Hello all...
I came across this
website that does a security scan on your system. I initiated the scan from my workstation which is NATed behind my busybox/firewall. The scan detected my IP as the firewall, and correctly reported the ports I expected to be open. But then at the bottom of the page:
Quote:
Notice!, your natted (or real) IP address is xxx.xxx.xxx.xxx. This information can be used to track your activities. I should not be able to obtain this information if your security is properly configured!
|
The IP listed is my private network IP address of my workstation...How could it find this out? And better, how can I fix this?
The firewall is running gentoo with the grsecurity-sources (2.4.26-rc9) at a custom but very high security level. The workstation also runs gentoo (among others) with a grsec patched kernel at the default 'low' setting (which I assume is still higher than a 'stock' kernel).
Any ideas would be appreciated...