- Posts: 3
- Thank you received: 0
IPCOP Firewall Audit...
19 years 7 months ago #8103
by ideep
IPCOP Firewall Audit... was created by ideep
Hi Guys,
It’s my very first post.. Hope you’ll get what I’m saying..
I got Ipcop 1.4.5 Firewall and I was just doing a audit to see how strong my firewall is.. I've gone to www.auditmyfirewall.com website and as I did the audit it showed my Internal IP address. I thought IPCOP is NAT enabled and should net be showing my Internal IP address..
Any ideas…
It’s my very first post.. Hope you’ll get what I’m saying..
I got Ipcop 1.4.5 Firewall and I was just doing a audit to see how strong my firewall is.. I've gone to www.auditmyfirewall.com website and as I did the audit it showed my Internal IP address. I thought IPCOP is NAT enabled and should net be showing my Internal IP address..
Any ideas…
19 years 7 months ago #8104
by ideep
Replied by ideep on topic Sorry guys
I meant
www.auditmypc.com
- LooseCannon
- Offline
- Junior Member
Less
More
- Posts: 64
- Thank you received: 0
19 years 7 months ago #8113
by LooseCannon
Replied by LooseCannon on topic Re: IPCOP Firewall Audit...
From what I have read about this site they use a java applet that runs on your computer and displays your internal IP address, just like doing an ipconfig or winipcfg would do. The remote site itself is not actually probing your computer to get this IP address as it would just return your public IP if that was the case. Also, I am pretty sure that the IP is just displayed on your computer because if it was sent back to auditmypc.com a java warning window would appear asking if you wanted to send that information to a potentially unsafe source.
19 years 6 months ago #8116
by nske
Replied by nske on topic Re: IPCOP Firewall Audit...
Well assuming the site would be interested in geting this information, the internal IP address could easily be queried and stored in a cookie via a javascript. Also, if a proxy is used, it is common behaviour to set the "HTTP_X_FORWARDED_FOR" field in the http header, making the internal address directly available through the HTTP server enviromental variables.
19 years 6 months ago #8124
by ideep
Thanks for your reply guys..
As you said LooseCannon "the site use a java applet that runs on my computer and displays my internal IP address" mean they are not really seeing my Ip address... it's just the applet showing the Internal Ip address on the scree.
Bottomline.. No one can see my Internal Ip.. RIGHT
As you said LooseCannon "the site use a java applet that runs on my computer and displays my internal IP address" mean they are not really seeing my Ip address... it's just the applet showing the Internal Ip address on the scree.
Bottomline.. No one can see my Internal Ip.. RIGHT
- cybersorcerer
- Offline
- Senior Member
Less
More
- Posts: 123
- Thank you received: 0
19 years 6 months ago #8278
by cybersorcerer
"He who breaks something to find out what it is, has left the path of wisdom."
Gandalf the Grey
Replied by cybersorcerer on topic Re: IPCOP Firewall Audit...
In the security realm there is no such thing as 0 risk or a 100% guarantee. In the case that nske is right, then you would have to use some more advanced firewalling techniques to prevent a tricky cookie like that from pulling sensitive information on your computer. No firewall in the world can prevent you entirely from the threat of hackers, but it can stop a lot of the immature ones dead in their tracks. My suggestion is even if you have some holes in your system, don't freak, but add an extra layer of security in your defenses and always play it safe on the internet.
Sometimes the addition of strict security can make using a system for pleasure very difficult(try using openBSD as your desktop....) so you have to weigh out the risk factor using some intuitivness and common sense
Sometimes the addition of strict security can make using a system for pleasure very difficult(try using openBSD as your desktop....) so you have to weigh out the risk factor using some intuitivness and common sense
"He who breaks something to find out what it is, has left the path of wisdom."
Gandalf the Grey
Time to create page: 0.128 seconds