Internal (NAT) ip exposed

Discussion in 'LnS English Forum' started by rob400, Jan 30, 2005.

Thread Status:
Not open for further replies.
  1. rob400

    rob400 Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    1
    Hello.
    I have recently began testing lns and am very pleased with it so far. I am running two machines on my network. One machine is using Outpost and the other lns. Both are behind a Linksys router and using cable for internet.
    I am using the enhanced ruleset and have added a few rules for edonkey, printer sharing and torrents,etc.
    I have run both systems at firewall test sites and all tests are good except for one.
    I went to http://www.auditmypc.com/ using the machine that is running lns and I get this warning from the site that my internal NAT ip address is exposed and lists it. 192.168.x.xxx
    This is not present using Outpost.
    How do I mask this using lns?
    Is there a ruleset I need?
    Any help would be greatly appreciated.
    Thanks
     
  2. Xyzzy

    Xyzzy Registered Member

    Joined:
    Jan 11, 2005
    Posts:
    67
    Location:
    Poland
    I would say that the information about your IP is provided by your browser. Outpost has some "privacy" modules that may have blocked this information.
    On the other hand, LnS is not interested in what is inside data packets (it is low level firewall, as opposed to application-level (I think ISO/OSI model here) filtering.

    X.
     
  3. wraider1

    wraider1 Guest

    I am having the same problem, I have three machines two have the exposed internal address one is fine. I cannot fined the diff between the machines. There has to be a setting somewhere. One thing, the machine not giving up its address, it will not view those 360 view cams on the vac rental sites.
     
  4. wraider1

    wraider1 Guest

    if you turn off scripting the IP will not appear
    This is an HTML trick your internal address is not really exposed. Even if they did get your internal adress there is nothing they can do with it. The nat IP address is what talks to the web not the internal IP so there is no internal IP to track on the web.....
     
  5. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Yeah, Xyzzy and wraider1 are right, it seems like trick, maybe to scare people into buying their product.
    If you turn off cookies (in browser, I use Firefox) or deny auditmypc to set a cookie your internal NAT IP adress doesnt show. So I guess you have OP set to not allow cookies? or javascripts.
     
    Last edited: Feb 15, 2005
  6. Frederic

    Frederic LnS Developer

    Joined:
    Jan 9, 2003
    Posts:
    4,354
    Location:
    France
    Hi,

    Is there really a security issue here to have a Web server aware of a non-routable IP ?
    Today, a lots of persons are using routers, so even if this is not detected by a Web server, it could suppose this kind address is used on the remote side.

    Sorry if I missed the point here.

    Frederic
     
  7. metafizik

    metafizik Guest

    I was on that site also and it show my internal IP. I turned off Javascript and went back and there was no mention of the internal IP. As someone else said it's a trick to try to get you to buy their product.
     
  8. david55

    david55 Guest

    Also, I think everybodys internal/wan is 192.168.0.x

    At least it seems that way because all who mention it give the same number.
     
  9. david55

    david55 Guest

    I'm sorry, I meant "LAN".
    Everybodys lan address is the same.
     
  10. I found this forum from a search after experiencing this problem. Sorry if I'm in the wrong place, but RE
    "I went to http://www.auditmypc.com/ using the machine that is running lns and I get this warning from the site that my internal NAT ip address is exposed and lists it. 192.168.x.xxx"

    One note, the internal IP is not exposed on my Windows XP Pro PC's and it is on my Windows 2000 Pro PC's. All PC's are behind a Linksys router and no ports are exposed (1-65535), all PC's have the latest patches and service packs (Windows, McAfee, various blocker sw, etc.), cookies are not the issue and are being blocked, IE advanced settings are as similar as they can be between W2K IE 6.0.28xx and WXP IE 6.0.29xx, W2K PC's all use ZoneAlarm set as secure as I know how to make it.

    I don't care to ponder all the whys and wherefores of this situation as security risk or not, but obviously MS thought it enough of a problem that it doesn't occur in Windows XP Pro sp2.
     
  11. Mousky

    Mousky Guest

    There is no security issue since the web server has absolutely no idea what your Internal IP is. AuditMyPC uses a javascript trick to make people think that because a web page displays the internal IP that everyone on the internet can see their internal IP. Here is some code that will display the contents of the C: drive in your browser (you must have JavaScript enabled for this work):

    <html>
    <head>
    </head>
    <body>
    <script language="javascript">
    if (navigator.appName=="Netscape" && navigator.appVersion.split(".")[0]==4)
    {
    document.write("");
    }
    else
    {
    document.write("Your hard drive.");
    document.write("<p align='left'><iframe src='file:///C:/' height=400 width=600 marginwidth=0 marginheight=0 scrolling=no frameborder=0 vspace=2></iframe></p>");
    }
    </script>

    </body>
    </html>
     
  12. Mike D

    Mike D Guest

    I'm using XP Pro SP2 and auditmypc.com can tell what my internal IP is when using FireFox 1.0.2. But if I switch to Explorer the site can't see my IP. I just think it's strange since Firefox is suposedly so secure !
     
Thread Status:
Not open for further replies.