- Posts: 5
- Thank you received: 0
How is private non-routable ip address visible on site scan?
18 years 9 months ago #13081
by Logan
I went to this website auditmypc.com/free-spyware-removal.asp and it was able to tell me my private internal ip address (192.168.2.3). If I'm hidden behind a router with a public routable ip on its outside interface, how was it able to see my private non-routable ip? Is this something I should be concerned with security-wise?
Thank you
Thank you
- Dead-Neur0ns
- Offline
- New Member
-
Less
More
- Posts: 16
- Thank you received: 0
18 years 9 months ago #13098
by Dead-Neur0ns
<= IИse©u®ity Is A ®esult Of T®ying To Be Se©u®e =>
Replied by Dead-Neur0ns on topic Re: How is private non-routable ip address visible on site scan?
I did visit auditmypc.com and as you have mentioned it displayed my private ip address.
I was curious to see how auditmypc.com is able to get the private IP address. This is what I've found.
When you visit the website and click on the link free-spyware-removal.asp, this is what is happening.
It is installing ActiveX programs also known as drive-by installations that is automatically downloaded to your computer, often without your knowledge or consent. Unlike a pop-up download, which asks for assent, a drive-by download is carried out invisibly: it can be initiated by simply visiting a Web site or viewing an HTML e-mail message.
To cure this, I added auditmypc.com into Restricted Zone and what it did was to change the security settings to high and also most importantly disabled downloading of signed, unsigned active x controls and also active x scripting.
Then I went back to auditmypc.com and clicked on the free-spyware-removal.asp link and boom NO MORE DISPLAY of Private IP Address.
The one thing I hated the most is whoever is running auditmypc.com does not even have the decency to let the user have a knowledge that they are indeed installing active x scripts. I wish they would atleast ask for the user consent.
Anyhow, I hope this would ease your paranoia.
I was curious to see how auditmypc.com is able to get the private IP address. This is what I've found.
When you visit the website and click on the link free-spyware-removal.asp, this is what is happening.
It is installing ActiveX programs also known as drive-by installations that is automatically downloaded to your computer, often without your knowledge or consent. Unlike a pop-up download, which asks for assent, a drive-by download is carried out invisibly: it can be initiated by simply visiting a Web site or viewing an HTML e-mail message.
To cure this, I added auditmypc.com into Restricted Zone and what it did was to change the security settings to high and also most importantly disabled downloading of signed, unsigned active x controls and also active x scripting.
Then I went back to auditmypc.com and clicked on the free-spyware-removal.asp link and boom NO MORE DISPLAY of Private IP Address.
The one thing I hated the most is whoever is running auditmypc.com does not even have the decency to let the user have a knowledge that they are indeed installing active x scripts. I wish they would atleast ask for the user consent.
Anyhow, I hope this would ease your paranoia.
<= IИse©u®ity Is A ®esult Of T®ying To Be Se©u®e =>
18 years 9 months ago #13194
by Logan
Replied by Logan on topic Re: How is private non-routable ip address visible on site scan?
Thanks a lot for the detailed response and investigative reporting. You answered my question perfectly.
Time to create page: 0.117 seconds