Determining real IP in various online security tests

Determining real IP in various online security tests: Posted by LLFormat on June 26th, 2003; Hello,

I was wondering why it is that not all online security scanners can
determine my real IP.

For example, www.pcflank.com cannot determine my real IP, but does seem to
know that my ISP uses a proxy server. I was actually looking forward to
seeing the results from this previously unheard-of site, for me at least,
but as it (www.pcflank.com) couldn't determine my real IP, it stopped the
scan.

However, www.grc.com can find my real IP in a matter of seconds. Is it
just a case of the scripting (if that's the right term) at www.grc.com
being simply better than that at www.pcflank.com ? Or is there 'more to
this than meets the eye' ?

Thanks for your time, and for any information you might have.

Regards,

LLFormat.; Posted by YK on June 26th, 2003; LLFormat wrote:
There is 'more that meets the eye'.
http://grc.com/np/rsvptech.htm; Posted by LLFormat on June 26th, 2003; On Thu, 26 Jun 2003 04:53:00 +0000, YK typed the following stuff :

<snip>

Thanks for that YK. Right after posting my original message, it did occur
to me that www.grc.com 's scanner address had 'https://' at the front of
it. I wasn't sure if this was relevant or not, but now I know it is.

Thanks for the information.

Regards,

LLFormat.; Posted by sponge on June 29th, 2003; On Thu, 26 Jun 2003 04:41:35 +0100, "LLFormat"
<dev-null@localhost.localdomain> wrote:

GRC uses a small application called IPAgent to determine your real,
public IP address, which PCFlank does not. There are also Java and
ActiveX controls that can determine your real IP, the one bound to
your system.

You are correct that some scanners are detecting that your ISP uses
transparent proxies. (WHY your ISP is using transparent proxies at all
has me wondering, though.) At any rate, scanning a proxy is pointless.
They serve some security purpose although I'm wondering if they're
pulling a Comcast.

Have you tried scan.sygate.com?

Sponge
Sponge's Anti-Spyware Source
www.geocities.com/yosponge; Posted by sponge on June 30th, 2003; On Sun, 29 Jun 2003 22:31:47 +0100, "LLFormat"
<dev-null@localhost.localdomain> wrote:

No. For a while, Comcast was piping user connections through
transparent proxies and harvesting the data for anything that they
could sell to marketers. I've included a short link below. Lots of
ISPs snoop on their users but most do it by installing snooping
(spyware) software packaged with ISP software; Comcast's method did
not rely on client-side software which could be uninstalled. So,
Comcast's method was unavoidable by its users. I strongly suspect
Comcast is still doing this despite supposedly dropping the idea; they
had an awful lot of money invested in the plan. Verizon is one that is
presently known to snoop on their users, and they have a history of
this sort of thing, including selling customer calling records to
marketers.
If there's a moral here, it's not to install ISP supplied software
(you will usually get BETTER connectivity if you don't), and to read
your Terms of Service.

Comcast
http://www.wired.com/news/privacy/0,1848,50469,00.html
For your interest on Verizon
http://seattlepi.nwsource.com/local/...rivacy22.shtml

Sponge
Sponge's Anti-Spyware Source
www.geocities.com/yosponge

Similar Posts

Is this a real Security risk? (Basics) by EmperorJayP
Problem determining what version of ISScript.msi I need (Help and Support) by Michael Horowitz
Determining Process' API (Microsoft Windows) by asdf
Determining Process' API (Help and Support) by asdf
Help: Determining motherboard form factor (Computer Hardware) by Darren Harris