From: "Robert Comer" 

I don't see how it would be a problem, it's a non routable address, so ...

My IP address isn't in my email, do you run your own mail server?

- Bob Comer


"Mike '/m'"  wrote in message
news:ekvu21pu6e0r543ii9objs03iq3mra77hk{at}4ax.com...
>
> My internal IP address is in every email header I send, and newgroup
> posting,
> and....   I don't consider it to be a security problem if it is viewable.
>
> /m
>
> On Wed, 9 Mar 2005 11:22:40 -0500, "Robert Comer"
>  wrote:
>
>>> It uses a Java applet to determine your local IP address. No Java, no
>>> address.
>>
>>I have Java, so that's definitely not what it did here.
>>
>>> I don't see how exposing a local, but unreachable, IP address is a
>>> vulnerability. I also don't see any need for Java. Problem solved.
>>
>>For the most part it's safe to know the internal IP address, it's only a
>>problem if someone cracks your gateway, but then your network is his
>>anyway
>>if that's the case. 
>>
>>As for Java, I use sever things that are Java only, so I don't have a
>>choice. (nor am I afraid of using it...)
>>
>>- Bob Comer
>>
>>
>>"Paul Ranson"  wrote in message
>>news:422f20a5$1{at}w3.nls.net...
>>> It uses a Java applet to determine your local IP address. No Java, no
>>> address.
>>>
>>> The applet posts the local address back to the server, so now they know
>>> too.
>>>
>>> I don't see how exposing a local, but unreachable, IP address is a
>>> vulnerability. I also don't see any need for Java. Problem solved.
>>>
>>> Paul
>>>
>>> "Robert Comer"
 wrote in message
>>> news:422f0de9{at}w3.nls.net...
>>>> It doesn't show my internal IP address, it just shows my router's
>>>> external IP address.
>>>>
>>>> - Bob Comer
>>>>
>>>> "Gregg N"  wrote in message
>>>> news:Xns9614AF6BC6B6gregginvalidinvalid{at}216.144.1.254...
>>>>> Could someone behind a NAT firewall visit this site
and see if it
>>>>> reveals
>>>>> your private (192.168.x.x) IP address? It shows mine
(both IE and FF),
>>>>> but
>>>>> I haven't investigated to see if it is actually
revealing a security
>>>>> vulnerability. I suspect the address is being
generated and displayed
>>>>> locally by whatever script is running on the page.
>>>>>
>>>>> http://www.auditmypc.com/whats-my-ip.asp
>>>>>
>>>>> Gregg
>>>>
>>>>
>>>
>>>
>>
>

--- BBBS/NT v4.01 Flag-5