Page 3 of 11
Posted: Wed 08 Jan 2014, 20:58
by mavrothal
greengeek wrote:Also...I'm probably blind, but I cannot see any response that has provided a justification for a connection with Nugget enterprises - which as far as I can see is nothing at all to do with icanhazip.
Did I miss something? Why is my PC connecting to Nugget enterprises?
First of all your PC is
not connected to Nugget enterprises (or to icanhazip.com or anything else if you do not have initiated a web/ftp/etc connection)
type
Code: Select all
netstat -an | grep -E 'ESTABLISHED|CONNECTED'
in the terminal and look for tcp/udp (not "unix") connections to verify it.
The address that you see, and usually has the FIN/TIME_WAIT1/2 status, is the remote server (wait/)closing the connection that ipinfo initiated to find your external IP.
See image
Now why Nugget enterprises when we ask our IP frm icanhazip.com?
icanhazip.com has IP 216.69.252.100. The site is hosted in charlie.colo.mhtx.net that has a range of 9 IP and charlie.colo.mhtx.net is hosted in Nugget Enterprises, Inc that has all the IPs from 216.69.252.0 to 216.69.252.255.
When a site is hosted in a cluster, although receive requests at a specific IP, can service these requests from any IP of the cluster, depending on the topology of the system.
What you actually see is the IP from the remote cluster that icanhazip.com is hosted on, that is closing the connection.
I hope that's clear enough.
Edit: Add connection close states image
Posted: Wed 08 Jan 2014, 21:40
by greengeek
Thanks mavrothal, the clarification is much appreciated.
Posted: Fri 10 Jan 2014, 00:30
by gcmartin
anikin wrote: ... This discussion has nothing to do with ....
In your words, please explain what this thread opened as? Please. Help us understand, in summary, how you see this thread's subject and its opening thread. And should you consider open ports via a LAN card as having nothing to do with any of what is asked, please share it for me. Thanks.
Please articulate clearly as you seem to have a better idea.
Posted: Fri 10 Jan 2014, 01:33
by 01micko
Well raffy can't host the file.. that's ok.
Try this.
Posted: Fri 10 Jan 2014, 02:45
by perdido
01micko wrote:Well raffy can't host the file.. that's ok.
Try this.
That's perfect. Clears up the question of what icanhazip.com is doing and gives the option of allowing it for ip lookup.
Thanks
Another solution addressing concern to web connect ID issue
Posted: Fri 10 Jan 2014, 04:55
by gcmartin
Thank @01Micko. A thought-thru option. Thanks
Posted: Fri 10 Jan 2014, 04:57
by mavrothal
01micko wrote:
Try this.
"Check to allow external IP from icanhazip.com" can be misleading if you have not followed this and similar threads.
"Check to find your external IP through icanhazip.com" is more accurate I believe.
Posted: Fri 10 Jan 2014, 05:07
by gcmartin
@Mavrothal, agreed.
But, I wonder, too, is the mentioning of the site important. What may be more important is the Web IP address report and NOT the site that assist.
Just an idea.
Posted: Fri 10 Jan 2014, 05:33
by 01micko
Any more transparent now and we risk breaking under the strain..
Posted: Fri 10 Jan 2014, 06:01
by James C
01micko wrote:Any more transparent now and we risk breaking under the strain..
How about Networking 101 for those that just don't get it.........?
Posted: Fri 10 Jan 2014, 06:11
by mavrothal
01micko wrote:Any more transparent now and we risk breaking under the strain..
True but I do not think that this 3-year+ functionality should be removed in the defaults.
What about
"Check to block finding your external IP from icanhazip.com"
and
Code: Select all
[ -f $HOME/.ipinfo ] && . $HOME/.ipinfo || CB0=true
Posted: Fri 10 Jan 2014, 06:17
by 01micko
@mavrothal, I don't get the hysteria either.. FFS they use Google!
Posted: Fri 10 Jan 2014, 06:22
by James C
01micko wrote:@mavrothal, I don't get the hysteria either.. FFS they use Google!
Speaking of.......
http://www.washingtonpost.com/blogs/the ... r-hacking/
Posted: Fri 10 Jan 2014, 06:34
by 01micko
Anyway, I do use google with a touch of contempt! I consider them linux "rapists"
but sometimes it's handy for my own reasons. Self preservation is at the top of my list so I use sparingly.
Ah.. right now I have better things to do.. k3.10.26 and k3.12.7 have just been released!
Posted: Fri 10 Jan 2014, 06:40
by greengeek
mavrothal wrote:"Check to allow external IP from icanhazip.com" can be misleading if you have not followed this and similar threads.
"Check to find your external IP through icanhazip.com" is more accurate I believe.
I don't understand the responses here. It looks like you guys are seeing some sort of xdialog that is not coming up on my system. I installed mick's updated ipinfo script and now have a clean "staistics" tab in ipinfo (which is excellent - thanks mick), but not any of the interactive stuff that others appear to be reporting. Could someone post a screenshot of what I seem to be missing please? Ta.
Posted: Fri 10 Jan 2014, 06:44
by mavrothal
In addition, they have hacked the tor network, they have backdoors for the encryption algorithms, they develop quantum computers that can brake encryption in minutes instead of years and we are discussing if you should ping (or the equivalent) a site...
The only things that "saves" us for now is that the current processing capacity can not process more than 5% of the data, but if you are targeted you better use pigeons
Posted: Fri 10 Jan 2014, 06:51
by greengeek
James C wrote:How about Networking 101 for those that just don't get it.........?
I think it should be up to the user to decide when and why any internet connections are made. Imagine you have 20 cents credit left on your Android wifi hotspot (which I use regularly) and want to send an email to your kids to tell them how to start the car they are having trouble with so they can get to hospital. Then imagine the email wont go through because you just went over your data quota because of connections you didn't want.
It is amazing how much I can get done via puppy and Android 3G wifi compared to what I can get done with Windows (which would be busily consuming ALL of my credit doing its system updates and antivirus updates). Honestly, with Windows you cannot realistically get ANYTHING done via dialup or android/hotspot 3G wifi.
I'd hate to see puppy lose even a tiny fraction of it's productivity by starting to allow unseen connections (yes I understand that the ipinfo link wasn't costing much, but it is the principle of the thing...).
With the new ipinfo I feel happy that not one single cent of precious bandwidth is being lost till I start my browser. That makes me happy.
Now if I can only stop my browser from making the ridiculous number of unneeded bandwidth_wasting connections it seems to make that will be the next step....
Posted: Fri 10 Jan 2014, 07:52
by mavrothal
greengeek wrote:
I think it should be up to the user to decide when and why any internet connections are made. Imagine you have 20 cents credit left on your Android wifi hotspot (which I use regularly) and want to send an email to your kids to tell them how to start the car they are having trouble with so they can get to hospital. Then imagine the email wont go through because you just went over your data quota because of connections you didn't want.
Wouldn't you rather call when hospital is involved
Regarding bandwidth is under 2KB (the equivalent of "turn the key" in your mail)
Regarding user decision is still there. The question is, should this functionality be removed from the defaults?
Posted: Fri 10 Jan 2014, 09:37
by gcmartin
Hi @Greengeek. I had not thought that there was any data enormity to be the case as the practice in only few bytes of hex. In comparison to what we all do in single browser activity, the practice doesn't even measure on the radar screen in comparison to say a browser webpage to your favorite site. (this is true even if you use a text browser with today's websites)
Question
Could you show us how many bytes you are seeing/believe has been consumed by the PUP's deterministic practice of WAN presence?
Anything to help us better understand your findings would be a benefit.
I'm really trying to understand this as is shared.
Posted: Fri 10 Jan 2014, 10:19
by anikin
gcmartin wrote:anikin wrote: ... This discussion has nothing to do with ....
In your words, please explain what this thread opened as? Please. Help us understand, in summary, how you see this thread's subject and its opening thread. And should you consider open ports via a LAN card as having nothing to do with any of what is asked, please share it for me. Thanks.
Please articulate clearly as you seem to have a better idea.
gcmartin,
Please, go through this thread once again. By the time you started trolling, the discussion was (and still is) about one and only one important matter - getting rid of the unneeded "feature". That is, taking a responsible and long overdue decision. Call it an ideological/political/moral decision. Try to view it through the slogan attached to your posts :/ But please, do not obfuscate the matter by pointless, illiterate and vague chanting about ports and protocols. They are absolutely irrelevant to the issue. Which, BTW has been dragging on for at least 3 years now, and has been identified, discussed and swept under the carpet in about a half dozen threads. I urge you not to get active, but get patient instead. Let's hold our breath and pray for the big boys to do the right thing. There's a glimmer of hope - they are about to flinch ... I can feel it.