From: Ellen K. 

Ah.

OK.   :)

On Sun, 27 Mar 2005 19:03:59 -0500, "Rich Gauszka"
 wrote in message :

>Yes and no. While there are a few more features in the 'pro' version the
>problem in this case was that the 'pro' version had some additional
>predefined rules that covered Java.  I was able to add them to the 'free'
>version .
>
>
>"Ellen K." 
wrote in message
>news:rage41p4l6vbt7krcpdqf5p43mba3u63jv{at}4ax.com...
>> Looks like another case of "You get what you pay for." ?
>>
>> On Wed, 9 Mar 2005 11:27:38 -0500, "Rich Gauszka"

>> wrote in message :
>>
>>>I have Java on all three PCs I tested yet only the laptop was exposed. I
>>>switched the laptop from ZoneAlarmFree to ZoneAlarmPro and tested again
>>>with
>>>no exposure.
>>>
>>>
>>>"Paul Ranson"  wrote in message
>>>news:422f20a5$1{at}w3.nls.net...
>>>> It uses a Java applet to determine your local IP address.
No Java, no
>>>> address.
>>>>
>>>> The applet posts the local address back to the server, so
now they know
>>>> too.
>>>>
>>>> I don't see how exposing a local, but unreachable, IP address is a
>>>> vulnerability. I also don't see any need for Java. Problem solved.
>>>>
>>>> Paul
>>>>
>>>> "Robert Comer"
 wrote in message
>>>> news:422f0de9{at}w3.nls.net...
>>>>> It doesn't show my internal IP address, it just shows
my router's
>>>>> external IP address.
>>>>>
>>>>> - Bob Comer
>>>>>
>>>>> "Gregg N" 
wrote in message
>>>>> news:Xns9614AF6BC6B6gregginvalidinvalid{at}216.144.1.254...
>>>>>> Could someone behind a NAT firewall visit this
site and see if it
>>>>>> reveals
>>>>>> your private (192.168.x.x) IP address? It shows
mine (both IE and FF),
>>>>>> but
>>>>>> I haven't investigated to see if it is actually
revealing a security
>>>>>> vulnerability. I suspect the address is being
generated and displayed
>>>>>> locally by whatever script is running on the page.
>>>>>>
>>>>>> http://www.auditmypc.com/whats-my-ip.asp
>>>>>>
>>>>>> Gregg
>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>

--- BBBS/NT v4.01 Flag-5