Skip to main content

IPCOP Firewall Audit...

More
19 years 7 months ago #8103 by ideep
Hi Guys,

It’s my very first post.. Hope you’ll get what I’m saying..
I got Ipcop 1.4.5 Firewall and I was just doing a audit to see how strong my firewall is.. I've gone to www.auditmyfirewall.com website and as I did the audit it showed my Internal IP address. I thought IPCOP is NAT enabled and should net be showing my Internal IP address..

Any ideas…
:(
More
19 years 7 months ago #8104 by ideep
Replied by ideep on topic Sorry guys
More
19 years 7 months ago #8113 by LooseCannon
From what I have read about this site they use a java applet that runs on your computer and displays your internal IP address, just like doing an ipconfig or winipcfg would do. The remote site itself is not actually probing your computer to get this IP address as it would just return your public IP if that was the case. Also, I am pretty sure that the IP is just displayed on your computer because if it was sent back to auditmypc.com a java warning window would appear asking if you wanted to send that information to a potentially unsafe source.
More
19 years 6 months ago #8116 by nske
Replied by nske on topic Re: IPCOP Firewall Audit...
Well assuming the site would be interested in geting this information, the internal IP address could easily be queried and stored in a cookie via a javascript. Also, if a proxy is used, it is common behaviour to set the "HTTP_X_FORWARDED_FOR" field in the http header, making the internal address directly available through the HTTP server enviromental variables. ;)
More
19 years 6 months ago #8124 by ideep
Replied by ideep on topic Re
Thanks for your reply guys..
As you said LooseCannon "the site use a java applet that runs on my computer and displays my internal IP address" mean they are not really seeing my Ip address... it's just the applet showing the Internal Ip address on the scree.

Bottomline.. No one can see my Internal Ip.. RIGHT :D
More
19 years 6 months ago #8278 by cybersorcerer
In the security realm there is no such thing as 0 risk or a 100% guarantee. In the case that nske is right, then you would have to use some more advanced firewalling techniques to prevent a tricky cookie like that from pulling sensitive information on your computer. No firewall in the world can prevent you entirely from the threat of hackers, but it can stop a lot of the immature ones dead in their tracks. My suggestion is even if you have some holes in your system, don't freak, but add an extra layer of security in your defenses and always play it safe on the internet.

Sometimes the addition of strict security can make using a system for pleasure very difficult(try using openBSD as your desktop....) so you have to weigh out the risk factor using some intuitivness and common sense

"He who breaks something to find out what it is, has left the path of wisdom."

Gandalf the Grey
Time to create page: 0.128 seconds