I want to manually change my visible IP in Vidalia, not automatically every x minutes. How to do that in Windows or Linux?
Basically this is not possible directly in Vidalia. Tor is designed in a way that your public facing IP address will change approximately at every ten minutes. However there are some »hacks« which might work.
Vidalia allows you to choose a »new identity«. When you click on that button you'll probably get a new public facing IP address (exit relay in Tor terms). So you can change the IP address within the ten minute period.
However if you want to keep the IP for a longer amount of time for a specific site (say for stackoverflow.com), you have to fiddle around with the torrc. You can insert the following line:
TrackHostExits stackoverflow.com
Now Tor will try to use the same exit IP address for a 30 minute period. The option TrackHostExitsExpire allows you to change the time frame. By default it is set to 1800 (seconds).
Another useful option is ExitNodes. When you enter this into the torrc together with a fingerprint or name of one single Tor exit, Tor will only use this as exit. So your visible IP address will not change as long as you don't change that value and restart Tor. However you should avoid using only one or few exits because this might degrade your anonymity.
As mentioned in the earlier post tor stops using circuits after ten minutes (see this faq entry for more information). This is configurable through the MaxCircuitDirtiness option in your torrc so if set this to, say, years tor will effectively never cycle your circuits.
Be aware that this can be risky for your anonymity! Tor cycles your circuits periodically for your protection and messing with this can make you stand out from other tor users.
Hope this helps! -Damian
Related
I'm trying to get the visitor's country code from Cloudflare through the header HTTP_CF_IPCOUNTRY.
When I use this, I receive the correct country code I am visiting the site from, although this code can change at times.
For example; my country code is supposed to be LK which is shown correctly throughout my site for majority of a session, but sometimes if I navigate to a subpage, open the site in incognito / different browser, change network connections or view from another machine, the code may change, sometimes I get a different code for each page I visit.
There is no pattern to the country code changing hence why I use the word "sometimes" and seems to be random.
I'm not using any proxies or VPNs on top of my internet connection, and my IP remains the same whenever the issue arises.
Does anyone have to faintest idea as to why these codes might be changing?
The entire technical foundation for geolocation-by-IP is fairly weak and not a precise science. It's just based on large data accumulations, and all large data accumulations have some margin of error. It's entirely possible you're on an ISP which may sometimes route requests through one IP internally and sometimes through another, and that one IP is associated with one country but the other happens to be associated with another country in that large database, rightly or wrongly. Or any number of other factors why CloudFlare may see your request coming from one IP or another at times, and/or why that IP may be listed as one country or another in their database. Maybe the IP changed recently, and that updated database hasn't been rolled out to all of CloudFlare's edge servers yet, and sometimes you're hitting a server with an outdated geo-IP database.
You've just found an edge case that flipflops because… reasons.
Chromebooks at a certain facility will not work with static IPs, and they have reserved IP addresses, but for some odd reason they will not grab those from the DCHP server. By toggling Configure IP address automatically off for a few seconds and back on, the Chromebook gets its reserved IP and works fine. In about 6-8 months we will be changing the entire network and resolving this issue, but in the meantime if I could create a shortcut method for the end users to be able to do this easily it would be a big stone out of my shoe...
I had forgotten I posted this. In order to resolve the issue, I did use "code" and "programming" to create a script that would do what I described above. So, it wasn't a networking question, it was a programming question.
Background
Been having a lot if issues with this problem. Randomly PC won't connect to NAS for apparently no reason at all, while others it works. I read tonne of posts about various fixes, some worked sometimes, some didn't, but lately none did. Restarting PC, NAS, or router didn't work, nor did changing settings, checking firewall, antivirus, etc.. Finally I managed to figure it out.
Our nas allow us to make a network name to access it by, like \\MyServer, but sometimes when power goes out, or we have to restart router, this address won't work because the server's local IP had changed, and the address was still cached on our computer to the old one.
The reason can be one of many. In my case, it was none that I could find common answers to.
TL;DR
I randomly can't connect to my NAS via \\MyServer or it's IP \\10.0.0.3, but other PC's can.
I suggest using Synology Assistant. This will find the NAS on the network if it is physically in range.
Then I highly recommend to use a fix IP address for the NAS. It is no good idea having servers with DHCP...
Reason (in my specific case)
Sometimes the PC would only connect to the NAS via IPv6 (almost feel like it does it on a whim), IPv4 won't work at all. That or the old IP is cached on your system.
IPv4 looks something like one of these: 10.0.0.5, 172.16.0.2, or 192.168.0.0
IPv6 looks something like: fe80::842a:a43d:3123:1332
Quick fix attempt first
First, just try opening command prompt and enter ipconfig /flushdns, then try to connect to your usual \\MyServer address, see if that works now.
Didn't work?
What you can try is to see if you can connect via its IPv6 — but first you need to somehow obtain it.
Step 1 In command prompt, type ping MyServer (replaced with whatever name you have), and it see if it manages to ping it. If it does, it will resolve the IP and show an IPv6. If it shows IPv4 or can't connect at all, see further down.
Step 2 Locate the IPv6 at the top, remove % and number after.
Step 3 Replace : with -. Note doubles if you have that: :: with --.
Step 4 Prefix the usual \\ at the start, and add .ipv6-literal.net at the end. Now try to connect to the server using that. With the IPv6 example above, it'd be something like: \\fe80--842a-a43d-3123-1332.ipv6-literal.net
Ping shows IPv4?
Try to ping with one of the other computers, or if you are able to, login to the web dashboard or equivalent on one of those computers, and see if you can find any information about the server's IP's, with goal of finding its IPv6.
Once found, do steps above.
Done!
Other stuff:
IPv6 in browser — remove the % and number, put IP inside brackets [] and then connect. Example: http://[fe80::842a:a43d:3123:1332].
Creating alias of the weird IPv6:
Step 1 Right click Notepad, and open as Administrator
Step 2 Go to File → Open, change the dropdown above 'open' from Textfiles (*.txt) to All files (*.*).
Step 3 Locate the hosts file, located at C:\C:\Windows\System32\drivers\etc\ and open
Step 4 At the bottom, write the IPv6 with the colons AND the %##, then a space, then the alias you want it to use (case insensitive). Example: fe80::842a:a43d:3123:1332%15 MyAlias and save. You should now be able to use \\MyAlias to connect to it.
NOTE The %## number is unique to each computer. E.g. your computer gets %15, the next get %7. The rest of the IP is identical. To get the %## number of a different PC, write ipconfig in its command prompt. It should list its own IPv6 with its appended %## at the end.
Another note: If you need to change an IP in the hosts file of an IP that no longer work, you also need to use ipconfig /flushdns again.
I have a network of computers connected in form of a graph.
I want to ping from one computer(A) to another computer(B). A and B are connected to each other through many different ways, but I want to PING via only a particular edges only. I have the information of the edges to be followed during pinging available at both A and B.
How should I do this?
You could source route the ping but the return would choose its own path.
Furthermore, source-routed packets are often filtered due to security concerns. (Not always, they are useful and sometimes even required at edge routers.)
If the machines are under your local administrative control, then you could ensure that source-routed packets are permitted. As long as you are able to start a daemon on machine B, you could also easily enough design your own ping protocol that generates source-routed echo returns.
Well, this is actually done by routing protocols that are configured on the media in between the computers (routers I expect). I think there isn't a way where you can say "use that specific route". The routers have different protocols (OSPF, EIGRP, RIPv2) and they do the load balancing. The only way you would be sure of one specific route is to use static routing, but this isn't dynamically done where your computer decides the route.
This is normal because :
if you would be able to chose a route, DoS would be quite easy to do to kill one route.
The application I'm currently working on requires three ports to be opened. At the moment these are 5024 through 5026 but on reading around I discovered that these lie in the ICANN registered range (i.e. ports < 49151).
Is there any need for me to inform any organisation that I plan to use these ports if it's within a local network only or can I just go ahead and use them?
You can just go ahead and use them. The only way you'd need to notify ICANN is if you were going to have a significant number of clients using those ports in general use; in that case, you would want to try to register the application with the port to prevent potential collisions with other applications using those ports.
How big of a project is it? If there are more than a few thousand internet-exposed users, you may want to investigate informing them somehow. If its on a closed LAN of any size, it doesn't matter at all.
the language in the relevant RFC is that applications SHOULD NOT use unregistered ports. Nobody's going to sue you if you use them; the only issue you'll get is that if someone else decides to (1) use the same port (2) not register it, you'll confuse the heck out of each other. As McWafflestix says, you can go ahead and use them.