If I have more than one computer connected, do I have to manually set IP addresses for each? Or can I still use DHCP locally even though my ISP does not automatically assign one? - Is it unsafe having the same IP address? Are you more susceptible to internet attacks? - Are servers (FTP, email etc) easier to set up? I had a quick google but wasn't able to find definitive answers I was happy with. Thanks in advance.

23rd July 2008, 9:51 AM	#2
Gumby Member Join Date: Jun 2001 Location: Brisbane Posts: 1,709	1. Still use DHCP on the Internet interface. Only difference is they won't change the address returned to you. 2. Still use DHCP locally. Change of Internet provider won't alter your local setup. 3. No difference. 4. Makes it easier as you have a static IP, thus you don't need a DNS service that will update as your IP changes. Actual software setup of services is no different. __________________ Green Gumby Photography Equipment Gallery

23rd July 2008, 10:06 AM	#4
Spingo Member Join Date: Jun 2001 Location: At night, rave near the guards compartment, naked, with a blue light Posts: 1,047	I'd argue that it is slightly less "safe" with a static IP address because the same "system" is presented on that given IP address while said system is switched on. For instance, I can go along, connect to an HTTP service running on that IP address and potentially record various data regarding the what HTTP daemon is used, the version number etc. While that daemon may not be exploitable today, I may notice some time in the near future that an exploit for that web server is available. I can go into my logs and then see if your daemon has been patched or not. If it isn't, I can exploit away. With a dynamic IP, I'd be less likely to be able to do this as your IP may have changed between the time that I did my initial scan and the exploit was available. The lesson to be learnt here: Having a static IP address means that you should pay even more attention to security updates and ensure that your systems are up to date (even though you should still be doing this with a dynamically assigned IP). __________________ This is the noise that keeps me awake...

24th July 2008, 9:25 AM	#8
Spingo Member Join Date: Jun 2001 Location: At night, rave near the guards compartment, naked, with a blue light Posts: 1,047	It is security through obscurity - and as I clarified in my post, its no excuse not to take all other security-related precautions that you otherwise would. Security through obscurity isn't the be-all-and-end-all of security, but it is another element of the broad picture that has some (albeit minor) merits. __________________ This is the noise that keeps me awake...

24th July 2008, 10:49 AM	#10
phreeky82 Member Join Date: Dec 2002 Location: Townsville Posts: 9,102	Actually as somebody pointed out earlier, it'll make SFA difference to random attacks. But if for some reason somebody attempts to specifically target you, then it probably is a little less safe. __________________ Successful trades: eyusuf, andy8, stuartl, michaeliam, theDarkHorse, bob

23rd July 2008, 8:55 PM	#6
stalin (Taking a Break) Join Date: Jun 2001 Location: On the move Posts: 4,584	The only place where a dynamic IP provides additional benfits over static is with a targetted attack. If someone wants to attack YOU, and not just your IP, having a static IP will allow them to chip away at your defenses for an extended time, or to wait until your slow on your patches etc etc. With a Dynamic IP in that situation, they have to find you each time. there are a number of relatively simple methods to do this, but it is another layer of 'defense'. Having said that, personalised attacks are very rare compared to SK's so I would not consider it a plausible negative of a Dynamic IP.

24th July 2008, 10:21 AM	#9
Doc-of-FC Member Join Date: Aug 2001 Location: Canberra Posts: 2,539	back to the OP's question: - Is it unsafe having the same IP address? Are you more susceptible to internet attacks? no its not unsafe, its just as safe as having a dynamic ip, an IP address is an IP address. regardless of lease time. are you more susceptible to internet attacks, not really. if you're going to be running a high profile website, do you really want this on a dynamic IP? last time i checked, you will constantly get bombarded with random rogue RPC /DCOM / IIS / apache attacks on static and dynamic IP's. so are you less safe, no are you more safe, no are you safer to shutdown your internet facing connection than wondering which of the two above ip address lease times are safer, yes. static IP's usually are a good thing, it stops people trolling forums / IRC / most things where you can be IP banned. although they are painful when when you prove someone wrong on efnet and they launch a DDOS attack against you.