Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: How is private non-routable ip address visible on site scan?

How is private non-routable ip address visible on site scan? 10 years 9 months ago #13081

  • Logan
  • Logan's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
I went to this website auditmypc.com/free-spyware-removal.asp and it was able to tell me my private internal ip address (192.168.2.3). If I'm hidden behind a router with a public routable ip on its outside interface, how was it able to see my private non-routable ip? Is this something I should be concerned with security-wise?

Thank you
The administrator has disabled public write access.

Re: How is private non-routable ip address visible on site scan? 10 years 9 months ago #13098

I did visit auditmypc.com and as you have mentioned it displayed my private ip address.

I was curious to see how auditmypc.com is able to get the private IP address. This is what I've found.

When you visit the website and click on the link free-spyware-removal.asp, this is what is happening.

It is installing ActiveX programs also known as drive-by installations that is automatically downloaded to your computer, often without your knowledge or consent. Unlike a pop-up download, which asks for assent, a drive-by download is carried out invisibly: it can be initiated by simply visiting a Web site or viewing an HTML e-mail message.

To cure this, I added auditmypc.com into Restricted Zone and what it did was to change the security settings to high and also most importantly disabled downloading of signed, unsigned active x controls and also active x scripting.

Then I went back to auditmypc.com and clicked on the free-spyware-removal.asp link and boom NO MORE DISPLAY of Private IP Address.

The one thing I hated the most is whoever is running auditmypc.com does not even have the decency to let the user have a knowledge that they are indeed installing active x scripts. I wish they would atleast ask for the user consent.

Anyhow, I hope this would ease your paranoia.
<= IИse©u®ity Is A ®esult Of T®ying To Be Se©u®e =>
The administrator has disabled public write access.

Re: How is private non-routable ip address visible on site scan? 10 years 9 months ago #13194

  • Logan
  • Logan's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
Thanks a lot for the detailed response and investigative reporting. You answered my question perfectly.
The administrator has disabled public write access.
Time to create page: 0.079 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup