From: Mike '/m' 

OK, so I didn't read the entire thread before I replied.  :-)

 /m

On Wed, 09 Mar 2005 21:03:30 +0100, "Thees Peereboom"
 wrote:

>Bob,
>
>Moreover - your internal, non-routeable IPaddress is in every email you
>send.
>
>- Thees Peereboom
>
>On Wed, 9 Mar 2005 11:22:40 -0500, Robert Comer
> wrote:
>
>>> It uses a Java applet to determine your local IP address. No Java, no
>>> address.
>>
>> I have Java, so that's definitely not what it did here.
>>
>>> I don't see how exposing a local, but unreachable, IP address is a
>>> vulnerability. I also don't see any need for Java. Problem solved.
>>
>> For the most part it's safe to know the internal IP address, it's only a
>> problem if someone cracks your gateway, but then your network is his
>> anyway
>> if that's the case. 
>>
>> As for Java, I use sever things that are Java only, so I don't have a
>> choice. (nor am I afraid of using it...)
>>
>> - Bob Comer
>>
>>
>> "Paul Ranson"  wrote in message
>> news:422f20a5$1{at}w3.nls.net...
>>> It uses a Java applet to determine your local IP address. No Java, no
>>> address.
>>>
>>> The applet posts the local address back to the server, so now they know
>>> too.
>>>
>>> I don't see how exposing a local, but unreachable, IP address is a
>>> vulnerability. I also don't see any need for Java. Problem solved.
>>>
>>> Paul
>>>
>>> "Robert Comer"
 wrote in message
>>> news:422f0de9{at}w3.nls.net...
>>>> It doesn't show my internal IP address, it just shows my router's
>>>> external IP address.
>>>>
>>>> - Bob Comer
>>>>
>>>> "Gregg N"  wrote in message
>>>> news:Xns9614AF6BC6B6gregginvalidinvalid{at}216.144.1.254...
>>>>> Could someone behind a NAT firewall visit this site
and see if it
>>>>> reveals
>>>>> your private (192.168.x.x) IP address? It shows mine
(both IE and FF),
>>>>> but
>>>>> I haven't investigated to see if it is actually
revealing a security
>>>>> vulnerability. I suspect the address is being
generated and displayed
>>>>> locally by whatever script is running on the page.
>>>>>
>>>>> http://www.auditmypc.com/whats-my-ip.asp
>>>>>
>>>>> Gregg
>>>>
>>>>
>>>
>>>
>>
>>

--- BBBS/NT v4.01 Flag-5