The other day, I became a victim of a broadband crime that apparently is becoming more and more common.
Allow me to explain. I have three static IP addresses on my home network. I am not without concern for security — I run a firewall on each of my computers, I password-protect important documents, etc.. Such security measures are important and I urge others to take the same precautions. I even provide a link to a good firewall security package on my home page.
But these measures are ineffective against certain types of crimes.
Last Friday, one of my computers was suddenly unable to connect to the internet. Now usually, when one of my computers is down but my other computers are up, I don’t even bother to call Charter Communications because that is a clear indication that the problem is on my end. For example, a couple of weeks ago, one of my other computers was unable to connect to the internet. I discovered that somehow, the “use a proxy server box” had been checked under LAN settings under Internet Options. This was not correct. As soon as I unchecked the box, the problem was fixed. (I still don’t know how the box got checked, but I suspect that some piece of software automatically reconfigured my internet settings.)
But getting back to my most recent problem, when I booted up the computer, I received an error message telling me that there was a hardware conflict with my IP address. This was an error message that I had never seen before. I verified that I had the correct IP address on the computer — that nobody had changed it. Next, I de-networked the computers and connected this one computer directly to the cable modem and rebooted. I received the same error message, so it was not a conflict on my local network. For a lark, I tried one of my other IP addresses on this computer. It worked. Then I tried the “trouble” IP address on another computer. It did not work.
Conclusion: Someone had stolen my IP address. Someone who was always connected to Charter’s network, making it impossible for me to steal my IP address back.
I called Charter Communications. It took me a couple of days to convince them of my theory that someone stole my IP address. They ultimately sent a technician out to my house. I told the technician about the tests that I had performed, and the conclusion that I had reached. He said, “That sounds logical. I’ll tell you what. I’m going to disconnect you from the network down at the curb. Then I’m going to radio in to the office and tell them to ping that IP address. If they can ping it successfully, there’s no way that it can be you, and the only possible explanation at that point would be that someone has stolen your IP address.”
Ten minutes later, we had confirmed that someone else was using my IP address. That user was blocked from the network, and I was up and running again.
According to a local Charter executive, this is becoming a common problem: “After researching the IP conflict you experienced, I found your IP had been taken by an unauthorized user. The problem only occurred if this user logged on first and utilized the IP before you did. We deauthorized that modem and there shouldn’t be further incidence. They were probably using random IP addresses until one was found that was not currently in use. Unfortunately, this practice is becoming more common among ISP’s so it is necessary for us to begin binding IP addresses to network Interface cards MAC numbers* – a problem for some users.”
(*For the uninitiated, the MAC number is the unique serial number assigned to every network interface card. MAC stands for “Media Access Control”. No two network devices in the world have the same MAC number and all manufacturer’s are assigned unique manufacturer identifiers which make up the first six HEX characters of the twelve HEX digit MAC address.)
The problem with having your ISP bind your IP address to your network interface card’s MAC address is that you can’t change from your laptop to desktop, and you can’t change out your own network interface card if it goes bad without talking to your ISP first.
This problem was frustrating and time consuming. In total, I spent several hours of my own personal time conducting tests and working with Charter to get the problem resolved. I was down for four days. And there is no guarantee that it won’t happen again.
So if you have a static IP address, you have a few choices:
Ignore the problem and accept the risk that you may be the victim of IP theft. In which case, thanks to this column, you now know how to play Detective Columbo if you suspect you are a victim of such a crime.
Leave your computer up 24 by 7. Nobody can steal your IP address if you are always connected.
Determine whether binding your IP address to your network interface card is an acceptable solution for you, and find out if your ISP will do this for you.