Hide isp ip

doomsday · Feb 14, 2010, 8:49 PM

what i want to know is how to have pfsense to hide the giveing ip from the isp i got verizon and i want to hide the internet ip givein by the isp to the routher they gave me.

so this is how its set up now router>internet>pc>internet>router

this is want i want pfsense>routher from isp>internet>pc>internet>pfsense

i this so when you go to like ipchicken and it show your ip it wont show the isp giveing ip in this wont get info of your town and city and state and stuff

jahonix · Feb 15, 2010, 9:28 AM

How is this supposed to work?
The IP you get from your ISP is your address onthe internet, so to say.
To change that you would have to spoof something in front of that - and that is at your ISP's site or further down the route.

The only thing that could be done is to use some kind of external anonymiser/proxy you're surfing through.

Cry Havok · Feb 15, 2010, 1:46 PM

Short version - you can't hide on the Internet.

You could route, as jahonix said, all your traffic (or just your chosen traffic, but that's more risky) through some form of proxy or anonymiser (such as tor). However if you use a single proxy or anonymiser then the owners of that will know exactly who you are and where you're going. Only with something as distributed as tor have you any chance of hiding, and even then there are no shortage of ways for you to be tracked.

doomsday · Feb 15, 2010, 3:35 PM

is it not the job of the firewall to keep the bad and good people out of your network so there forth there have to be a way to put the ip given from the isp behind pfsense to give a fake address

now if you use the gateway the ip that is given by the isp in to pfsense and use that for your gateway you cant get online even

but they give you two diff ip's this is from verizon my ips i have a internet ip and interget gatway ip can i use one of them to plug in to pfsense for my gateway and will pfsense then let me online if i use one from the ips cuz right now my gateway tho pfsense is 192.168.1.3

Cry Havok · Feb 15, 2010, 5:56 PM

I am afraid that your post is hard to understand. However, two comments:

The job of the firewall is to apply the policies you write. Nothing more. It can't tell the difference between "good" and "bad" people, only packets that it should pass and those it shouldn't.
You can't use a "fake address" to connect to the Internet. Think of it like giving everybody a fake phone number because you don't want them to know your real phone number. How are they supposed to call you? Or giving your friends a fake address then being surprised when they don't come to your party.

If you're worried then read up on Tor and once you understand what it can, and can't, do for you decide if it helps you resolve your concerns. It doesn't magically stop you being tracked though, just means that people can't trivially identify your IP address.

doomsday · Feb 15, 2010, 8:27 PM

yes i know all this. but there have to be a way to lock down pfsense

Cry Havok · Feb 15, 2010, 9:30 PM

If by "lock down" you mean "secure everything on the network" you're missing the point.

The firewall is just one part of the security jigsaw. As well as firewall policies that only allow the traffic inbound you require you need to:

Implement application layer proxies or relays (eg, Squid, EMail server, DNS server etc) so that the relevant outbound traffic content is under your control
Limit outbound traffic to only those ports that you require - if you've implemented application layer proxies then there may be no outbound ports required
Patch all your systems
Keep all the software (including browser plugins) updated
Install, and keep updated, anti-malware products on all computers
Consider firewalls on all desktops to manage outbound connections

Firewalls know nothing about content, just ports IP addresses and (network) protocols. They aren't a magic solution you can push buttons on and secure networks.

doomsday · Feb 16, 2010, 3:54 AM

i'm running vmpfsense and vmsmoothwall both are hooked in to my two nic's with both gateways and ip's for both vm's in the advance tab in network settings. i know theres a way but dont know how to. to make the vmsmoothwall kick in when if some one is apple to knoke out the vmpfsense. how would you set that up or is it jut fine to run both right off the nic's

Cry Havok · Feb 16, 2010, 7:39 AM

Unfortunately your posts are still very hard to understand - what do you mean by "make the vmsmoothwall kick in" and "some one is apple"? If English isn't your native language then I'd suggest you try a forum with a language you're more experienced with.

Can you provide a picture showing how the logical connectivity works and simply and clearly what you are trying to achieve.

doomsday · Feb 24, 2010, 4:38 AM

man your an god damn idiot you know that do you just respond cuz you feel like it or cuz your that big of a moron

Cry Havok · Feb 24, 2010, 6:56 AM

I'm trying to help you, but your posts are hard to understand (hint, how many other people are posting in this thread). If you feel like being abusive rather than trying to work with me then I'm happy to not help you.

cmb · Feb 24, 2010, 7:28 AM

Congrats doomsday, you've gotten yourself banned. It's rather obvious you have absolutely no idea what you're talking about, and not the slightest clue about networking. Then you attack someone who is trying to help you and clearly knows what he's doing from his 1400+ posts here.