Determining real IP in various online security tests

Hello,

I was wondering why it is that not all online security scanners can
determine my real IP.

For example, www.pcflank.com cannot determine my real IP, but does seem to
know that my ISP uses a proxy server. I was actually looking forward to
seeing the results from this previously unheard-of site, for me at least,
but as it (www.pcflank.com) couldn't determine my real IP, it stopped the
scan.

However, www.grc.com can find my real IP in a matter of seconds. Is it
just a case of the scripting (if that's the right term) at www.grc.com
being simply better than that at www.pcflank.com ? Or is there 'more to
this than meets the eye' ?

Thanks for your time, and for any information you might have.

Regards,

LLFormat.

LLFormat

Someone named "LLFormat" <dev-> Proclaimed
on Thu, 26 Jun 2003 04:41:35 +0100,

>Hello,
>
>I was wondering why it is that not all online security scanners can
>determine my real IP.
>
>For example, www.pcflank.com cannot determine my real IP, but does seem to
>know that my ISP uses a proxy server. I was actually looking forward to
>seeing the results from this previously unheard-of site, for me at least,
>but as it (www.pcflank.com) couldn't determine my real IP, it stopped the
>scan.
>
>However, www.grc.com can find my real IP in a matter of seconds. Is it
>just a case of the scripting (if that's the right term) at www.grc.com
>being simply better than that at www.pcflank.com ? Or is there 'more to
>this than meets the eye' ?


Try:

http://www.dslreports.com/whois

G. Morgan

LLFormat wrote:
> Hello,
>
> I was wondering why it is that not all online security scanners can
> determine my real IP.
>
> For example, www.pcflank.com cannot determine my real IP, but does
> seem to know that my ISP uses a proxy server. I was actually looking
> forward to seeing the results from this previously unheard-of site,
> for me at least, but as it (www.pcflank.com) couldn't determine my
> real IP, it stopped the scan.
>
> However, www.grc.com can find my real IP in a matter of seconds. Is it
> just a case of the scripting (if that's the right term) at www.grc.com
> being simply better than that at www.pcflank.com ? Or is there 'more
> to this than meets the eye' ?
>
> Thanks for your time, and for any information you might have.
>
> Regards,
>
> LLFormat.

There is 'more that meets the eye'.
http://grc.com/np/rsvptech.htm

YK

On Thu, 26 Jun 2003 04:53:00 +0000, YK typed the following stuff :

> LLFormat wrote:
>> Hello,
>>
>> I was wondering why it is that not all online security scanners can
>> determine my real IP.

<snip>

>
> There is 'more that meets the eye'.
> http://grc.com/np/rsvptech.htm

Thanks for that YK. Right after posting my original message, it did occur
to me that www.grc.com 's scanner address had 'https://' at the front of
it. I wasn't sure if this was relevant or not, but now I know it is.

Thanks for the information.

Regards,

LLFormat.

LLFormat

On Thu, 26 Jun 2003 04:41:35 +0100, "LLFormat"
<dev-> wrote:

>Hello,
>
>I was wondering why it is that not all online security scanners can
>determine my real IP.
>
>For example, www.pcflank.com cannot determine my real IP, but does
seem to
>know that my ISP uses a proxy server. I was actually looking forward
to
>seeing the results from this previously unheard-of site, for me at
least,
>but as it (www.pcflank.com) couldn't determine my real IP, it stopped
the
>scan.
>
>However, www.grc.com can find my real IP in a matter of seconds. Is
it
>just a case of the scripting (if that's the right term) at
www.grc.com
>being simply better than that at www.pcflank.com ? Or is there 'more
to
>this than meets the eye' ?
>
>Thanks for your time, and for any information you might have.
>
>Regards,
>
>LLFormat.

GRC uses a small application called IPAgent to determine your real,
public IP address, which PCFlank does not. There are also Java and
ActiveX controls that can determine your real IP, the one bound to
your system.

You are correct that some scanners are detecting that your ISP uses
transparent proxies. (WHY your ISP is using transparent proxies at all
has me wondering, though.) At any rate, scanning a proxy is pointless.
They serve some security purpose although I'm wondering if they're
pulling a Comcast.

Have you tried scan.sygate.com?

Sponge
Sponge's Anti-Spyware Source
www.geocities.com/yosponge

sponge

On Sun, 29 Jun 2003 22:31:47 +0100, "LLFormat"
<dev-> wrote:

>On Sun, 29 Jun 2003 10:28:35 -0700, sponge typed the following stuff
:
>
>> On Thu, 26 Jun 2003 04:41:35 +0100, "LLFormat"
>> <dev-> wrote:
>>
>>>Hello,
>>>
>>>I was wondering why it is that not all online security scanners can
>>>determine my real IP.
>>>
>>>For example, www.pcflank.com cannot determine my real IP, but does
>> seem to
>>>know that my ISP uses a proxy server.
>
><snip>
>
>>>However, www.grc.com can find my real IP in a matter of seconds.
>
><snip>
>
>> GRC uses a small application called IPAgent to determine your real,
public
>> IP address, which PCFlank does not. There are also Java and ActiveX
>> controls that can determine your real IP, the one bound to your
system.
>>
>> You are correct that some scanners are detecting that your ISP uses
>> transparent proxies. (WHY your ISP is using transparent proxies at
all has
>> me wondering, though.) At any rate, scanning a proxy is pointless.
They
>> serve some security purpose although I'm wondering if they're
pulling a
>> Comcast.
>>
>> Have you tried scan.sygate.com?
>
>Hi,
>
>No I haven't tried it yet, but I will do now. I'm intrigued by your
>statement 'I'm wondering if they're pulling a Comcast'. By this, do
you
>mean caching loads of pages to appear to give a faster service ? If
that
>is indeed what you meant, then I can say that my ISP do seem to have
an
>awful lot of cached pages. A quick CTRL-REFRESH/RELOAD seems to grab
the
>latest versions of pages though, in most cases.
>
>If I'm honest, I don't fully understand the purpose of proxies, so
I'm
>probably getting confused in what I've said in the above paragraph.
>
>Thanks for the information. Thanks also to all other contributors to
this
>thread for shedding some light on my initial question.
>
>Regards,
>
>LLFormat.

No. For a while, Comcast was piping user connections through
transparent proxies and harvesting the data for anything that they
could sell to marketers. I've included a short link below. Lots of
ISPs snoop on their users but most do it by installing snooping
(spyware) software packaged with ISP software; Comcast's method did
not rely on client-side software which could be uninstalled. So,
Comcast's method was unavoidable by its users. I strongly suspect
Comcast is still doing this despite supposedly dropping the idea; they
had an awful lot of money invested in the plan. Verizon is one that is
presently known to snoop on their users, and they have a history of
this sort of thing, including selling customer calling records to
marketers.
If there's a moral here, it's not to install ISP supplied software
(you will usually get BETTER connectivity if you don't), and to read
your Terms of Service.

Comcast
http://www.wired.com/news/privacy/0,1848,50469,00.html
For your interest on Verizon
http://seattlepi.nwsource.com/local/...rivacy22.shtml

Sponge
Sponge's Anti-Spyware Source
www.geocities.com/yosponge

sponge