How to prevent someone to know my internal IP ?

**Renk** · 26.02.11, 13:12

Some sites such as mon-ip.com allows to see the internal IP (javascript enabled). It's worrying when using some vpn (with unique external ip address), because the internal iP is what identify you inside the vpn (10.x.y.z).

I noticed that when using privoxy, the site mon-ip.com failed to see my internal IP, and write a very nice FORBIDDEN instead.

So, how to get the same result without having to use privoxy ?

EDIT:

Anonymous Surfing is able to grab my internal IP, with Privoxy enabled and Javascript disabled.

**ParamouR** · 26.02.11, 13:28

Originally Posted by Renk

So, how to get the same result without having to use privoxy ?

By using a better Anti-Virus like BitDefender or Kaspersky

**Renk** · 26.02.11, 14:14

Originally Posted by ParamouR

By using a better Anti-Virus like BitDefender or Kaspersky

Have you test it with Anonymous Surfing ?

**SealLion** · 26.02.11, 16:19

are you talking about where you have to make a registry hack to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters\Interfaces

and assign ( I think?? ) for IPAutoconfigurationEnabled key to a REG_DWORD hexadecimal value of 0??
A hack like that I know disables what's called Automatic Private IP Addressing

Oh. Wait. No don't do that. That I think is for when there is no DHCP server present.

No, I think what you might want is what's called a " High Anonymity Proxy " b/c it does not make available the original IP address.

**anon** · 26.02.11, 16:56

Originally Posted by Renk

EDIT:

Anonymous Surfing is able to grab my internal IP, with Privoxy enabled and Javascriot disabled.

Not here (and I'm behind a router, so I do have an internal IP). Some sites can get it via Java, but knowing you to a certain degree you probably have that and Flash disabled.

Can IP.cc's extensive anonymity test see it as well? Because in that case, it's being sent on your HTTP requests, somewhere.

**Renk** · 26.02.11, 19:46

Can IP.cc's extensive anonymity test see it as well? Because in that case, it's being sent on your HTTP requests, somewhere.

All ip.cc's extensive anonymity test are good.

Originally Posted by anon

Not here (and I'm behind a router, so I do have an internal IP). Some sites can get it via Java, but knowing you to a certain degree you probably have that and Flash disabled.

Java was implied. So I disabled java Platform pluggin. No more problem, with or without privoxy or javascript, on the two previous sites.

**cheatos** · 26.02.11, 20:27

Interesting find!,

I retract my words about the inability to grab Mac-address then.

Both sites got my internal IP address, and I'm behind two NATs!!

Might need to enforce some protective methods like disabling java and/or flash (whitelists..etc).

**anon** · 26.02.11, 20:30

Originally Posted by cheatos

Might need to enforce some protective methods like disabling java and/or flash (whitelists..etc).

I don't use sites with Java applets, and Flash is disabled by default, only whitelisted for YouTube and Grooveshark, which I visit in private tabs.

**cheatos** · 26.02.11, 20:33

Originally Posted by anon

I don't use sites with Java applets

Math/Physics nerd here, needs java for simulation apps..etc

and Flash is disabled by default, only whitelisted for YouTube and Grooveshark, which I visit in private tabs.

When I used NoScript(iirc, this one controls flash whitelists) for the first time, it was just too much work to click enable,enable,add to exceptions ..etc.
but certainly, one must take some actions against info-collectors.

**anon** · 26.02.11, 20:34

Originally Posted by cheatos

Math/Physics nerd here, needs java for simulation apps..etc

You can always run a separate browser for educational apps...

**cheatos** · 26.02.11, 20:39

Originally Posted by anon

You can always run a separate browser for educational apps...

I run at least 100 Iron tabs (400MB?), my Geforce card has shared memory, for trackers I use firefox (thats at least 200MB of RAM), Windows 7 gets its fair RAM amount, so I'm usually left with nothing,
sometimes I want to run a virtual machine for some tests, but I can't I need to kill firefox/iron to free up some Ram
If I used another browser for educational purposes then its the same, no enough RAM = slow computer, and no virtual machines.

* taking about my laptop.(2GB RAM).

---
otherwise, thats probably the best solution

**Renk** · 27.02.11, 11:58

Originally Posted by anon

Can IP.cc's extensive anonymity test see it as well? Because in that case, it's being sent on your HTTP requests, somewhere.

It was the case with Thunderbird, 3 years ago:

does anyone know how to keep thunderbird from including your PC's NAT ip address (ex. 192.168.1.1) in the headers? other email programs (Outlook) don't include the NAT address in the headers so i'm hoping there is a way to keep Thunderbird from including it, maybe in the config editor? i don't know, either way any help is appreciated.

Thunderbird includes NAT ip in mail headers • mozillaZine Forums

**anon** · 27.02.11, 17:32

My uni proxy does the same as well, sending your LAN IP on the "Via" HTTP header. I don't know why they do that as, that information is useless to send, maybe even dangerous.