Router firewall? VPN

I have personally never seen on any of my setups the windows firewall fail to start, or get disabled unintentionally or by viri.
Of course precautions would be in place to help prevent such events

 

Victek123 - just for understanding:
I'm behind a NAT router and assumed that the private ips of my boxes were hidden. Tonight I went to the JonDos.de anonymity test page and my internal ip is listed. I thought only the router's public ip would be shown.

Why is this?

Thanks in advance

philby

 

There's no "hiding" anyways. Your router's WAN-side ip is known by your ISP, so they can always find where you've been, so to speak, unless you use an anonymizing proxy. Just don't do anything illegal and you have nothing to worry about

 

Hey YeOldeStonecat:

I like the term "tin foil hat sites" with your permission of course can I use it

Seriously, your post hints at a list/ links to good technical sites so can you provide your list? I for one am always open to good techical sources ?

 

Hi,

I have just checked the site. I connected from a PC behind my gateway(PC), only my public IP shows.

I am not sure what the actual test does as it is over HTTPS.


- Stem

 

.
I just tried it and the test only sees my public IP. Have you gone through your router's settings?

 

Interesting, or possibly alarming...?

The private IP only comes up on one of three machines (Toshiba notebook). I have a Dell d/t and an old HP notebook as well and, if I run the test from these, only my public IP is shown.

I'm only running Prevx 3 on the Toshiba, while the other two machines have ESS on board. Could this be related?

I have a Netgear DG834GT set as follows:

• SSID hidden
• DHCP off
• The three machines behind the router each have a fixed private IP and only these three are allowed in the router ip-range settings
• OpenDNS servers are set
• The boxes' MAC addresses have been listed under MAC address filtering
• Router Firewall is on

I think I must be missing something...

Thanks for responding, by the way.

philby

 

OK, I've found that the private 192 IP is only shown using Opera on the Toshiba.

The Anontest states that having Java enabled affects anonymity.

Both Java script and Java are enabled in Opera 10 by default, so is this a bad thing, given that my internal IP can be read?

Thanks again

philby

 

Well, I'm subscribing to find out the answer myself. I tried what you did, Philby, and it also revealed my private IP. I've only tested one machine of the six I have running. This machine is wired behind a Netgear FVS318 router.

I won't get into settings details right now unless someone asks but I do want to know, like you, if this is a real or potential problem.

 

Thanks for confirming the 'issue' - I wasn't sure if I'd overlooked something.

Does it only happen in Opera?

philby

 

I was using IE7 when it got mine.

 

It gets weirder...

In Opera:
I have Java enabled
Anontest confirms Java is enabled
Private IP is shown

In IE7:
I have Java enabled
Anontest says Java is not enabled
Private IP is not shown

I don't get this at all.

More importantly, I'd really like to know the risk of having a readable private IP.

philby

 

@ Philby

Someone more qualified should comment as I haven't had time to research it but, IIRC, these private address blocks are reserved by IANA and are NOT "addressable" from outside of your LAN.

Exactly how that prevents knowledge of your private IP being useful to an intruder/hacker/criminal, I'm not sure but it not being "addressable" seems like a good start.


P.S. I spent some time earlier today going through my router logs. Most of the suspicious data dropped by my router, according to a whois lookup, came from IP addresses originating in the People's Republic of China, usually blocks assigned to one institution or another - they seem to be just hammering away at me. I guess that's not really news to those in the know. I was curious to see who's been knocking at my door, or rattling the knob at least, anyways.

 

Thanks for that - mind more at ease now but still perplexed...

philby

 

Ah, I was composing the postscript to my prior post as you posted.

 

The internal ip address is not, afaik, routable. My internal and router's WAN-side ip addresses display on that JonDos site. Java is enabled in IE7 so as expected the "java trick" aids to display the internal ip. The router's is difficult to hide unless you use an anonymizing serivce. It is this such service JonDos is trying to sell you. That's all it is, so nothing to be concerned about. They are using scare tactics in hopes of reeling in fish. If you are a Joe Average everyday surfer, you don't need it.

 

Thank you.

Thinking about what you said, I'm now wondering why it's my machine's private IP + the Wan-side IP that are showing up.
Shouldn't it be, at worst, the router's IP / default gateway + the Wan side IP?

Excuse ignorance.

philby

 

No worries. Few of us understand this stuff thoroughly, including myself. Try this:

Start-> Run -> type in "cmd" (without the quotes), then hit <Enter> key.

type: "ipconfig /all" (without quotes) <Enter>. You will see a story regarding the status of your Windows ip configuration and your Local area connection.

You should see that your default gateway is your router's LAN-side ip address of 192.168.0or1.1. The default gateway for your router's WAN-side ip address will not be shown here but you can probably find it in your router's config menu somewhere, probably under the "Status" tab, and it will be that of your ISP's server your modem is connected to. The "Physical address" is a unique 6 octet address built into your network adapter card that is a hardware identifier.

Of course you will also see your machine's internal ip address assigned to it by the router, the DHCP server address (should also be 192.168.0/1.1) and the DNS server ip address(es); this could also be 192.168.0/1.1 if your router is setup with DNS relay or your ISP's (probably two of them). That's most of what you'll see and there's other minor info as well.

Your internal ip address shows because of a java 'trick", of which I really don't know how it works, but if you disable Java your surfing experience will become exceedingly boring because a lot of site content needs Java enabled to display properly, though you could enable it on a per site basis, but this is cumbersome and time-consuming to do. I don't believe the remote host can "see" this internal ip address. Only you can see it but it doesn't really matter because your router's WAN-side ip address is visible, especially to your ISP so that is why earlier I stated there is no hiding. The anonymizing software can probably do a lot to mask your surfing habits, but unless you are dealing in espionage or other ilicit activity punishable by the FBI and something that will make headlines, there is no need for it.

You could surf using an alternative browser or at least keep IE fully patched. If your surfing habits are that of the average person, you should have nothing to worry about regarding anyone spying on you. The router, even a home unit, is an excellent addition to a computer's security arsenal.

 

Thanks wat0114.

philby