[Q] Ip address switches between tmobil and DoD - T-Mobile Samsung Galaxy Note 3

So no to long ago I decided I would check the my phone's ip address and came across some questionable stuff. Here's my question:
1) How is it that my phone's ip address can change from being registered to tmobil on a 100.x.x.x address to sporadically being registered on DoD 30.x.x.x address?
2) How can it still happen even after I installed android firewall?
Conditions are always the same. I don't download any shady anything's. I pay for my rhapsody account and that's as far as my file sharing goes. I never have my WiFi enabled.
Any ideas or let me know what info you'd need to better access the situation. Thanks.

Without knowing what the allocated ip address really was, there it's really no way of knowing who the current owner of the block is, many blocks are relocated and may no longer be with who they used to be with, especially ipv4 blocks.
Not sure what android firewall would have to due with what the remote ip you are being allocated to with your dhcp network connection.
You should have no real control over what your network connection is given when you connect, other than possible controlling ipv6 vs ipv4.

krelvinaz said:
Without knowing what the allocated ip address really was, there it's really no way of knowing who the current owner of the block is, many blocks are relocated and may no longer be with who they used to be with, especially ipv4 blocks.
Not sure what android firewall would have to due with what the remote ip you are being allocated to with your dhcp network connection.
You should have no real control over what your network connection is given when you connect, other than possible controlling ipv6 vs ipv4.
Click to expand...
Click to collapse
So does this help? the firewall lets me know that even though I have set it up to refuse the block of addresses in which in resides, they're still connection to my phone.
Not sure I'm understanding you anyway. You telling me they temporarily relocate my up because they re no longer with.... yet after a few minutes , sometimes hours, I'm right back to the same ip?

What he was saying I believe is that the IPv4 allocations have been changing do to the available IP address blocks running thin. Companies were encouraged to give up IP blocks that they weren't actually using. In simple terms, a company might have originally owned a block of 100,000 IPs but never actually used more than 50,000. So they gave back a block of 50,000 so another company(s) could use them instead.

I don't believe the IP address' are static on a carrier. I'm not sure but each time you connect to the carrier network (no signal or airplane mode) you could be giving a fresh IP address. Also that is certainly the case if you are on a WiFi network. Unless you phone was set up as a static connection, you would likely receive a new lease on an IP address.

Found this which sounds similar to what you are seeing.
https://blog.wireshark.org/2010/04/t-mobile-clever-or-insane/

chipworkz said:
Found this which sounds similar to what you are seeing.
https://blog.wireshark.org/2010/04/t-mobile-clever-or-insane/
Click to expand...
Click to collapse
Exactly. Internal allocate IP's are normally Natt'd and not actuall the IP you show up on the Internet as.
When you connect to your provider for Network (not using WiFi), the provider (most likely T-Mobile) will allocate an IP to you via DHCP. That IP is what your phone uses to talk to the provider. It most likely is NOT what you look like when you hit the Internet though, that will most likely be a different IP because TMobile is most likely not providing you with an Internet routable IP.
So, right now, I turned off WiFi and I got the IP 100.143.28.84. When my phone touches the Internet though, it shows up as 206.29.182.169.
So at that point in time, my phone is using 100.143.28.84 to get to T-Mobile's network and the Internet sees my phone as 206.29.182.169. the outside IP is in TMobiles published block. And why the internal IP is also, it really doesn't matter what it is because that is not what your phone looks like when it gets to the Internet.
It is possible in your area there are different networks available internally that are given to you when you connect depending on where you physically are and what towers you are closest to. At some times you get the 100.x network and you might even get the same IP as before because of a lease of that IP to your device, but then you move to a slightly different area which is handing out 30.x addresses. All perfectly normal. and the internal IP's really don't matter much.
You can use a search of Whats My IP to see what the Internet thinks your IP is when you get there.
With some providers (Verizon for example) if you are using ipv6, you will always get a non-routable IP, meaning that if you figure out your Internet IP, an outside connection may not get back to you unless your device initiated the connection, but if you use ipv4, they gave you a temp IP that would end up with a routable IP back. You could then use that to connect to your phone using something like VNC or other service. Now days, that is much more likely not the case unless you are paying for that special IP service. I don't know if Tmobile offers that type of service, but Verizon did at least a year or two ago.
In anycase, you firewall shouldn't matter unless you don't want to access your providers network.

In lamens terms I think he's talking about an internel subnet mask

chipworkz said:
Found this which sounds similar to what you are seeing.
https://blog.wireshark.org/2010/04/t-mobile-clever-or-insane/
Click to expand...
Click to collapse
That was a very interesting article. If the author's theory is correct, T-mobile was playing some cute and dangerous IP games in 2010.

Related

[Q] Change device id for wifi?

My wife and I both have evo's. When at home on wifi my netgear wgr614v7 router seems to have issues connecting both properly. It seems to be a device name problem. Both phones have the same name, different mac addresses but the router us giving them both the same ip address. I have setup static routes to each phone, which helps get different ip's, but I'm still having connection problems with one phone when both are being used.
Is there a way to change the name that my evo broadcasts to my router?
Hers is stock and I am using Fresh's rom.
travlincablguy said:
I have setup static routes to each phone, which helps get different ip's
Click to expand...
Click to collapse
They will anyway get different IP's (I'm talking about private IP 192.168.*.*), for device id maybe someone can edit that in .wireless tether .apk for you because as far I can see that part is kind of integrated and hidden inside.
I am not using the tether function. The static route I setup ensures that every time my evo with it's mac address ending in :d2 always gets 192.168.0.6, Heather's phone is always .3.
Thanks for your input, but I don't think you understood what I was asking.
travlincablguy said:
My wife and I both have evo's. When at home on wifi my netgear wgr614v7 router seems to have issues connecting both properly. It seems to be a device name problem. Both phones have the same name, different mac addresses but the router us giving them both the same ip address. I have setup static routes to each phone, which helps get different ip's, but I'm still having connection problems with one phone when both are being used.
Is there a way to change the name that my evo broadcasts to my router?
Hers is stock and I am using Fresh's rom.
Click to expand...
Click to collapse
I'm thinking you could change the device name in the build.prop in the system folder.
Ahhah, thank you sir, I will look into that.
Edit: after looking threw build.prop I could not find the device id. Which is a bummer. I finally talked my wife out of her iphone and she is now a bit pissy about not being able to use the internet at the same time. No 3 or 4g service at the house either. We have to use an airrave to talk on the phone.
What's the device name in your router?
Also, FWIW, your router shouldn't have any problems with two different MAC addresses connecting. DHCP ID is irrelevant. It sounds more like your problem is a bad router, you're on the edge of its range, or there's something deeper wrong (ie, some other piece of network hardware). As far as I know, you can't change the DHCP Client ID on the phone. It's always been android_(sting of letters/numbers) for me, and it correlates with the Exchange device ID (if you use an Exchange account).
That is the id that shows up. I am thinking the router needs to go. I cannot live without any of the devices that I have connected to it. I do appreciate your insight.
Heh, you good sir are in luck:
http://review.cyanogenmod.com/#change,2164
http://review.cyanogenmod.com/#change,2165
CyanogenMod 7 ('unno about 6) just got a feature to let you change the DHCP client ID.

MAC Address Changing with every Reset?

Just updated my HD7 to the update with internet sharing. After this, I can confirm that every time I reboot my phone, I get a new mac address. Which prevents me from connecting to my MAC-address-filtered wifi. I've done it 6 times and gotten 6 unique MAC addresses.
Does this happen to anyone else's phone? HD7 specific? or all phones with internet sharing? My internet sharing is turned off.
That's strange, I've never heard of a device with a dynamic MAC address before. Does your phone have one printed under the battery?
Nope, just IMEI, SN and PN. No MAC address.
This must be related in internet sharing somehow.
silvertonesx24 said:
Does this happen to anyone else's phone? HD7 specific? or all phones with internet sharing? My internet sharing is turned off.
Click to expand...
Click to collapse
I can confirm this on my HD7.
MAC changes on every reboot.
I confirm too,i have the issue of mac adress changing every reboot
& my wifi is not visible since the update,My wifi is N and i can only see wifi G near me but not mine
hi
for me too : mac adress change after shutdown.
for time don't shutdown the phone to have same mac adress with my internet box.
htc support tell me that they will answer on monday.
but i think it's a big problem with this update...
Ben
That's a bit strange. Normally you can't change MAC's for yourself, only spoofing is possible. If WP is really changing the MAC adress with every reboot, WP needs a valid MAC adress block licensed from IEEE, otherwise it would be a violation against IEEE.
I thought mac address we're never aloud to change!?
Lol that's illegal as all hell, a dynamic mac address
Gotta be a glitch in the firmware surely? No way that's allowed. Your definitely sure it's not a dynamic IP address you're seeing?
Sent from my SGH-i917 using Board Express
ive also asked this question a couple of days ago right after applying the htc internet sharing update. and ive posted my question here (entry #38) and people provided good answers about it. hope this helps
Yes, mine also changes it's only when i read this thread and test my hd7 and i notice the changes.But I S is a breeze.
The issue is that some people assign static IPs to devices on their home networks, and this is done in most routers via MAC address coupling (MAC a always gets IP z and so forth). That way you can simply block all devices you and people in the residence do not own. I do it on all my machines for development reasons, cause I like knowing I can always use x IP address to get at a certain machine even if I turn it off or it's down for a while for repairs. The IP never changes as long as I continue to use that specific network card in the computer.
I don't know why they would do that. Perhaps for security reasons?
I have the same problem - cannot connect to my University WiFi network as the MAC address keeps on changing....
This is crazy!
They better get on that quick! They could get in a lot of **** for that
putting aside the weird WP7 behaviour for the moment...
MAC filtering is useless as a security measure. It's trivially spoofable by anyone who actually wants to attack your network, and causes a pain in the arse for yourself. do yourself a favour and disable it already. the only thing it might be good for is router-side internet access control of your technically challenged 8 year old who doesn't know how to use google.
just use a strong password i.e. 20+ characters alpha (upper & lower) + numeric + special characters, and proper wireless security (WPA-2 AES, or at least WPA AES) and you'll be just fine.
Confirming
That update was a bag full of $$$$ !Luckly I was able to restore through Zune,but my Bootloader (SPL) was also updated to 5.01 and no way of going back!
With regards to the missing WiFi network - make sure it's not using Channel 13. The new update seems to disable the use of Channel 13 for some reason.
There is also another issue with the changing MAC's - I believe that some "public" WiFi networks such as the cloud use the MAC to remember your device and allow it to connect...
primexx said:
putting aside the weird WP7 behaviour for the moment...
MAC filtering is useless as a security measure. It's trivially spoofable by anyone who actually wants to attack your network, and causes a pain in the arse for yourself. do yourself a favour and disable it already. the only thing it might be good for is router-side internet access control of your technically challenged 8 year old who doesn't know how to use google.
just use a strong password i.e. 20+ characters alpha (upper & lower) + numeric + special characters, and proper wireless security (WPA-2 AES, or at least WPA AES) and you'll be just fine.
Click to expand...
Click to collapse
Mac filtering is not useless as a security measure. It's not used by itself. It's used in conjunction with other methods, the same way businesses also hide their wireless network's SSID.
I'm not filtering on an Open Connection. That would be retarded.
Seriously...
GrahamWager said:
With regards to the missing WiFi network - make sure it's not using Channel 13. The new update seems to disable the use of Channel 13 for some reason.
There is also another issue with the changing MAC's - I believe that some "public" WiFi networks such as the cloud use the MAC to remember your device and allow it to connect...
Click to expand...
Click to collapse
im not sure though but im guessing so does other apps with secured log in parameters. i do have the bank of america app. right after i did the update, and after inluding the new mac to my networks allowed list of mac addresses, the boa app again posted a message saying that the device where im accessing boa has not been used previously to access the account. so im guessing that it saves all the mac addresses of devices that accessed a boa account.

MAC Address

Greetings...I'm trying to determine the MAC address of my HTC TP2's 3G radio. I am setting up a firewall rule to only alow a specific MAC address to pass for specific services. Any ideas as to how to determine the MAC address of the internal radio?
Thanks,
Chris
chrisb009 said:
Greetings...I'm trying to determine the MAC address of my HTC TP2's 3G radio. I am setting up a firewall rule to only alow a specific MAC address to pass for specific services. Any ideas as to how to determine the MAC address of the internal radio?
Thanks,
Chris
Click to expand...
Click to collapse
MAC of the 3g radio...? Certainly you mean the wlan radio.
When I enable wifi in WinMo, there's an "advanced" button at the bottom. Then choose wi-fi info, IP and MAC.
Response....
Not the WiFi radio...the 3g radio as I need access outside my network through a UTM. I guess the first question should have been, is there a MAC associated with the 3g radio?
Thanks,
Chris
chrisb009 said:
Not the WiFi radio...the 3g radio as I need access outside my network through a UTM. I guess the first question should have been, is there a MAC associated with the 3g radio?
Thanks,
Chris
Click to expand...
Click to collapse
Odd.
I'd guess there is, but I've never heard of anyone caring about it lol. IP probably wouldn't work so well either, what about hostname or smth else?
What if you lose your phone?
I'll see what I can dig up.
Edit - wait... if your packets are going thru a layer-3 router (which undoubtedly they are at some point) the MAC will be lost. So this won't work at all, even if you did find the MAC of your phone.
Response...
I couldn't find anything through searches....The IP would be of a dynamic nature so I couldn't use it however the thought about a host name is an idea. I'll have to inspect the packets to determine if a host name is present. On my inital inspection I captured a MAC however that MAC seems to be dynamic and did change a few times using one of two MAC'S thoughout the capture. Also...during the capture I captured IPv6 MAC's....not IPv4. I'm just wondering if the CDMA network assigns a dynamic MAC instead of using a hardware based MAC? I would find this highly unlikely however it could be a possibility.
Thanks,
Chris
chrisb009 said:
I couldn't find anything through searches....The IP would be of a dynamic nature so I couldn't use it however the thought about a host name is an idea. I'll have to inspect the packets to determine if a host name is present. On my inital inspection I captured a MAC however that MAC seems to be dynamic and did change a few times using one of two MAC'S thoughout the capture. Also...during the capture I captured IPv6 MAC's....not IPv4. I'm just wondering if the CDMA network assigns a dynamic MAC instead of using a hardware based MAC? I would find this highly unlikely however it could be a possibility.
Thanks,
Chris
Click to expand...
Click to collapse
Please read my edit about layer-3 routers. I'm having this same problem at work, in relation to sniffing VoIP RTP streams passively. When crossing a layer-3 router/switch, the MAC is lost in transit.
Response...
I believe I finally nailed down the actual MAC address. My packet monitor was set for the monitoring a different port on the switch.....should have been set for X1 instead of X0. I'll make the changes to the firewall and all should be good. This exercise is for a handheld utilizing a SIP client tied into my VoIP server....I only allow specific SIP clients to access my VoIP server....helps prevent hacking and unauthorized phone use.
Thanks,
Chris
Response...
I'll report back my findings after I make the configuration changes.....I am assuming this will work as I already have this in place for all SIP providers currently in use.
Thanks,
Chris
Findings....
Ok...one small detail I forgot.....is that MAC addresses change with each hop. With that being said.....the only way to "filter" incoming packets is to filter by IP address. I currently filter all SIP related protocols by carrier/provider IP address. Now this creates an issue due to the fact handhelds outside of the network will have dynamic IP's assigned by the cellular carrier. I'll have to continue to research this....I believe the only work around might be a VPN tunnel originating from the handheld into the network.
Thanks,
Chris
chrisb009 said:
Ok...one small detail I forgot.....is that MAC addresses change with each hop. With that being said.....the only way to "filter" incoming packets is to filter by IP address. I currently filter all SIP related protocols by carrier/provider IP address. Now this creates an issue due to the fact handhelds outside of the network will have dynamic IP's assigned by the cellular carrier. I'll have to continue to research this....I believe the only work around might be a VPN tunnel originating from the handheld into the network.
Thanks,
Chris
Click to expand...
Click to collapse
That's what I told you, twice now...
Actually..
You mentioned loosing the MAC address across a layer 3 router....the MAC address is lost across any router regardless of it's layer capability thus I will implement a different solution.
Chris
chrisb009 said:
You mentioned loosing the MAC address across a layer 3 router....the MAC address is lost across any router regardless of it's layer capability thus I will implement a different solution.
Chris
Click to expand...
Click to collapse
What router operates only at the layer-2 level? lol.

[Q] Cannot connect to freeDNS.org Subdomain

I have used freeDNS.org to access my computer via a domain (mydomain.com forwards to my computer IP address).
This works well with my Samsung Vibrant and my wife's Samsung Exhibit II, but when I try to connect with my Galaxy Nexus the gateway times out. I can connect directly to my IP address, but not the domain I have set up.
Any ideas?
Download the Net Status app
https://play.google.com/store/apps/details?id=net.stat.app
Try pinging your domain, make sure it is returning the right IP address and not something other than your actual IP.
Pinging is disabled for all freeDNS.org domains.
Running queries from dnsquery.org shows that the DNS is forwarding to my correct IP address.
Your carrier may be blocking access to your external IP address. You would still be able to connect to it from your phone because it's within the carrier's mobile network. T-Mobile does this in certain locations.
strumcat said:
Your carrier may be blocking access to your external IP address. You would still be able to connect to it from your phone because it's within the carrier's mobile network. T-Mobile does this in certain locations.
Click to expand...
Click to collapse
You must not have fully read my post. My other phone and my wife's phone, both on the same carrier as my GNex, are both able to connect.
creeve4 said:
You must not have fully read my post. My other phone and my wife's phone, both on the same carrier as my GNex, are both able to connect.
Click to expand...
Click to collapse
Yep, I did misread it, sorry.
Only things I can think of are try a different browser on the gnex, and make sure you don't have a firewall or antivirus program set up to inadvertantly block the freedns subdomain. Strange problem. Surely has to do with some software/setup on the gnex.

[Q] Is there a way to unblock inbound traffic?

I cannot ping my IP while tethering on my phone. Is there a way to unblock inbound connections on the site, or is it a phone option? There are apps to do this, but they all say you need to be able to ping the phone, and I can't.
I use my phone's tethering as my main internet while at home (unlimited plan) but can't host any games because no one can connect to me.
Still not a thing? I can't ask anywhere else due to the post limitations.
While your computer is tethered to the Internet through your phone, what are the IP numbers of the phone and of the computer?
What IP number are you trying to ping, and whence?
jpradley said:
While your computer is tethered to the Internet through your phone, what are the IP numbers of the phone and of the computer?
What IP number are you trying to ping, and whence?
Click to expand...
Click to collapse
The current IP for all computers connected to my phone is: 70.194.2.149
Using that IP I cannot host any games. Though for some reason I can on PS4, so I have no idea what's going on there.
squat251 said:
The current IP for all computers connected to my phone is: 70.194.2.149
Using that IP I cannot host any games. Though for some reason I can on PS4, so I have no idea what's going on there.
Click to expand...
Click to collapse
Every ethernet port, wired or not, has an IP address. Two devices cannot have the same IP address, each address on a network has to be unique. 70.194.2.149 is the (public WAN) address of a single device, probably that of the incoming port of your router. Your computers each have their own IP numbers (typically in the 192.168.x.y numbering scheme). Your router also has an address in that same number range, for use on its inside (private LAN) ethernet connections.
I don't want to write a dissertation on NAT (network address translation), but that is what the router performs so that your browsers or your Telo "appear" to be coming from 70.194.2.149. Net result,as far as your computers are concerned: they can call out, intitiate a connection to wherever, but nothing can initiate any contact to them from the outside world (short of doing some "port forwarding" in the router). Look up NAT iand port forwarding in a search engine.
BTW, what is "PS4"?
jpradley said:
Every ethernet port, wired or not, has an IP address. Two devices cannot have the same IP address, each address on a network has to be unique. 70.194.2.149 is the (public WAN) address of a single device, probably that of the incoming port of your router. Your computers each have their own IP numbers (typically in the 192.168.x.y numbering scheme). Your router also has an address in that same number range, for use on its inside (private LAN) ethernet connections.
I don't want to write a dissertation on NAT (network address translation), but that is what the router performs so that your browsers or your Telo "appear" to be coming from 70.194.2.149. Net result,as far as your computers are concerned: they can call out, intitiate a connection to wherever, but nothing can initiate any contact to them from the outside world (short of doing some "port forwarding" in the router). Look up NAT iand port forwarding in a search engine.
BTW, what is "PS4"?
Click to expand...
Click to collapse
Playstation 4. All of my PC's connect to the internet through my phone. There is no router, there is no ethernet. They all share the same IP because that is the IP of my phone (my best guess.) That is why all the targeted ads are from the same town. I don't know where in my first post, or any there after you gathered that I am having issues with a router.
squat251 said:
Playstation 4. All of my PC's connect to the internet through my phone. There is no router, there is no ethernet. They all share the same IP because that is the IP of my phone (my best guess.) That is why all the targeted ads are from the same town. I don't know where in my first post, or any there after you gathered that I am having issues with a router.
Click to expand...
Click to collapse
Ah, OK. Then it is your phone which is acting as a router and is doing the NAT procedures. I don't know how to make a phone forward specific IP ports to specific IP addresses.
You need a port forwarding app to allow incoming traffic to reach the right device on the network.
Forward what ever port(s) your game uses from the public wan ip to the game consoles ip provided by the phone.
So lets say forward port 1234 (or all ports) to 192.168.1.10, or what ever the game consoles ip is.
cmlusco said:
You need a port forwarding app to allow incoming traffic to reach the right device on the network.
Forward what ever port(s) your game uses from the public wan ip to the game consoles ip provided by the phone.
So lets say forward port 1234 (or all ports) to 192.168.1.10, or what ever the game consoles ip is.
Click to expand...
Click to collapse
That would work, only all the port forwarding apps require that you be able to ping your public IP. I cannot, all packets are lost no matter what method I use. I would call and ask Verizon, but I have unlimited data, and there is no way I will let them weasel that out of me.

Categories

Resources