I think I fixed a Gaim bug ..

!30!30 Member Posts: 356
A few weak's before , I was chating with a friend , and he ask me : "Are you using a private Ip address in your netwrk ?" , I say yes { coz I configured my own NAT&proxy BSD server } , how do you know ?

He saied , it's a trick , but soon he told me , you know in Gaim , you can see Ip of the remote person , and he saw my private address there..
I mean instanly , how ? how ? Can he see using Yahoo mess databases { or Gaim source code , developed in C } , my real / private IP address.

After thosw week's the answer comed in my head , the expert's on Yahoo forget a thing , to clear showing the real Ip adres/in case the private one , if the remote user if using proxy&NAT on that port {non-anonymous proxy , this is the only posibility }.

This is also the problem, on osme PHP & CGI forum's , they forget to clear showing the real address/the private one in case of NAT , if the user is using his NAT performing router , proxy with that port to
{ port 80 per example }.The proxy is indeed default non-anoymousely and the forum database will show to moderator's the real / private IP , because of this header : x_forward_for .. icon_cool.gif

Someone have to tell them , coz .. some day , this bug , will cause great trouble , I think, maybe it's all my imagination and I'm a bit paranoic..

Cheer's !
Optimism is an occupational hazard of programming: feedback is the treament. (Kent Beck)

Comments

  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Unless I misunderstand your concern, I can tell you it doesn't matter one bit if they can see your private ip address. You can even type it in bold red letters, but knowing your private ip won't do them any good. I don't understand your concern.
    All things are possible, only believe.
  • Danman32Danman32 Member Posts: 1,243
    I would be concerned that a client, especially an IM client, was divulging the IP stack of the host, even if the address would probably be of little use in this one instance. However, a hacker could use this to determine the footprint of the network.
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Better stop sending emails then, because they give out similar information.
    All things are possible, only believe.
  • RussSRussS Member Posts: 2,068 ■■■□□□□□□□
    sprkymrk wrote:
    Better stop sending emails then, because they give out similar information.
    *SNAP* icon_lol.gif
    www.supercross.com
    FIM website of the year 2007
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 12,253 Admin
    Any network-aware application on your private network has the capability of transmitting the IP address of its host computer to other computers on your network or even to hosts the Internet. Your Internet firewall is what prevents external intruders from using your private network information against you.
Sign In or Register to comment.