Results 1 to 7 of 7

Thread: IP stealing

  1. #1

    Question IP stealing

    Hi all,

    I seen around here and there that some people have had their IP address taken by another machine in the same network.

    Is this true of all providers, or is this just in some places which are bad? If you have your own C class address will this prevent this, or is it more to do with hardware and routers, etc.?


  2. #2
    hmm, "stealing" is usually when 2 computers on the same network subnet try and both be the same IP, perhaps by misconfiguration - though I've never seen it done intentionally.

    There are ways to stop it, easiest probably using static ARPs if the switch/router supports it - which basically says that a certain MAC address (unique per NIC) has whatever IP address. Then if a different computer (and therefore a different MAC) decides to try and take the IP, the switch will ignore it.

    If its a plain old hub or switch that doesn't support it, then I guess anyone could decide they want to be a certain IP address. If they did, and it was a shared environment, I'd expect there'd be heavy penalities for doing so.

    Having your own class C *might* help if this class C is only routed to your dedicated port or switch, since no one else could even be on the same subnet.

    I think it all depends on the network architecture - so query the provider on what they can do to prevent it.


  3. #3
    Static ARP is not necessarily the proper way, although it will work.

    If you are a colo customer of your uplink and you simply have a switch from them, with one uplink port.

    You can have your provider set up vlan's on their routers which will segregate the different IP networks and trunk them over one physical uplink connection.

    The same applies if you have your own router, although you do your own management.

    This is the ideal setup to prevent "IP stealing" among other customers.

    The typical setup (although it sucks, but i've seen alot of people doing it this way) is that the customer of the uplink gets one VLAN, and they just secondary the other ip networks on that VLAN. This does allow ip stealing, cause anything in that common vlan can use any of the other networks.

  4. #4
    Join Date
    Nov 2001
    Glika Nera - Athens - Greece - Europe

    A good way...

    ... to at least discourage people to do this + to totally wipe out misconfiguration is to use SUBNET MASKS.

    Look at below link it will help you:

  5. #5
    For example

    interface FastEthernet0/0
    ip address
    ip address secondary
    that is from the provider/uplink end.

    say there are two machines out there on the other end of this fast ethernet connection. The first block is for their internal servers, and the second is for your servers. Either machine could use any IP address within BOTH ranges (less any network, broadcast and gateway IPs).

  6. #6

    Smile thanks

    Cheers kindred and jizaymes, I will ask my network provider what they can do to help.

    Thanks to all,


  7. #7
    Join Date
    Jun 2001
    Chicago, IL
    It depends how its setup physically. If it is subnetted so that each client is on its own network, then no one should be able to steal your ips.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts