Private IP is not hiden



  • hello.

    i have pfsense. and NAT is running ok. but, few minutes back, i tested my configuration with some internet page, who offers a firewall test. and everything is ok except that private/ internal IP (192*) obviously is not hidden. :O

    i cant believe it. afaik, the NAT hides private/ internal IPs from public… :S

    what i can do? i something i must specialy set in pfsense or what?

    im really concerned,
    thank you,
    trip



  • How about showing us the page that is showing you the ip.



  • sullrich: you just overtaked me :P

    its: http://www.auditmypc.com

    i really dont get it :S

    trip



  • I ran all the tests and it only saw my public IP.

    Can you take a screenshot?



  • screen:





  • Javascript…



  • hm… javascript... that mean that anything is allright? and my firewall (pfsense) if working safe and properly?



  • Yeah, it's called Javascript.  That's not from their server, it's inserted by your PC.  The only way a remote site could get that info back is if they could trick you into submitting it back through a form or something similar.

    But sites like that love to make you believe you're somehow insecure and then are more than willing to sell you something to fix that "problem".

    Regardless, run that test on a browser that has all javascript disabled.  You won't get that.  This isn't the firewall showing anything, it's your insecure web browser (if you consider this insecure).  You told your firewall to pass HTTP, it's doing its job.

    Personally, I could care less if somebody knows what my private IP's are, what does it matter?  I use 10.0.64.0/21, subnetted into several /24's.

    If you don't believe me, try again with javascript disabled.  Easy way to try if you have IE and don't want to screw with your Firefox like me, add *.auditmypc.com to your restricted sites list.  It doesn't work anymore.



  • "Internal IP

    This does not necessarily mean your firewall is malfunctioning or improperly configured. The method we used will sneak past most firewalls. Why? Because we use Java to grab the information and then pass it on to the server (Notice how everything ran without prompting you?) "

    http://www.auditmypc.com/internal-ip.html



  • blah, silly me… :)

    thank you both, sullrich and cmb, for answers!

    have fun
    trip


Log in to reply