At 08:09 AM 10/26/2003, you wrote: >Matt via RT wrote: >>It told me tons about my Linux box as well. :-/ > >I assume you mean the URL Giovanni gave (http://leader.ru/secure/who.html). > >The point is that it is not doing anything special. The information >displayed is either part of the HTTP protocol or within the scope of >JavaScript environment variables. In other words, this information is >available to any webserver that you connect to. Most web browsers offer >this information to web servers so that web apps can programmatically >adjust what it returns so that it is customised for the user's browser.
Addressing the individual items: The "reported remote address" (ip address) is necessary for the response to come back to your computer. The "browser" is reported as part of the HTML protocol standards The "OS" reported -- not sure how it knows this -- I suspect it was tacked onto the "browser" string. Client's hostname -- this is not part of HTML. They're using reverse-DNS to resolve the IP address. "Preferable mail server" -- they're guessing. My Opera doesn't even know that I do email. It's set to use Opera's email client, but I do not have any email accounts set up in Opera. Also, it's wrong in my case "here is your C: drive" -- look at the link -- it is file:///c:/. This is an old trick -- it points your browser at your C: -- they never see it. Terry >The web app at the URL Giovanni gave didn't "hack" into your machine. It >merely read some strings the browser offered (User-Agent: Mozilla, WinXP. >Plugins: Quicktime, etc.) when it first connected and ran some JavaScript >to get the screen size, etc. > >Like I suggested earlier, turn off JavaScript in your web browser and hit >the URL again. You will see a big difference. > >I didn't run the port scan or other scans because I haven't established >any kind of trust with the site. The fact that the site requires I >indemnify the site from responsibility didn't make me feel too trustful. ;) > >John Hebert > > >_______________________________________________ >General mailing list >[email protected] >http://brlug.net/mailman/listinfo/general_brlug.net > -- Terry Stockdale -- [EMAIL PROTECTED] -- Baton Rouge, LA website: http://www.dadstoy.net From [EMAIL PROTECTED] Mon Oct 27 07:50:09 2003 From: [EMAIL PROTECTED] (Scott Harney) Date: Mon Oct 27 07:50:20 2003 Subject: [brlug-general] To those who still run Windows... In-Reply-To: <[EMAIL PROTECTED]> (Terry Stockdale's message of "Sun, 26 Oct 2003 19:15:39 -0600") References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Terry Stockdale <[EMAIL PROTECTED]> writes: > "Preferable mail server" -- they're guessing. My Opera doesn't even > know that I do email. It's set to use Opera's email client, but I do > not have any email accounts set up in Opera. Also, it's wrong in my > case Nah. they take the reverse DNS hostname they retrieved earlier and pull the MX record from DNS for that domain. -- Scott Harney<[EMAIL PROTECTED]> "...and one script to rule them all." gpg key fingerprint=7125 0BD3 8EC4 08D7 321D CEE9 F024 7DA6 0BC7 94E5
