- Posts: 24
- Thank you received: 0
Can an external source detect a natted ip address?
19 years 11 months ago #6199
by Greenice
Can an external source detect a natted ip address? was created by Greenice
Hi,
How would it be possible for an external source to detect an internal natted ip address? I recently conducted an online security test at www.auditmypc.com and was informed that my internal natted ip address was somehow exposed. Sure enough, my internal ip address was quoted back to me on the web page. How is this possible?
Cheers,
Greenice.
How would it be possible for an external source to detect an internal natted ip address? I recently conducted an online security test at www.auditmypc.com and was informed that my internal natted ip address was somehow exposed. Sure enough, my internal ip address was quoted back to me on the web page. How is this possible?
Cheers,
Greenice.
19 years 11 months ago #6202
by Greenice
Replied by Greenice on topic Re: Can an external source detect a natted ip address?
After writing my earlier message, I discovered some threads on the net that deal with the question that I raised. It seems that
www.auditmypc.com
uses a java or javascript function to obtain the address. I'm using FireFox 1.0 and if I disable java or javascript, then my internal ip address is no longer 'discovered' by the web site. Having sniffed the TCP traffic, I discovered a HTTP GET call which includes my internal IP address. See below, where xxx is the address. I'm guessing that this is how the internal address is passed to the web server.
GET /audit.asp?a=xxx.xxx.xxx.xxx HTTP/1.1
GET /audit.asp?a=xxx.xxx.xxx.xxx HTTP/1.1
19 years 11 months ago #6203
by sLz
Replied by sLz on topic Re: Can an external source detect a natted ip address?
I guess that is possible as all Web clients hold information which any web-server may grab such as Browser details.
However using server side functions using languages such as PHP and ASP it is possible to obtain your IP that way. Websites such as www.whatismyip.com uses a function and if there's a Transparent Proxy between you and the destination, usually in place by your ISP, to which I know NTL do this, then it shows the Proxy IP. The PHP command:
[code:1]$ip = $_SERVER['REMOTE_ADDR'];[/code:1]
This will place the IP of your system into the variable $ip for printing/echoing - your REAL IP and not any Proxy address.
Hope this gives a little more insight into your question. Thanks.
However using server side functions using languages such as PHP and ASP it is possible to obtain your IP that way. Websites such as www.whatismyip.com uses a function and if there's a Transparent Proxy between you and the destination, usually in place by your ISP, to which I know NTL do this, then it shows the Proxy IP. The PHP command:
[code:1]$ip = $_SERVER['REMOTE_ADDR'];[/code:1]
This will place the IP of your system into the variable $ip for printing/echoing - your REAL IP and not any Proxy address.
Hope this gives a little more insight into your question. Thanks.
19 years 11 months ago #6213
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: Can an external source detect a natted ip address?
Alot of proxy servers will also pass an X-forwarded for header that includes your IP address in the HTTP request. Since you use firefox (good choice !), You can get the extension called 'Live HTTP headers', and see what is being sent by your system.. unfortunately this wouldn't show you what a proxy adds on as that would be upstream of your connection. If you want to do that, find a site that has printenv.pl .. do a google for
inurl:printenv.pl
and it will dump all the values that your HTTP request is passing to the server.
Yes these websites will tell you a lot of stuff using javascript and similar HTTP nonsense...
Cheers,
inurl:printenv.pl
and it will dump all the values that your HTTP request is passing to the server.
Yes these websites will tell you a lot of stuff using javascript and similar HTTP nonsense...
Cheers,
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.124 seconds