Discussion:
My IP address is visible. ............. Is this a real problem??
(too old to reply)
Daniel65
2024-02-28 07:17:10 UTC
Permalink
This afternoon, I am on my Win7 Installation, basically to update my
Anti-Virus (AVG-Free).

When I had updated the definitions and run a 'Deep Scan', AVG-Free was
telling me that my IP Address was visible.

Is this a real problem .... or is AVG just trying to flog me their
Premium (i.e. PAID) Version??

TIA.
--
Daniel
Jeff Gaines
2024-02-28 08:26:10 UTC
Permalink
Post by Daniel65
This afternoon, I am on my Win7 Installation, basically to update my
Anti-Virus (AVG-Free).
When I had updated the definitions and run a 'Deep Scan', AVG-Free was
telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their Premium
(i.e. PAID) Version??
TIA.
Have you tired "Shields Up":

https://www.grc.com/shieldsup

It shows me my IP address (as allocated by my ISP) but Internet
communication depends on that so I think it's just how things work.
--
Jeff Gaines Dorset UK
You can't tell which way the train went by looking at the tracks
Daniel65
2024-02-28 12:23:59 UTC
Permalink
Post by Jeff Gaines
Post by Daniel65
This afternoon, I am on my Win7 Installation, basically to update
my Anti-Virus (AVG-Free).
When I had updated the definitions and run a 'Deep Scan', AVG-Free
was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their
Premium (i.e. PAID) Version??
TIA.
https://www.grc.com/shieldsup
It shows me my IP address (as allocated by my ISP) but Internet
communication depends on that so I think it's just how things work.
No, I haven't. Should I?? I've used AVG for years and, as far as I or
AVG knows, I haven't had any problems.

As I suggest, I think it's just AVG trying to get a few Bucks out of me,
--
Daniel
Jeff Gaines
2024-02-28 13:21:30 UTC
Permalink
Post by Daniel65
Post by Jeff Gaines
Post by Daniel65
This afternoon, I am on my Win7 Installation, basically to update
my Anti-Virus (AVG-Free).
When I had updated the definitions and run a 'Deep Scan', AVG-Free
was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their
Premium (i.e. PAID) Version??
TIA.
https://www.grc.com/shieldsup
It shows me my IP address (as allocated by my ISP) but Internet
communication depends on that so I think it's just how things work.
No, I haven't. Should I?? I've used AVG for years and, as far as I or
AVG knows, I haven't had any problems.
As I suggest, I think it's just AVG trying to get a few Bucks out of me,
It would give you a second opinion. I'm not sure how you expect anything
on the Internet to communicate with you if it doesn't know your IP address.
--
Jeff Gaines Dorset UK
This joke was so funny when I heard it for the first time I fell of my
dinosaur.
David W. Hodgins
2024-02-28 14:47:53 UTC
Permalink
Post by Jeff Gaines
Post by Daniel65
Post by Jeff Gaines
Post by Daniel65
This afternoon, I am on my Win7 Installation, basically to update
my Anti-Virus (AVG-Free).
When I had updated the definitions and run a 'Deep Scan', AVG-Free
was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their
Premium (i.e. PAID) Version??
TIA.
https://www.grc.com/shieldsup
It shows me my IP address (as allocated by my ISP) but Internet
communication depends on that so I think it's just how things work.
No, I haven't. Should I?? I've used AVG for years and, as far as I or
AVG knows, I haven't had any problems.
As I suggest, I think it's just AVG trying to get a few Bucks out of me,
It would give you a second opinion. I'm not sure how you expect anything
on the Internet to communicate with you if it doesn't know your IP address.
They are probably trying to market a vpn service.

Regards, Dave Hodgins
R.Wieser
2024-02-28 09:25:56 UTC
Permalink
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan', AVG-Free
was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their Premium
(i.e. PAID) Version??
Them not providing information on when that it happens and how it impacts
your machine is definitily a red flag. FUD comes to mind (Fear,
Uncertainty, Doubt).

Heck, if your 'puter has internet access than the router can 'see' your
puters IP. It has to, otherwise it can't give your 'puter the responses to
requests it send.

Regards,
Rudy Wieser
Daniel65
2024-02-28 12:28:12 UTC
Permalink
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan', AVG-Free
was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their
Premium (i.e. PAID) Version??
Them not providing information on when that it happens and how it
impacts your machine is definitily a red flag. FUD comes to mind
(Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can 'see'
your puters IP. It has to, otherwise it can't give your 'puter the
responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address so that
they can know who 'I' am so they can work out what UserName/Password I
have to send to get access to my UseNet account with them.

That even makes sense to me NOW!!

Thanks.
--
Daniel
immibis
2024-02-28 18:27:55 UTC
Permalink
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan', AVG-Free
was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their
Premium (i.e. PAID) Version??
Them not providing information on when that it happens and how it
impacts your machine is definitily a red flag.  FUD comes to mind
(Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can 'see'
your puters IP.  It has to, otherwise it can't give your 'puter the
responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address so that
they can know who 'I' am so they can work out what UserName/Password I
have to send to get access to my UseNet account with them.
That even makes sense to me NOW!!
Thanks.
You're posting this from eternal-september.
Daniel65
2024-02-29 08:46:16 UTC
Permalink
Post by immibis
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan', AVG-Free
was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their
Premium (i.e. PAID) Version??
Them not providing information on when that it happens and how it
impacts your machine is definitily a red flag.  FUD comes to mind
(Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can 'see'
your puters IP.  It has to, otherwise it can't give your 'puter the
responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address so that
they can know who 'I' am so they can work out what UserName/Password I
have to send to get access to my UseNet account with them.
That even makes sense to me NOW!!
Thanks.
You're posting this from eternal-september.
Yes, So ..................??
--
Daniel
immibis
2024-02-29 11:17:43 UTC
Permalink
Post by Daniel65
Post by immibis
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan', AVG-Free
was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their
Premium (i.e. PAID) Version??
Them not providing information on when that it happens and how it
impacts your machine is definitily a red flag.  FUD comes to mind
(Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can 'see'
your puters IP.  It has to, otherwise it can't give your 'puter the
responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address so
that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet account
with them.
That even makes sense to me NOW!!
Thanks.
You're posting this from eternal-september.
Yes, So ..................??
so you are not using your ISP's news server and they don't know your E-S
username and password
Daniel65
2024-02-29 12:21:50 UTC
Permalink
Post by immibis
Post by Daniel65
Post by immibis
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog
me their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and
how it impacts your machine is definitily a red flag. FUD
comes to mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP. It has to, otherwise it can't give
your 'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.
That even makes sense to me NOW!!
Thanks.
You're posting this from eternal-september.
Yes, So ..................??
so you are not using your ISP's news server and they don't know your
E-S username and password
Ah!! O.K., my ISP is tpg (https://www.tpg.com.au/) and I don't know IF
they even have a news-server as I set up this E-S account when I was
with a previous ISP who closed his News Server.
--
Daniel
Carlos E.R.
2024-02-29 13:06:28 UTC
Permalink
Post by Daniel65
Post by immibis
Post by Daniel65
Post by immibis
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog
me their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and
how it impacts your machine is definitily a red flag.  FUD
comes to mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP.  It has to, otherwise it can't give
your 'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.
That even makes sense to me NOW!!
Thanks.
You're posting this from eternal-september.
Yes, So ..................??
so you are not using your ISP's news server and they don't know your
E-S username and password
Ah!! O.K., my ISP is tpg (https://www.tpg.com.au/) and I don't know IF
they even have a news-server as I set up this E-S account when I was
with a previous ISP who closed his News Server.
The point is that you said:

«That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.»

We are telling you that no, they can not work out your username/password
at anything.

Unless that "anything" doesn't do security.
--
Cheers, Carlos.
candycanearter07
2024-02-29 15:40:08 UTC
Permalink
Post by Carlos E.R.
Post by Daniel65
Post by immibis
Post by Daniel65
Post by immibis
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog
me their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and
how it impacts your machine is definitily a red flag.  FUD
comes to mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP.  It has to, otherwise it can't give
your 'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.
That even makes sense to me NOW!!
Thanks.
You're posting this from eternal-september.
Yes, So ..................??
so you are not using your ISP's news server and they don't know your
E-S username and password
Ah!! O.K., my ISP is tpg (https://www.tpg.com.au/) and I don't know IF
they even have a news-server as I set up this E-S account when I was
with a previous ISP who closed his News Server.
«That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.»
We are telling you that no, they can not work out your username/password
at anything.
Unless that "anything" doesn't do security.
To be fair, if you send credentials with no encryption they could see
that.
--
user <candycane> is generated from /dev/urandom
Carlos E.R.
2024-02-29 19:36:06 UTC
Permalink
Post by candycanearter07
Post by Carlos E.R.
Post by Daniel65
Post by immibis
Post by Daniel65
Post by immibis
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog
me their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and
how it impacts your machine is definitily a red flag.  FUD
comes to mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP.  It has to, otherwise it can't give
your 'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.
That even makes sense to me NOW!!
Thanks.
You're posting this from eternal-september.
Yes, So ..................??
so you are not using your ISP's news server and they don't know your
E-S username and password
Ah!! O.K., my ISP is tpg (https://www.tpg.com.au/) and I don't know IF
they even have a news-server as I set up this E-S account when I was
with a previous ISP who closed his News Server.
«That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.»
We are telling you that no, they can not work out your username/password
at anything.
Unless that "anything" doesn't do security.
.........................^^^^^^^^^^^^^^^^^^^^^
.........................*********************
Post by candycanearter07
To be fair, if you send credentials with no encryption they could see
that.
--
Cheers, Carlos.
Mike Easter
2024-02-29 20:30:43 UTC
Permalink
Post by Carlos E.R.
Post by candycanearter07
Post by Carlos E.R.
Unless that "anything" doesn't do security.
.........................^^^^^^^^^^^^^^^^^^^^^
.........................*********************
Post by candycanearter07
To be fair, if you send credentials with no encryption they could see
that.
To me, my problem w/ being on the same page w/ some privacy or security
buffs is that I feel that I am looking at the world 'realistically' --
where realistically does NOT mean I'm living in some country that wants
to spy on my every move, nor am I some kind of potential felon that LE
is 'after' to the point that they have obtained the necessary subpoenas
to snoop on my transaction traffic to/from my ISP, nor do I believe that
my ISP is crooked and has its own reasons to snoop my transmissions.

On top of that, and this is where I become even less privacy conscious
than many others, I don't even care if google snoops my mail and my
searches/web activity.

So, maybe there are levels of privacy or security oriented individuals:
- those activists in 3rd world countries
- those who are up to no good who might be under the eyes of LE
- those who don't like google and other such snooping their activities
- those who are oblivious to everything and can't even manage to do
anything securely so they are at the mercy of all kinds of predators. I
have a relative in that group.
--
Mike Easter
Paul
2024-03-01 02:33:05 UTC
Permalink
Post by candycanearter07
Post by Carlos E.R.
Post by Daniel65
Post by immibis
Post by Daniel65
Post by immibis
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog
me their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and
how it impacts your machine is definitily a red flag.  FUD
comes to mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP.  It has to, otherwise it can't give
your 'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.
That even makes sense to me NOW!!
Thanks.
You're posting this from eternal-september.
Yes, So ..................??
so you are not using your ISP's news server and they don't know your
E-S username and password
Ah!! O.K., my ISP is tpg (https://www.tpg.com.au/) and I don't know IF
they even have a news-server as I set up this E-S account when I was
with a previous ISP who closed his News Server.
«That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.»
We are telling you that no, they can not work out your username/password
at anything.
Unless that "anything" doesn't do security.
To be fair, if you send credentials with no encryption they could see
that.
Use Wireshark.

Connect to E-S on port 119.

What do you see go by ?

Your USER and PASS.

Port 119 is an example of "doesn't do security".

Paul
Carlos E.R.
2024-03-01 04:11:32 UTC
Permalink
Post by Paul
Post by candycanearter07
Post by Carlos E.R.
Post by Daniel65
Post by immibis
Post by Daniel65
Post by immibis
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog
me their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and
how it impacts your machine is definitily a red flag.  FUD
comes to mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP.  It has to, otherwise it can't give
your 'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.
That even makes sense to me NOW!!
Thanks.
You're posting this from eternal-september.
Yes, So ..................??
so you are not using your ISP's news server and they don't know your
E-S username and password
Ah!! O.K., my ISP is tpg (https://www.tpg.com.au/) and I don't know IF
they even have a news-server as I set up this E-S account when I was
with a previous ISP who closed his News Server.
«That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.»
We are telling you that no, they can not work out your username/password
at anything.
Unless that "anything" doesn't do security.
To be fair, if you send credentials with no encryption they could see
that.
Use Wireshark.
Connect to E-S on port 119.
What do you see go by ?
Your USER and PASS.
Port 119 is an example of "doesn't do security".
Change news provider and/or client :-)
--
Cheers, Carlos.
Paul
2024-03-01 08:42:59 UTC
Permalink
Post by Carlos E.R.
Post by Paul
Post by candycanearter07
Post by Carlos E.R.
Post by Daniel65
Post by immibis
Post by Daniel65
Post by immibis
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog
me their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and
how it impacts your machine is definitily a red flag.  FUD
comes to mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP.  It has to, otherwise it can't give
your 'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.
That even makes sense to me NOW!!
Thanks.
You're posting this from eternal-september.
Yes, So ..................??
  >
Post by immibis
so you are not using your ISP's news server and they don't know your
E-S username and password
Ah!! O.K., my ISP is tpg (https://www.tpg.com.au/) and I don't know IF
they even have a news-server as I set up this E-S account when I was
with a previous ISP who closed his News Server.
«That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.»
We are telling you that no, they can not work out your username/password
at anything.
Unless that "anything" doesn't do security.
To be fair, if you send credentials with no encryption they could see
that.
Use Wireshark.
Connect to E-S on port 119.
What do you see go by ?
Your USER and PASS.
Port 119 is an example of "doesn't do security".
Change news provider and/or client :-)
E-S offers both. This allows really ancient clients which
lack SSL/TLS to connect to the server (119). And there are
people who like the really old client software. There
is no such thing as "too old software" when it
comes to USENET.

It would be like expecting an EMACS user to stop using EMACS.
Not gonna happen.

There is even at least one guy, using an ancient computer
to connect on USENET. So in addition to an old client, even
the OS is something you've never heard of. It takes all kinds.

Paul
candycanearter07
2024-03-01 15:20:10 UTC
Permalink
Post by Paul
Post by Carlos E.R.
Post by Paul
Post by candycanearter07
Post by Carlos E.R.
Post by Daniel65
Post by immibis
Post by Daniel65
Post by immibis
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog
me their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and
how it impacts your machine is definitily a red flag.  FUD
comes to mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP.  It has to, otherwise it can't give
your 'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.
That even makes sense to me NOW!!
Thanks.
You're posting this from eternal-september.
Yes, So ..................??
  >
Post by immibis
so you are not using your ISP's news server and they don't know your
E-S username and password
Ah!! O.K., my ISP is tpg (https://www.tpg.com.au/) and I don't know IF
they even have a news-server as I set up this E-S account when I was
with a previous ISP who closed his News Server.
«That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.»
We are telling you that no, they can not work out your username/password
at anything.
Unless that "anything" doesn't do security.
To be fair, if you send credentials with no encryption they could see
that.
Use Wireshark.
Connect to E-S on port 119.
What do you see go by ?
Your USER and PASS.
Port 119 is an example of "doesn't do security".
Change news provider and/or client :-)
E-S offers both. This allows really ancient clients which
lack SSL/TLS to connect to the server (119). And there are
people who like the really old client software. There
is no such thing as "too old software" when it
comes to USENET.
Oh does slrnpull support ssl?
Post by Paul
It would be like expecting an EMACS user to stop using EMACS.
Not gonna happen.
Or vim users
Post by Paul
There is even at least one guy, using an ancient computer
to connect on USENET. So in addition to an old client, even
the OS is something you've never heard of. It takes all kinds.
Paul
Backwards compatibility!
--
user <candycane> is generated from /dev/urandom
David W. Hodgins
2024-03-01 17:09:54 UTC
Permalink
Post by candycanearter07
Post by Paul
E-S offers both. This allows really ancient clients which
lack SSL/TLS to connect to the server (119). And there are
people who like the really old client software. There
is no such thing as "too old software" when it
comes to USENET.
Oh does slrnpull support ssl?
Post by Paul
It would be like expecting an EMACS user to stop using EMACS.
Not gonna happen.
Or vim users
For usenet clients that do no support ssl, stunnel can be used. The
program I'm using does not support it, so I use it.

In /etc/stunnel/stunnel.conf I have ...
[nntps]
client=yes
connect=news.eternal-september.org:563
cert=/etc/pki/tls/certs/stunnel.pem
accept=564
TIMEOUTconnect=60

The program I'm using (leafnode) then connects using localhost:564.
In /etc/leafnode/config ...
server = localhost
port = 564
#server = news.eternal-september.org
#port = 119
username = munged
password = munged
timeout = 300
timeout_fetchnews = 300
initialfetch = 500
nodesc = 1
maxage = 5
filterfile = /etc/leafnode/filters
debugmode = 0
create_all_links = 0
allow_8bit_headers = 1
article_despite_filter = 1
noxover = 1

The commented out above were for testing leafnode without using stunnel.

I then have my usenet reader set to collect articles from localhost port 119,
without any authentication needed.

Besides encrypting the password, another benefit is that for slow connections
it's faster as the encryption includes compression.

Regards, Dave Hodgins
candycanearter07
2024-03-04 03:30:02 UTC
Permalink
Post by David W. Hodgins
Post by candycanearter07
Post by Paul
E-S offers both. This allows really ancient clients which
lack SSL/TLS to connect to the server (119). And there are
people who like the really old client software. There
is no such thing as "too old software" when it
comes to USENET.
Oh does slrnpull support ssl?
Post by Paul
It would be like expecting an EMACS user to stop using EMACS.
Not gonna happen.
Or vim users
For usenet clients that do no support ssl, stunnel can be used. The
program I'm using does not support it, so I use it.
In /etc/stunnel/stunnel.conf I have ...
[nntps]
client=yes
connect=news.eternal-september.org:563
cert=/etc/pki/tls/certs/stunnel.pem
accept=564
TIMEOUTconnect=60
The program I'm using (leafnode) then connects using localhost:564.
In /etc/leafnode/config ...
server = localhost
port = 564
#server = news.eternal-september.org
#port = 119
username = munged
password = munged
timeout = 300
timeout_fetchnews = 300
initialfetch = 500
nodesc = 1
maxage = 5
filterfile = /etc/leafnode/filters
debugmode = 0
create_all_links = 0
allow_8bit_headers = 1
article_despite_filter = 1
noxover = 1
The commented out above were for testing leafnode without using stunnel.
I then have my usenet reader set to collect articles from localhost port 119,
without any authentication needed.
Besides encrypting the password, another benefit is that for slow connections
it's faster as the encryption includes compression.
Regards, Dave Hodgins
Oh, that's a neat little trick. If slrnpull does support SSL, I
would still want to use the native implementation.
--
user <candycane> is generated from /dev/urandom
Carlos E.R.
2024-03-04 20:31:53 UTC
Permalink
...
Post by Paul
Post by Carlos E.R.
Post by Paul
Post by candycanearter07
Post by Carlos E.R.
«That's about how I see it, too. My ISP MUST know my IP address
so that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet
account with them.»
We are telling you that no, they can not work out your username/password
at anything.
Unless that "anything" doesn't do security.
To be fair, if you send credentials with no encryption they could see
that.
Use Wireshark.
Connect to E-S on port 119.
What do you see go by ?
Your USER and PASS.
Port 119 is an example of "doesn't do security".
Change news provider and/or client :-)
E-S offers both. This allows really ancient clients which
lack SSL/TLS to connect to the server (119). And there are
people who like the really old client software. There
is no such thing as "too old software" when it
comes to USENET.
I was surprised to see that Leafnode v2 doesn't support ssl/tls. I
thought it was supported, but I don't see it in the documentation.
Still, it doesn't matter to me, as all the conversations are public.

TB does support it.
Post by Paul
It would be like expecting an EMACS user to stop using EMACS.
Not gonna happen.
There is even at least one guy, using an ancient computer
to connect on USENET. So in addition to an old client, even
the OS is something you've never heard of. It takes all kinds.
Paul
--
Cheers, Carlos.
Carlos E.R.
2024-02-28 18:35:01 UTC
Permalink
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan', AVG-Free
was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their
Premium (i.e. PAID) Version??
Them not providing information on when that it happens and how it
impacts your machine is definitily a red flag.  FUD comes to mind
(Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can 'see'
your puters IP.  It has to, otherwise it can't give your 'puter the
responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address so that
they can know who 'I' am so they can work out what UserName/Password I
have to send to get access to my UseNet account with them.
That even makes sense to me NOW!!
When your computer interacts with any other computer on internet, to,
send an email, send a news post, read a web page, see a video... all
those machines see your IP address. It is how it works, there is nothing
wrong with that.

There is a conversation between the two computer. Your computer sends a
packet, the other computer answers with another packet. It has to know
where to send that packet to, ie, your address.

Same as if you send a paper letter.

Ok, there is a router at your house that is doing a NAT, an address
translation. So the other computer in fact sees the address of the
router, not the address of your computer. The router does the
translation in both directions.


AVG is probably trying to sell you an VPN, to put an intermediary in the
connection. The other computer now will see the intermediary address,
not yours. The intermediary does a translation for every packet sent or
received.

Some people say that what they seek is privacy (which is not the same as
security). They do not want their ISP to get stats on your traffic which
they may sell. Ok, but then the VPN manager gets that information
instead. Depends who you trust more.


They get money on this. They try to scare you into thinking that you
really need to "hide" behind an VPN intermediary. That it is dangerous
to not use an VPN. They sell it to people that then do not use it
because they don't know how. I had to tell friends, that asked me to
activate that VPN thing, fo forget it and cancel that silly subscription
they did not need.


Some people may need it, but then they do know about it.
--
Cheers, Carlos.
Daniel65
2024-02-29 08:55:35 UTC
Permalink
Post by Carlos E.R.
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me
their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and how
it impacts your machine is definitily a red flag. FUD comes to
mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP. It has to, otherwise it can't give your
'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address so
that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet account
with them.
That even makes sense to me NOW!!
When your computer interacts with any other computer on internet, to,
send an email, send a news post, read a web page, see a video... all
those machines see your IP address. It is how it works, there is
nothing wrong with that.
There is a conversation between the two computer. Your computer sends
a packet, the other computer answers with another packet. It has to
know where to send that packet to, ie, your address.
Same as if you send a paper letter.
Ok, there is a router at your house that is doing a NAT, an address
translation. So the other computer in fact sees the address of the
router, not the address of your computer. The router does the
translation in both directions.
AVG is probably trying to sell you an VPN, to put an intermediary in
the connection. The other computer now will see the intermediary
address, not yours. The intermediary does a translation for every
packet sent or received.
Some people say that what they seek is privacy (which is not the same
as security). They do not want their ISP to get stats on your traffic
which they may sell. Ok, but then the VPN manager gets that
information instead. Depends who you trust more.
They get money on this. They try to scare you into thinking that you
really need to "hide" behind an VPN intermediary. That it is
dangerous to not use an VPN. They sell it to people that then do not
use it because they don't know how. I had to tell friends, that asked
me to activate that VPN thing, fo forget it and cancel that silly
subscription they did not need.
Some people may need it, but then they do know about it.
O.K., so if AVG are trying to flog me a VPN ..... I'm connecting to the
UseNet via my TelCo (TPG) and then to Eternal-September. Are E-S, in
effect, a VPN??
--
Daniel
Dan Purgert
2024-02-29 10:30:49 UTC
Permalink
Post by Daniel65
Post by Carlos E.R.
[...]
They get money on this. They try to scare you into thinking that you
really need to "hide" behind an VPN intermediary. That it is
dangerous to not use an VPN. They sell it to people that then do not
use it because they don't know how. I had to tell friends, that asked
me to activate that VPN thing, fo forget it and cancel that silly
subscription they did not need.
Some people may need it, but then they do know about it.
O.K., so if AVG are trying to flog me a VPN ..... I'm connecting to the
UseNet via my TelCo (TPG) and then to Eternal-September. Are E-S, in
effect, a VPN??
No.
--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860
immibis
2024-02-29 11:24:15 UTC
Permalink
Post by Daniel65
Post by Carlos E.R.
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me
their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and how
it impacts your machine is definitily a red flag.  FUD comes to
mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP.  It has to, otherwise it can't give your
'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address so
that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet account
with them.
That even makes sense to me NOW!!
When your computer interacts with any other computer on internet, to,
send an email, send a news post, read a web page, see a video... all
those machines see your IP address. It is how it works, there is
nothing wrong with that.
There is a conversation between the two computer. Your computer sends
a packet, the other computer answers with another packet. It has to
know where to send that packet to, ie, your address.
Same as if you send a paper letter.
Ok, there is a router at your house that is doing a NAT, an address
translation. So the other computer in fact sees the address of the
router, not the address of your computer. The router does the
translation in both directions.
AVG is probably trying to sell you an VPN, to put an intermediary in
the connection. The other computer now will see the intermediary
address, not yours. The intermediary does a translation for every
packet sent or received.
Some people say that what they seek is privacy (which is not the same
as security). They do not want their ISP to get stats on your traffic
which they may sell. Ok, but then the VPN manager gets that
information instead. Depends who you trust more.
They get money on this. They try to scare you into thinking that you
really need to "hide" behind an VPN intermediary. That it is
dangerous to not use an VPN. They sell it to people that then do not
use it because they don't know how. I had to tell friends, that asked
me to activate that VPN thing, fo forget it and cancel that silly
subscription they did not need.
Some people may need it, but then they do know about it.
O.K., so if AVG are trying to flog me a VPN ..... I'm connecting to the
UseNet via my TelCo (TPG) and then to Eternal-September. Are E-S, in
effect, a VPN??
What is "in effect, a VPN"?

I can't see your IP address because the E-S server doesn't tell me it -
if that's what you mean. Ray Banana, if he wants to, can find out your
IP address because it's his server and every time you connect to it it
knows the IP address that's connecting.
Paul
2024-02-29 11:39:03 UTC
Permalink
Post by Daniel65
Post by Carlos E.R.
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me
their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and how
it impacts your machine is definitily a red flag.  FUD comes to
mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP.  It has to, otherwise it can't give your
'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address so
that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet account
with them.
That even makes sense to me NOW!!
When your computer interacts with any other computer on internet, to,
send an email, send a news post, read a web page, see a video... all
those machines see your IP address. It is how it works, there is
nothing wrong with that.
There is a conversation between the two computer. Your computer sends
a packet, the other computer answers with another packet. It has to
know where to send that packet to, ie, your address.
Same as if you send a paper letter.
Ok, there is a router at your house that is doing a NAT, an address translation. So the other computer in fact sees the address of the router, not the address of your computer. The router does the translation in both directions.
AVG is probably trying to sell you an VPN, to put an intermediary in
the connection. The other computer now will see the intermediary
address, not yours. The intermediary does a translation for every
packet sent or received.
Some people say that what they seek is privacy (which is not the same
as security). They do not want their ISP to get stats on your traffic
which they may sell. Ok, but then the VPN manager gets that
information instead. Depends who you trust more.
They get money on this. They try to scare you into thinking that you
really need to "hide" behind an VPN intermediary. That it is
dangerous to not use an VPN. They sell it to people that then do not
use it because they don't know how. I had to tell friends, that asked
me to activate that VPN thing, fo forget it and cancel that silly
subscription they did not need.
Some people may need it, but then they do know about it.
O.K., so if AVG are trying to flog me a VPN ..... I'm connecting to the
UseNet via my TelCo (TPG) and then to Eternal-September. Are E-S, in effect, a VPN??
WAN IP
Daniel65 ------ router --------------------------- E-S The E-S admin can tell
192.168.1.2 (home) 1.2.3.4 where you are (more or less*)

WAN IP (India)
Daniel65 ------ router ------------- VPN --------- E-S The E-S admin can tell
192.168.1.2 (home) 1.2.3.4 5.6.7.8 you're in India.

Your WAN IP identifies your house. Or something.

This is presumably the "FUD" model that AVG is using.

Real life is much more complicated than this.

Paul
Daniel65
2024-02-29 12:27:07 UTC
Permalink
Post by Paul
Post by Daniel65
Post by Carlos E.R.
Post by Daniel65
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan',
AVG-Free was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me
their Premium (i.e. PAID) Version??
Them not providing information on when that it happens and how
it impacts your machine is definitily a red flag.  FUD comes to
mind (Fear, Uncertainty, Doubt).
Heck, if your 'puter has internet access than the router can
'see' your puters IP.  It has to, otherwise it can't give your
'puter the responses to requests it send.
That's about how I see it, too. My ISP MUST know my IP address so
that they can know who 'I' am so they can work out what
UserName/Password I have to send to get access to my UseNet account
with them.
That even makes sense to me NOW!!
When your computer interacts with any other computer on internet, to,
send an email, send a news post, read a web page, see a video... all
those machines see your IP address. It is how it works, there is
nothing wrong with that.
There is a conversation between the two computer. Your computer sends
a packet, the other computer answers with another packet. It has to
know where to send that packet to, ie, your address.
Same as if you send a paper letter.
Ok, there is a router at your house that is doing a NAT, an address translation. So the other computer in fact sees the address of the router, not the address of your computer. The router does the translation in both directions.
AVG is probably trying to sell you an VPN, to put an intermediary in
the connection. The other computer now will see the intermediary
address, not yours. The intermediary does a translation for every
packet sent or received.
Some people say that what they seek is privacy (which is not the same
as security). They do not want their ISP to get stats on your traffic
which they may sell. Ok, but then the VPN manager gets that
information instead. Depends who you trust more.
They get money on this. They try to scare you into thinking that you
really need to "hide" behind an VPN intermediary. That it is
dangerous to not use an VPN. They sell it to people that then do not
use it because they don't know how. I had to tell friends, that asked
me to activate that VPN thing, fo forget it and cancel that silly
subscription they did not need.
Some people may need it, but then they do know about it.
O.K., so if AVG are trying to flog me a VPN ..... I'm connecting to the
UseNet via my TelCo (TPG) and then to Eternal-September. Are E-S, in effect, a VPN??
WAN IP
Daniel65 ------ router --------------------------- E-S The E-S admin can tell
192.168.1.2 (home) 1.2.3.4 where you are (more or less*)
WAN IP (India)
Daniel65 ------ router ------------- VPN --------- E-S The E-S admin can tell
192.168.1.2 (home) 1.2.3.4 5.6.7.8 you're in India.
Your WAN IP identifies your house. Or something.
This is presumably the "FUD" model that AVG is using.
Real life is much more complicated than this.
Paul
Ah!! O.K., thanks, Paul.
--
Daniel
Mike Easter
2024-02-29 17:45:40 UTC
Permalink
Post by Daniel65
O.K., so if AVG are trying to flog me a VPN ..... I'm connecting to the
UseNet via my TelCo (TPG) and then to Eternal-September. Are E-S, in
effect, a VPN??
Typically, when you connect to your NSP news service provider you are
connecting via your ISP connectivity provider TPG. Some NSP's (not E-S)
'stamp' your news message here w/ your connectivity provider's
connecting IP. That IP may be associated w/ your geolocation, such as
your 'home town' or city. Some people don't like for their real name or
their real email address or their ISP or their home city exposed to
others on usenet.

Usenet is more anonymizing than social media because you don't have to
expose your ISP IP, real email address or a city or an email address if
you don't want to, but you can if you want to.

Selling VPN service has become an enterprise, so various entities like
to do whatever they can to convince you that having a VPN is better than
not. Many/most of us know that we don't need a VPN to hide our IP from
entities which we contact online such as NSP or webserver.

AVG is just another one selling VPN service.
--
Mike Easter
Daniel65
2024-03-01 09:29:33 UTC
Permalink
Post by Mike Easter
Post by Daniel65
O.K., so if AVG are trying to flog me a VPN ..... I'm connecting to
the UseNet via my TelCo (TPG) and then to Eternal-September. Are E-S,
in effect, a VPN??
Typically, when you connect to your NSP news service provider you are
connecting via your ISP connectivity provider TPG.  Some NSP's (not E-S)
'stamp' your news message here w/ your connectivity provider's
connecting IP.  That IP may be associated w/ your geolocation, such as
your 'home town' or city.  Some people don't like for their real name or
their real email address or their ISP or their home city exposed to
others on usenet.
Usenet is more anonymizing than social media because you don't have to
expose your ISP IP, real email address or a city or an email address if
you don't want to, but you can if you want to.
Selling VPN service has become an enterprise, so various entities like
to do whatever they can to convince you that having a VPN is better than
not.  Many/most of us know that we don't need a VPN to hide our IP from
entities which we contact online such as NSP or webserver.
AVG is just another one selling VPN service.
Thank you, Mike.
--
Daniel
candycanearter07
2024-02-28 17:05:07 UTC
Permalink
Post by R.Wieser
Daniel65,
Post by Daniel65
When I had updated the definitions and run a 'Deep Scan', AVG-Free
was telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their Premium
(i.e. PAID) Version??
Them not providing information on when that it happens and how it impacts
your machine is definitily a red flag. FUD comes to mind (Fear,
Uncertainty, Doubt).
Isn't AVG kinda infamous for this kind of thing?
Post by R.Wieser
Heck, if your 'puter has internet access than the router can 'see' your
puters IP. It has to, otherwise it can't give your 'puter the responses to
requests it send.
Regards,
Rudy Wieser
Not to mention that there's multiple kinds of ip's
(local 192.168*/127.* and public ip). Vaugeness really makes you assume
the worst here.
--
user <candycane> is generated from /dev/urandom
R.Wieser
2024-02-28 18:32:58 UTC
Permalink
candycanearter07,
Post by candycanearter07
Isn't AVG kinda infamous for this kind of thing?
I wouldn't know, I can't remember having ever used it.
Post by candycanearter07
Not to mention that there's multiple kinds of ip's
(local 192.168*/127.* and public ip).
And that a PC will spew all kinds of IP related data on a LAN just to let
others on it know its there.
Post by candycanearter07
Vaugeness really makes you assume the worst here.
Yep. Hence my FUD remark. :-)

Regards,
Rudy Wieser
candycanearter07
2024-02-28 19:55:08 UTC
Permalink
Post by R.Wieser
candycanearter07,
Post by candycanearter07
Isn't AVG kinda infamous for this kind of thing?
I wouldn't know, I can't remember having ever used it.
Post by candycanearter07
Not to mention that there's multiple kinds of ip's
(local 192.168*/127.* and public ip).
And that a PC will spew all kinds of IP related data on a LAN just to let
others on it know its there.
Huh, I didn't know it broadcasted an IP.
Post by R.Wieser
Post by candycanearter07
Vaugeness really makes you assume the worst here.
Yep. Hence my FUD remark. :-)
Regards,
Rudy Wieser
Yea, stuff like that drives me crazy sometimes.
--
user <candycane> is generated from /dev/urandom
Carlos E.R.
2024-02-29 13:12:51 UTC
Permalink
Post by candycanearter07
Post by R.Wieser
candycanearter07,
Post by candycanearter07
Isn't AVG kinda infamous for this kind of thing?
I wouldn't know, I can't remember having ever used it.
Post by candycanearter07
Not to mention that there's multiple kinds of ip's
(local 192.168*/127.* and public ip).
And that a PC will spew all kinds of IP related data on a LAN just to let
others on it know its there.
Huh, I didn't know it broadcasted an IP.
Of course it does.

Every time you open a webpage, the webpage knows your IP, because it
needs your address to send you the text and photos.

It just works that way, there is nothing wrong with that.


Your computer tells the web page "send me your content to my address".



An VPN is like a Postal Office Box. Letters are sent there instead of
your machine; then the POB sends them to your machine. Someone, in the
end, has to know your address.
--
Cheers, Carlos.
immibis
2024-02-28 18:27:15 UTC
Permalink
Post by Daniel65
This afternoon, I am on my Win7 Installation, basically to update my
Anti-Virus (AVG-Free).
When I had updated the definitions and run a 'Deep Scan', AVG-Free was
telling me that my IP Address was visible.
Is this a real problem .... or is AVG just trying to flog me their
Premium (i.e. PAID) Version??
TIA.
Sounds like they are just trying to sell you a VPN, which is something
that most people don't need but helps AVG make money.
Loading...