Here is a little more data - They are not only using Java, but also ActiveX. If you set IE to prompt for both, you can get varied results by allowing one but not the other.
The scripts are the source for the data capture; so WTH are they using AX for??? I can say yes to all the scripts and no to the AX and it still gives me the data in question. Odd indeed! Danny -----Original Message----- From: Christopher A. Congdon [mailto:[EMAIL PROTECTED] Sent: Thursday, February 10, 2005 10:16 AM To: [email protected] Subject: RE: [gb-users] Internal ip address exposed? Heh, additionally, another good reason to possibly avoid that site like the plague is when looking at their free spyware removal page, I see the following line: 'Close your browser and revisit this page. If your SuperCookie ID changed or is {3300AD50-2C39-46c0-AE0A-000000000000}, then you are safe. If your SuperCooke did not change, take a look at our security fix.' Just above it is a form field labeled SuperCookie ID. The value in it is {3300AD50-2C39-46c0-AE0A-000000000000} Soooo, what they're telling me is that if I revisit this page and my id changes or is the same, then I'm safe? WTH? In the end, just make sure you have a good spyware removal/scanning tool, a good updated virus scanner, a good firewall (GnatBox of course!) spam removal tools for your mail server, and a safe web-surfing policy in your employee manual, and you shouldn't have to worry about scare tactics sites like these. > -----Original Message----- > From: Christopher A. Congdon > Sent: Thursday, February 10, 2005 13:10 > To: [email protected] > Subject: RE: [gb-users] Internal ip address exposed? > > I found this page that might help show you a little better exactly what > is going on if you understand the programming end of websites: > > http://reglos.de/myaddress/MyAddress.html > > > Also, looking at that auditmypc page, notice the warning it gives you > linking you to a 'patch manager' page? > > OK now that's weird. I just refreshed the page, and it looks different > now. My view is now saying (replaced my IP with x's): > > 'Our system detects your internal IP address as 192.168.0.161 and your > external address as xx.xx.xx.xx. Your internal IP should be hidden > whereas your external is always exposed.' > > Again though if you follow the links, they're trying to sell you a > service. > > It is possible to be able to send that information back up to a server. > Wouldn't be that hard. Have the client side java program retrieve the > address, store it in a form variable, then submit the form to a page on > the server. > > It's just that not much can be done with that info. Because of the way > NAT (and the GnatBox) works, it is just impossible for anything to route > back to you through the 'Net. > > In all honesty, I'd block that particular website from being accessible. > I get a little leary when I see things like "This information is not > intended to scare, but to make you aware!" And when they use this tactic > to try to sell you a service, well, that just earns them a block on my > firewall. > > Chris > > > -----Original Message----- > > From: david raistrick [mailto:[EMAIL PROTECTED] > > Sent: Thursday, February 10, 2005 12:52 > > To: Randy Haley > > Cc: [email protected] > > Subject: Re: [gb-users] Internal ip address exposed? > > > > On Thu, 10 Feb 2005, Randy Haley wrote: > > > > > One of my users went to a web site: > > > http://www.auditmypc.com/internet-speed-test.asp?0.406 > > > > > > He was concerned that it detected his internal ip address. > > > > > > The website in question executes a Java applet on your computer. The > Java > > applet is then looking at your computers network configuration, and > > displaying it on the screen. > > > > > > Removing the Java plugin, or disabling the browsers ability to use the > > plugin, would prevent this applet from running. > > > > > > -- > > David Raistrick > > Systems Administrator - Global Technology Associates, Inc > > [EMAIL PROTECTED] > > Disclaimer: All opinions expressed are the opinions of > > David Raistrick, not necessarily those of GTA, Inc. > > > > ------------------------------------------------------ > > To unsubscribe: [EMAIL PROTECTED] > > For additional commands: [EMAIL PROTECTED] > > Archive: http://archives.gnatbox.com/gb-users/ > > ------------------------------------------------------ > To unsubscribe: [EMAIL PROTECTED] > For additional commands: [EMAIL PROTECTED] > Archive: http://archives.gnatbox.com/gb-users/ ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/ ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/
