I can see my Internal IP !!

Discussion in 'ESET Smart Security' started by MasterTB, Jun 23, 2009.

Thread Status:
Not open for further replies.
  1. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    Hello; I'm using ESS v4 -latest version- and recently, testing the new firewall module I came across something weird, I was browsing for tests to challenge the firewall and here: http://www.whatsmyip.org/more/ I could see my internal IP address when I requested more info about my machine...
    How is that possible, isn't ESS supposed to block that kind of info?

    I'm sitting behind a tplink router which has firewall and is set to block any incoming connections.
     
  2. cqpreson

    cqpreson Registered Member

    Joined:
    May 18, 2009
    Posts:
    348
    Location:
    China
    In my view,this is a normal phenomenon.Because when you click this website,you will send a packet which requests for the information of the website.Your packets including IP address and MAC is in this packet.So the website knows your IP and you can see your IP.
     
    Last edited: Jun 23, 2009
  3. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    disable java and javascript and try again
     
  4. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    According to ShieldsUP my browser headers are clean, but you where right, even though I use Opera and it does not have java, disabling sripts put the WhatsMyIP page on a halt and didn't reveal my internal IP.
    What's up with that and how come there is no warning about it anywhere?

    And why does ESS not prevent it? Isn't the firewall supposed to block or hide your internal IP from the web?
     
  5. cqpreson

    cqpreson Registered Member

    Joined:
    May 18, 2009
    Posts:
    348
    Location:
    China
    The internal IP is only shown to you.Anyone else can't see it.
     
  6. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,878
    Location:
    New England
    Right. There are two pieces of code on that webpage that make it display your IP address to you. One JavaScript and one Java applet...

    Code:
    <span id="localip">Checking...</span>
    <script>
    function MyAddress(IP)
    { document.getElementById("localip").innerHTML = IP; } 
    </script>
    <applet code="MyAddress.class" MAYSCRIPT width=0 height=0>
    Sorry You Need Java For This To Work
    </applet>
    The information leak here is not on the part of a software firewall. It's the allowing of JavaScript and/or Java to run in your brower, sourced from the remote website. Once you allow that, it's game over for anything that JavaScript or Java can access and communicate.
     
  7. MasterTB

    MasterTB Registered Member

    Joined:
    Jun 19, 2007
    Posts:
    547
    Location:
    Paran?, Argentina
    So basically I have to disable Java or JavaScript unless it is absolutely necessary on a website basis? or otherwise I'm compromising that any web page with this kind of code can find out?
    IS there no other way to block software running in my machine to know or divulge my internal IP? even if it is dynamically set by the DHCP server on my router?

    Thanks.
     
  8. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    yes, you should only enable scripting for the sites you trust. there is a widget for opera which allows quick enabling/disabling
    see what else scripting, which is only bad in hands of bad persons, can reveal
    http://browserspy.dk/
     
  9. BlackMagic

    BlackMagic Registered Member

    Joined:
    Aug 9, 2009
    Posts:
    1
    Cudni: What are those widgets names? I can't find such kind. :( Thanks.
     
  10. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    Hello BlackMagic

    I don't use a widget but control Javascript through F12 in Opera.

    For example, if I go to the site Cudni linked and click IP Address (menu column on left), my private IP address is shown.

    If I then F12 > uncheck enable javascript or uncheck enable java and refresh the page, my private IP address is no longer shown.

    I have both java and javascript off and allow whichever of them seems to be required on a per site basis, again using F12, > Edit site preferences.

    A bit about the difference between them here.

    philby
     
    Last edited: Aug 9, 2009
Thread Status:
Not open for further replies.