Internal IP Address

Your external IP address (38.107.191.117) is always exposed to the internet, if it wasn't, you wouldn't be able to visit sites. On the other hand, your internal IP address should be protected and not be obtainable by websites.

Internal IP

This does not necessarily mean your firewall is malfunctioning or improperly configured. The method we used will sneak past most firewalls. Why? Because we use Java to grab the information and then pass it on to the server (Notice how everything ran without prompting you?)

Private IP - Why you're Vulnerable

When we use the term 'vulnerable' we refer to your computer executing a program hosted on another server without any interaction from you. We used your internal IP for this demonstration because it's harmless (for the most part). Java passes this information to the server were it can be collected. Many claim this is not possible and that only you can see this information, so to prove the point, we included the last 20 internal IP addresses that this server has seen.

To verify this information, simply tell a friend your Private IP and have them visit this page shortly after you do - they'll see your IP included in the list. If they don't, then you're good to go!

What in the world is a Private or Natted IP?

A natted IP address (network address translation, network masquerading, IP masquerading) is a simply a method in which the source and/or destination addresses of IP packets are rewritten as they pass through a router or firewall. A private IP addresses is usually what is rewritting and range from:

10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255

IP Privacy

A hypothetical example of using your internal IP address to track your activities is an internet service provider. Some cable companies charge you for each computer connected to your cable modem. By tracking your internal IP address, the cable company could see that you're running multiple computers on one router and bill you accordingly.

The whole point of this demonstration is to make you aware that there is more to security than just a firewall. A malicious website owner could use a similar method to grab a lot more than your internal IP address, and you wouldn't even know it!

I see my Private IP - What can I do?

Don't panic, even if someone has this information, there is not much that can be done with it. I provided an exaple above of what can be done with this knowledge, but another example would be an employee hiding behind a company firewall, or a person using a proxy server, trying to use a stolen credit card.

The 'deviant' thinks she is safe behind the company firewall becuase the technology department is not tracking her internet activities. She makes the pruchase from a online store; the store soon discovers the fraud and using the same method we used to find your internal IP, they discover the real IP address behind the company firewall. The store simply contacts the company's technology department and provides them with the real IP address (which may or may not be a non-routable addy) which in turn discovers the employee that made the purchase.

The point is, you should be concerned that a Java applet ran without your knowledge, found some information and passed it back to the server.

It was cross site leaking of java that gathered this information made possible by passing variables back from the applet and constructing a url in java to a web page using an iframe that contains the data to be collected. The server can then read this information, store and process the internal ip address as needed.

The only way to prevent this that we are aware of, is to disable active scripting in the browser.

Have you tried our test on Anonymous Surfing? If not, you should just to be safe.

• Security Tests
• Firewall Test
• Anonymous Test
• Popup Test
• What's My Ip
• Online Tools:
• Internet Speed Test
• Sitemap Generator
• Webmaster Tool
• Html Encoder
• Keyboard Lesson
• Free Address Finder
• Free Software
• Internal Ip
• Internet Hoakes
• Help Desk
• For your Website:
• Broadband Test
• Speed Test
• Anti-Spam
• Website Monitoring
• Wordpress:
  Paginated Comments
• Add a Tool
• Cool Icons
• Security Tips:
• Intrusion Prevention
• Security Tips
  • Port Scanning Explained
  • Network Security
  • Honeypots
  • Electronic Mail Security
  • IIS Masking
  • Intrusion Detection System
  • E-Mail Relay Test
  • What is C Dilla or cdac11ba.exe
  • Wireless Security
  • Legal War Driving
  • NTFS Recovery
  • Free SPAM Blocker
  • Free Firewalls
  • Proxomitron
  • Disable Microsoft Messenger
  • Patch Management
  • Internet Usage Policy (template)
  • Email Virus Notice (template)
  • Social Engineering
  • Port List
  • Office XP Easter Eggs
  • Uninstall Media Player 10
  • 0x800a0007 Windows Update Error
  • CMDExe Exploit
  • Bump Key
  • Remove Virtumonde
  • DSO Exploit
  • Office 2003 Hack
  • Glossary
  • Free Virus Scan
  • Email Address Search
  • WDRP Compliance
  • Port Scan FYI
  • Help Desk Software
  • Pay Pal
  • Microsoft Antispyware
  • Hacker Blogs
  • IP Address
  • Proxy Sites
  • Web View Vulnerability
  • What does FTP stand for?
  • Block IP Address
  • IPsec Policy
  • Anonymous Proxy
  • Free Spyware Removal
  • Web Security Services
  • NTFS Streams
• Something Else:
• Miscellaneous
  • Replicator!
  • CMMS Software
  • Free CRM
  • Iraqi Dinar
  • Mortgage Calculator
  • Money Converter
  • Security Scan
  • Port Scanner
  • Site Maps
  • Software Audit
  • Yes or No
• Process Server
  • 0
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
• Acronym Finder
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
• Port Search
  • Ports page 1
  • Ports page 2
  • Ports page 3
  • Ports page 4
  • Ports page 5
  • Ports page 6
  • Ports page 7
  • Ports page 8
  • Ports page 9
  • Ports page 10
  • Ports page 11
  • Ports page 12
  • Ports page 13
  • Ports page 14
  • Ports page 15
  • Ports page 16
  • Ports page 17
  • Ports page 18
  • Ports page 19
  • Ports page 20
  • Ports page 21
  • Ports page 22
  • Ports page 23
  • Ports page 24
  • Ports page 25
  • Ports page 26
  • Ports page 27
  • Ports page 28
  • Ports page 29
  • Ports page 30
  • Ports page 31
  • Ports page 32
  • Ports page 33
  • Ports page 34
  • Ports page 35
  • Ports page 36
  • Ports page 37
  • Ports page 38
  • Ports page 39
  • Ports page 40
  • Ports page 41
  • Ports page 42
  • Ports page 43
  • Ports page 44
  • Ports page 45
  • Ports page 46
  • Ports page 47
  • Ports page 48
  • Ports page 49
  • Ports page 50
  • Ports page 51
  • Ports page 52
  • Ports page 53
  • Ports page 54
  • Ports page 55
  • Ports page 56
  • Ports page 57
  • Ports page 58
  • Ports page 59
  • Ports page 60
  • Ports page 61
  • Ports page 62
  • Ports page 63
  • Ports page 64
  • Ports page 65
  • Ports page 66
  • Ports page 67