Heh, additionally, another good reason to possibly avoid that site like
the plague is when looking at their free spyware removal page, I see the
following line:
'Close your browser and revisit this page. If your SuperCookie ID
changed or is {3300AD50-2C39-46c0-AE0A-000000000000}, then you are safe.
If your SuperCooke did not change, take a look at our security fix.'
Just above it is a form field labeled SuperCookie ID. The value in it is
{3300AD50-2C39-46c0-AE0A-000000000000}
Soooo, what they're telling me is that if I revisit this page and my id
changes or is the same, then I'm safe? WTH?
In the end, just make sure you have a good spyware removal/scanning
tool, a good updated virus scanner, a good firewall (GnatBox of course!)
spam removal tools for your mail server, and a safe web-surfing policy
in your employee manual, and you shouldn't have to worry about scare
tactics sites like these.
> -----Original Message-----
> From: Christopher A. Congdon
> Sent: Thursday, February 10, 2005 13:10
> To: [email protected]
> Subject: RE: [gb-users] Internal ip address exposed?
>
> I found this page that might help show you a little better exactly
what
> is going on if you understand the programming end of websites:
>
> http://reglos.de/myaddress/MyAddress.html
>
>
> Also, looking at that auditmypc page, notice the warning it gives you
> linking you to a 'patch manager' page?
>
> OK now that's weird. I just refreshed the page, and it looks different
> now. My view is now saying (replaced my IP with x's):
>
> 'Our system detects your internal IP address as 192.168.0.161 and your
> external address as xx.xx.xx.xx. Your internal IP should be hidden
> whereas your external is always exposed.'
>
> Again though if you follow the links, they're trying to sell you a
> service.
>
> It is possible to be able to send that information back up to a
server.
> Wouldn't be that hard. Have the client side java program retrieve the
> address, store it in a form variable, then submit the form to a page
on
> the server.
>
> It's just that not much can be done with that info. Because of the way
> NAT (and the GnatBox) works, it is just impossible for anything to
route
> back to you through the 'Net.
>
> In all honesty, I'd block that particular website from being
accessible.
> I get a little leary when I see things like "This information is not
> intended to scare, but to make you aware!" And when they use this
tactic
> to try to sell you a service, well, that just earns them a block on my
> firewall.
>
> Chris
>
> > -----Original Message-----
> > From: david raistrick [mailto:[EMAIL PROTECTED]
> > Sent: Thursday, February 10, 2005 12:52
> > To: Randy Haley
> > Cc: [email protected]
> > Subject: Re: [gb-users] Internal ip address exposed?
> >
> > On Thu, 10 Feb 2005, Randy Haley wrote:
> >
> > > One of my users went to a web site:
> > > http://www.auditmypc.com/internet-speed-test.asp?0.406
> > >
> > > He was concerned that it detected his internal ip address.
> >
> >
> > The website in question executes a Java applet on your computer.
The
> Java
> > applet is then looking at your computers network configuration, and
> > displaying it on the screen.
> >
> >
> > Removing the Java plugin, or disabling the browsers ability to use
the
> > plugin, would prevent this applet from running.
> >
> >
> > --
> > David Raistrick
> > Systems Administrator - Global Technology Associates, Inc
> > [EMAIL PROTECTED]
> > Disclaimer: All opinions expressed are the opinions of
> > David Raistrick, not necessarily those of GTA, Inc.
> >
> > ------------------------------------------------------
> > To unsubscribe: [EMAIL PROTECTED]
> > For additional commands: [EMAIL PROTECTED]
> > Archive: http://archives.gnatbox.com/gb-users/
>
> ------------------------------------------------------
> To unsubscribe: [EMAIL PROTECTED]
> For additional commands: [EMAIL PROTECTED]
> Archive: http://archives.gnatbox.com/gb-users/
------------------------------------------------------
To unsubscribe: [EMAIL PROTECTED]
For additional commands: [EMAIL PROTECTED]
Archive: http://archives.gnatbox.com/gb-users/
