Okay pause. We need to distinguish here because ya'll are talking about different terms. Internal network IP (192.168.x.x, etc), external IP (your public IP address), and DNS requests (locally vs remote through socks). The internal network IP probably isn't a terribly valuable piece of information to most snoops. The local DNS is an issue because you're telling your local network/ISP or whomever what addresses you're looking at. The big issue is the external network IP, which is what the public sees and identifies the home user's specific computer.
So what we want to see is an applet running around the deployment.properties setting, exposing the external network IP. The DNS leakage should also be investigate of course. Steve James Muir wrote: > [EMAIL PROTECTED] wrote: >> On Sun, Dec 02, 2007 at 11:35:49PM -0800, [EMAIL PROTECTED] wrote >> 0.9K bytes in 21 lines about: >> : I remember these tests. I can't seem to find a copy of the applets you >> : used. Are you willing to publish them? Or point me in the right >> : direction should I want to try implementing them? >> >> http://exitthematrix.dod.net/matrixmirror/ar01s05.html Jump down to the >> "Web bugs" section. It references >> http://exitthematrix.dod.net/matrixmirror/misc/superipbug.java from >> http://www.inet-police.com/cgi-bin/env.cgi >> >> There is another more thorough test of a java applet completely ignoring >> the jvm proxy configuration. However, my google-fu is weak. > > When I read that example it seems to indicate that the applet reads your > IP address locally and then submits it back to the originating web site > through the proxy. The applet does not seem to ignore proxy settings > (i.e. it does not seem to open a non-proxied connnection); it just > submits identifying information through the proxied connection. > > Jacob, Steve: I don't want to publish my complete ready-to-run code on > the list, but here is an excerpt: > > /***********/ > > Socket socket_to_originating_host = null; > int tcp_port = 80; > InetSocketAddress originating_host = > new InetSocketAddress(getCodeBase().getHost(), tcp_port); > > try { > socket_to_originating_host = new Socket(Proxy.NO_PROXY); > // timeout is in milliseconds > socket_to_originating_host.connect(originating_host, 10000); > System.out.println( > "Socket Local Address = " + > socket_to_originating_host.getLocalAddress().getHostAddress()); > } > > catch (Exception e) { > System.out.println("EXCEPTION THROWN: " + e); > System.exit(1); > > } > > /************/ > > More details can be found in the paper "Internet Geolocation" on my web > site. > > -James > > > > >
