Skip to main content

How is private non-routable ip address visible on site scan?

More
18 years 10 months ago #13081 by Logan
I went to this website auditmypc.com/free-spyware-removal.asp and it was able to tell me my private internal ip address (192.168.2.3). If I'm hidden behind a router with a public routable ip on its outside interface, how was it able to see my private non-routable ip? Is this something I should be concerned with security-wise?

Thank you
More
18 years 10 months ago #13098 by Dead-Neur0ns
I did visit auditmypc.com and as you have mentioned it displayed my private ip address.

I was curious to see how auditmypc.com is able to get the private IP address. This is what I've found.

When you visit the website and click on the link free-spyware-removal.asp, this is what is happening.

It is installing ActiveX programs also known as drive-by installations that is automatically downloaded to your computer, often without your knowledge or consent. Unlike a pop-up download, which asks for assent, a drive-by download is carried out invisibly: it can be initiated by simply visiting a Web site or viewing an HTML e-mail message.

To cure this, I added auditmypc.com into Restricted Zone and what it did was to change the security settings to high and also most importantly disabled downloading of signed, unsigned active x controls and also active x scripting.

Then I went back to auditmypc.com and clicked on the free-spyware-removal.asp link and boom NO MORE DISPLAY of Private IP Address.

The one thing I hated the most is whoever is running auditmypc.com does not even have the decency to let the user have a knowledge that they are indeed installing active x scripts. I wish they would atleast ask for the user consent.

Anyhow, I hope this would ease your paranoia.

<= IИse©u®ity Is A ®esult Of T®ying To Be Se©u®e =>
More
18 years 10 months ago #13194 by Logan
Thanks a lot for the detailed response and investigative reporting. You answered my question perfectly.
Time to create page: 0.134 seconds