LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 01-01-2011, 10:58 PM   #1
studpenguin
Member
 
Registered: Nov 2003
Location: Pacific Northwest United States
Posts: 262

Rep: Reputation: 32
Hiding internal IP address without proxy, both Java and Java script enabled


Hiding internal IP address without proxy, both Java and Java script enabled



I'm using Mozilla Firefox and was wondering how one does this?

Is there some kind of preferred alternative browser? I thought maybe Gnuzilla might do the trick but it doesn't?

Is Ubuntu 10.10 Java packages that it comes with proprietary "Sun Java?" which is a bunch crap that can't be altereed? Is there some kind of GNU alternative Java that I'm not finding?


Keep testing your privacy at site or some similar site like

http://www.auditmypc.com/anonymous-surfing.asp

or

http://www.browserspy.dk/

And you'll know exactly what I mean.

I don't understand why Java Script or Java can't be altered to put out either a fake internal ip adress or none at al land I can't even find any solution anywhere online. Maybe you security gurus can give some advice?
 
Old 01-02-2011, 05:01 PM   #2
paulsm4
Guru
 
Registered: Mar 2004
Distribution: SusE 8.2
Posts: 5,863
Blog Entries: 1

Rep: Reputation: Disabled
Java != Javascript
 
Old 01-02-2011, 05:05 PM   #3
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 331Reputation: 331Reputation: 331Reputation: 331
Quote:
Originally Posted by studpenguin View Post
Hiding internal IP address without proxy, both Java and Java script enabled
What do you mean by "internal address"? Computers on the Internet can only see the public address of your gateway unless your computer is directly connected to the Internet. (That is only true if your LAN uses a private address space. If all of the computers on your LAN have public addresses then your address is visible to others outside of your LAN, but that doesn't really meet any definition of "internal address" anyway.)

Last edited by stress_junkie; 01-02-2011 at 06:08 PM.
 
Old 01-02-2011, 06:05 PM   #4
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655Reputation: 655
This thread was moved as requested by the OP. Please use the REPORT button in the future to request a move instead of posting a thread.
 
Old 01-03-2011, 02:48 AM   #5
studpenguin
Member
 
Registered: Nov 2003
Location: Pacific Northwest United States
Posts: 262

Original Poster
Rep: Reputation: 32
Quote:
Originally Posted by stress_junkie View Post
What do you mean by "internal address"? Computers on the Internet can only see the public address of your gateway unless your computer is directly connected to the Internet. (That is only true if your LAN uses a private address space. If all of the computers on your LAN have public addresses then your address is visible to others outside of your LAN, but that doesn't really meet any definition of "internal address" anyway.)
Stress Junkie
I don't know how it is with your network, but I have a wirED router between computer and the broadband modem. The wired router can be configured to assign all computers any address I want within the 192.168.xxx.xxx range (Also known as LAN addresses, Also known as private addresses). The "Gateway" must also be given an address in that range. The Modem itself is given a local address in that range. So I have A little less than 256 ^ 2 addresses to choose from for these 3 devices.


if you're running javascript or java with Firefox Mozilla or Gnuzilla.

This site

http://www.auditmypc.com/anonymous-surfing.asp

it should show the computer's LAN address (the 192.168.WTF.WTF ADDRESS!)

http://www.auditmypc.com/internal-ip-address.asp

Quote:
Internal IP address

This page shows you how to hide your Internal IP address (NAT addresses, Private IP, natted addy, etc), how we obtain that information and how you can protect yourself!

If you haven’t done so already, see if your internal IP can be exposed by visiting our anonymous surfing page, then come back to this page.

Your external IP address ( 72.160.72.20 ) is always exposed to the internet, if it wasn’t, you wouldn’t be able to visit sites. On the other hand, your internal IP address, mac address and other information should be protected and not obtainable by websites.
Internal IP

This does not necessarily mean your firewall is malfunctioning or improperly configured. The method we used will sneak past most firewalls. Why? Because we use Java to grab the information and then pass it on to the server (Notice how everything ran without prompting you?)
Private IP – Why you’re Vulnerable

When we use the term ‘vulnerable’ we refer to your computer executing a program hosted on another server without any interaction from you. We used your internal IP for this demonstration because it’s harmless (for the most part). Java passes this information to the server were it can be collected. Many claim this is not possible and that only you can see this information, so to prove the point, we included the last 14 internal IP addresses that this server has seen.

Last 14 Internal IP Addresses
it DOES show my computer's LAN address (the 192.168.WTF.WTF ADDRESS!)

but It DOESN'T show the "Gateway" router's address nor the modem's.

AND NO I DO not have the pc directly connected to the modem.



Not just the WAN address NOR the just the GATEWAY router.

I don't know $h|t about disabling Mozila'JAVA and JAVA SCRIPT'S TREACHERY while keeping the features that matter. A few Firefox Add-ons such as "Quick Java" and "No script" disable the Java and Java Script features entirely while making other sites a bit difficult.

Now that I've clarified. Is there something original you do when you are surfing the web to prevent this? It seems like there should be some feature in firefox or whatever that doesn't send this information out or spoofs it or fakes it. BUT IT WON'T. it's b.s. It sucks.

Or are you are you denying this website http://www.auditmypc.com/anonymous-surfing.asp can do this? as possible?

Last edited by studpenguin; 01-03-2011 at 03:03 AM. Reason: clarity
 
Old 01-03-2011, 03:59 AM   #6
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Have you considered sending a feature request to the NoScript author? It sounds to me like it might be feasible to have a checkbox in the Trusted tab which would let you decide whether you want Java applets to be able to gain knowledge of your local IP and hostname. The worst that could happen is that he says "No", and even so, his reasoning/explanation may be enlightening.

Last edited by win32sux; 01-03-2011 at 04:04 AM.
 
Old 01-03-2011, 08:57 AM   #7
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
Quote:
it DOES show my computer's LAN address (the 192.168.WTF.WTF ADDRESS!) but It DOESN'T show the "Gateway" router's address nor the modem's.
Aside from the separate issues of executing client side code, I find myself asking what the big deal is about knowing a private/LAN IP address of a host or for that matter even the public one? How many routers are there that are configured with a default gateway of 192.168.0.1 are there and how many PC's are currently running with 192.168.0.2 as their IP? More importantly, so what? These addresses can't be used to identify you because they are not unique. With a properly configure router and adequate security measures taken, this information is of little to no value and without these measures hiding it won't buy you squat.
 
Old 01-03-2011, 09:12 AM   #8
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 331Reputation: 331Reputation: 331Reputation: 331
@studpenguin: Thank you for clarifying your question and the test criteria.

To answer your question and as win32sux mentioned I use NoScript in Firefox to automatically disable Java, Javascript, Flash, and other web components. NoScript protected my machine from the test software on the web sites that you cited so only my gateway's public IP address was shown on the first link and only a list of links was shown on your second link.

As you have aleady said, the NoScript is all-or-nothing per web site. Your question seems to indicate that you want to select which components on a web page can work and which are disabled. I don't have a solution to that but I suspect that there would be very little demand for such a feature.

As an aside, your reply to my questions appear to indicate some level of frustration or irritation. There is no good reason to get upset just because I asked about your initial question. I simply wanted more information because your question was not completely clear to me.

Last edited by stress_junkie; 01-03-2011 at 09:20 AM.
 
Old 01-03-2011, 09:10 PM   #9
studpenguin
Member
 
Registered: Nov 2003
Location: Pacific Northwest United States
Posts: 262

Original Poster
Rep: Reputation: 32
Quote:
Originally Posted by Noway2 View Post
Aside from the separate issues of executing client side code, I find myself asking what the big deal is about knowing a private/LAN IP address of a host or for that matter even the public one? How many routers are there that are configured with a default gateway of 192.168.0.1 are there and how many PC's are currently running with 192.168.0.2 as their IP? More importantly, so what? These addresses can't be used to identify you because they are not unique. With a properly configured router and adequate security measures taken, this information is of little to no value and without these measures hiding it won't buy you squat.
Noway2,
I don't know. I don't suppose you feel comfortable leaving your car unattended in some unfamiliar neighborhood with a spare ignition key on the dash of your car for any passerby to see through the windshield?

Why let that bother you if you have all the doors locked, have a nice clublock, and a good security alarm on your car in case someone tries to break in? Your car won't get stolen.

What are the odds of someone stealing and counterfeiting your key?

Last edited by studpenguin; 01-03-2011 at 09:12 PM.
 
Old 01-03-2011, 10:42 PM   #10
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Knowing a machine's LAN IP and hostname won't increase the risk of an attack from the outside (in the majority of cases), but it can indeed be useful information for a bad guy who managed to get behind the router/firewall (especially in an organizational environment). Limiting the amount of information that potential bad guys have to work with is a worthwhile goal, IMHO. In addition, there's the privacy concerns associated with this information, as illustrated in the literature from the http://www.auditmypc.com/internal-ip-address.asp link. Sure, it's not something most of us are concerned about, but to flat-out dismiss the OP's quest for countermeasures of this type isn't really fair.
 
Old 01-04-2011, 05:35 AM   #11
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
Thank you for the explanation and the link. I do understand the privacy concerns and I completely agree with putting more hurdles in front of potential bad guys. For example, this is why on my wireless connection I keep the SSID hidden and MAC filtering in place, even though both of these in and of themselves are near pointless. It also was not my intention to flat-out dismiss their concerns and I sincerely apologize if my comment came across that way. I was surprised by and reacting to the intensity of their apparent fear as shown by the WTF in the IP octets.

After reading the link you provided, I think that the real big take away is the potential dangers associated with platform independent code, e.g. Java, and how easily it slips through most conventional barriers.
 
Old 01-04-2011, 05:57 AM   #12
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
No worries, Noway2.

studpenguin, did you consider the NoScript feature request? It would be interesting to see what Giorgio Maone has to say about this. Even if he doesn't feel such a feature belongs in NoScript, he might be able to recommend a manual workaround. In any case, please do share with us any progress you've made thus far, as it feels like the trail's gone cold for now (at least in this thread).

Last edited by win32sux; 01-04-2011 at 06:00 AM.
 
Old 01-08-2011, 09:39 PM   #13
studpenguin
Member
 
Registered: Nov 2003
Location: Pacific Northwest United States
Posts: 262

Original Poster
Rep: Reputation: 32
I wouldn't really know what to ask the noscript people that they shouldn't already be well aware about. I guess the only thing to do is forward this thread.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Hiding internal IP address without proxy, both Java and Java script enabled studpenguin Linux - Networking 1 01-02-2011 03:50 AM
[SOLVED] css and java script is broken Zope running behind an apache reverse proxy tkmsr Linux - Server 1 06-14-2010 07:39 AM
Need a Java Applet to utilize Java Script Functions circuit_girl Programming 3 04-11-2009 10:55 PM
Thunderbird and Hiding Internal Natted IP Address metallica1973 Linux - Security 1 01-29-2008 06:28 PM
java hiding app in taskbar in kde? kapta Programming 1 08-12-2004 09:24 PM


All times are GMT -5. The time now is 06:11 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration