Reveal your IP!

Discussion in 'other software & services' started by Zhen-Xjell, Jun 10, 2002.

Thread Status:
Not open for further replies.
  1. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    Ok, I have put together a script last night which shows your IP and the IP of your remote proxy if one is used.  Some folks tested it and reported back that it didn't get their actual IP... so, how do you guys make out?

    http://www.computercops.biz/modules.php?name=Reveal_IP

    I'd like to get a script down pat where it can reveal your actual IP no matter how many proxies you go through... of course, if that information is not passed in the Header, then I don't know an easy way to get it.

    Comments?
     
  2. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    ZX - Why on earth would you want to perfect something like that?

    Isn't the whole point of people trying to hide their IP kind of diametrically opposite of what you're doing?

    IOW, huh? Pete
     
  3. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    I was thinking the EXACT same thing as I was reading what you were doing. WHY do you want to do that? My only guess, and please tell me I'm correct, was to put it on your site so people could test to see whether their attempts at anonymizing were actually working?

    John
     
  4. snowman

    snowman Guest

         Zhen

        Lol  I just got to go with Spy1 and Lov2.....an ask what are you doing Zhen.......LOL    

       actually I can see where you may have a point....but in all honesty other than for checking to make sure its actually your correct ip being tested during a port scan...would such a script have other purposes?  

        Zhen great job you are doing on your site.

                                 snowman
     
  5. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    That's precisely it... I want to get the script fine tuned as much as possible so this way you can know if your IP is able to be tracked or not.  Its not like I'm sending that data to a third company or something, whatever you guys do on my site stays there.. see the AUP.

    There are sites out there that try to tell you your IP.. but not all of them even look at things like X-FORWARDED-FOR.  That's where I step in.. I want to look at all possible things and let you know if I'm able to grab the info.. because if I can grab it, then someone else can too.

    So.. I'm trying to help you guys perfect your privacy!
     
  6. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    Now.....it's clear to me. Can actually be very useful in that respect.

    Good work!

    By the way, I agree with Snowman, your site is looking great!

    John
    Luv2BSecure
     
  7. UNICRON

    UNICRON Technical Expert

    Joined:
    Feb 14, 2002
    Posts:
    1,935
    Location:
    Nanaimo BC Canada
    how much does double click pay you per verified IP?


    ;)  jk
     
  8. luv2bsecure

    luv2bsecure Infrequent Poster

    Joined:
    Feb 9, 2002
    Posts:
    713
    I forgot you asked for test reports!

    Using a proxy, it reported only the proxy address.

    John
     
  9. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    Ok.. it seems that script is going to do the best it can as-is.  Some proxies, as you know, don't forward the actual requesters IP... so I can't get it.

    The only way to get it then is to run a client-side script... which common sense dictates if someone is using a high anon proxy, they more likely than not are blocking any scripting.. although.. ;)
     
  10. Prince_Serendip

    Prince_Serendip Registered Member

    Joined:
    Apr 8, 2002
    Posts:
    819
    Location:
    Canada
    I haven't used your link yet. I already know my IP and the one my ISP uses. I got this from actually reading the Alerts List in VisualZone from the ZoneAlarm Log File. Easy. I might try the link anyway to see if it's accurate. I'll let you know the results. ;)
     
  11. Prince_Serendip

    Prince_Serendip Registered Member

    Joined:
    Apr 8, 2002
    Posts:
    819
    Location:
    Canada
    I don't use a proxy. My browser and OS are cloaked so all it showed was my IP. Works good.
     
  12. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    Ok, thanks!
     
  13. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Don't understand what you're trying to do here, ZX. If I don't use a remote proxy, then I expect you to see my IP address - there's no point talking to you unless you can reply to me. If I use a remote proxy, then I expect you won't see my IP address, otherwise you'll bypass my proxy in your replies.

    I don't get it, unless this is a test to see whether or not my proxy anonymises me. o_O
     
  14. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    That's precisely it. Althought in talking to someone at grc, I may employ a client side script to obtain the IP in Reveal Your IP as well. Now note that this kind of tool it really nothing for experts, but for the casual surfer, it helps.
     
  15. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Paul, it's not my intention to be critical, but aren't you reinventing the wheel? (Glyph of me looking puzzled.)
     
  16. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    Well.. yes you can say that. Many sites do that already, but mine didn't.. does that make it wrong?
     
  17. Prince_Serendip

    Prince_Serendip Registered Member

    Joined:
    Apr 8, 2002
    Posts:
    819
    Location:
    Canada
    ;)Why not? Maybe his wheel will be better. You know. Smoother ride, better tread wear, nicer hub caps. Oooh, shiny! That's progress.
     
  18. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Not at all. In fact, you might consider building in recognition that the IP is anonymised (ie from known services) if possible. Just a thought....
     
  19. ht

    ht Registered Member

    Joined:
    Mar 19, 2002
    Posts:
    5
    Location:
    Black Forest
    Knock-Knock

    Who's that?!?

    No, really...

    Who wanna know?

    You first

    Nobody.

    Nobody who?

    Nobody home.

    what?

    yes, honest!

    what d'you talkin' about

    depends.

    depends on what?

    depends on who wants to know.

    ME!

    that's what I thought. ME's at this end, too!

    which version?

    MSIE

    oh, ok...

    well, at least that's what Opera pretends...

    Opera? what's Opera?

    a program that pretends to be MSIE

    oh.... :-(

    well...?!?

    ...never mind!


    [posted via the PREVIEW feature]
     
  20. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    You have to...er...preview very quickly I think.

    (Hey! It's not just me!)

    Weird, on an old 95 box, preview works! I'm using XP - any coincidence here?
     
  21. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
     
  22. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    "If a man stands in a forest and there is no-one to hear him, can the British Government record every email and still prosecute him?"

    Just trying to be as enigmatic as yourself, ZX. :(
     
  23. bubs

    bubs Registered Member

    Joined:
    Apr 28, 2002
    Posts:
    106
    Location:
    Suffolk, England
    Checkout:
    Record every email - looks like it! :mad:

    Prosecute him - not while I have a bone unbroken in my body! (And Cherie Booth is around to play games with the ECHR - how inconvenient for hubby! :D)
     
  24. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    If only this was true.
     
  25. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    :D Beat that.. I thought I replied correctly, guess I didn't. Now I don't recall what I was going to say.
     
Loading...
Thread Status:
Not open for further replies.