How would it be possible for an external source to detect an internal natted ip address? I recently conducted an online security test at
and was informed that my internal natted ip address was somehow exposed. Sure enough, my internal ip address was quoted back to me on the web page. How is this possible?
After writing my earlier message, I discovered some threads on the net that deal with the question that I raised. It seems that
I guess that is possible as all Web clients hold information which any web-server may grab such as Browser details.
However using server side functions using languages such as PHP and ASP it is possible to obtain your IP that way. Websites such as
uses a function and if there's a Transparent Proxy between you and the destination, usually in place by your ISP, to which I know NTL do this, then it shows the Proxy IP. The PHP command:
[code:1]$ip = $_SERVER['REMOTE_ADDR'];[/code:1]
This will place the IP of your system into the variable $ip for printing/echoing - your REAL IP and not any Proxy address.
Hope this gives a little more insight into your question. Thanks.
Alot of proxy servers will also pass an X-forwarded for header that includes your IP address in the HTTP request. Since you use firefox (good choice !), You can get the extension called 'Live HTTP headers', and see what is being sent by your system.. unfortunately this wouldn't show you what a proxy adds on as that would be upstream of your connection. If you want to do that, find a site that has printenv.pl .. do a google for
and it will dump all the values that your HTTP request is passing to the server.