Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Clever or what!

 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Discussion
View previous topic :: View next topic  
Author Message
acraigon



Joined: Wed May 11, 2005 7:46 pm
Posts: 26

PostPosted: Sun Oct 30, 2005 3:12 pm    Post subject: Clever or what! Reply with quote

I visited www.arrse.co.uk after reading an article in a newspaper about what the soldiers in Iraq thought about the war and other stuff. I was scrolling down one of the forum boards reading when I came across a penguin holding a sign and the sign said you are running linux your address is ...... you are running firefox and your internet provider is ....... I do not know about anyone else but that did make me feel nervous as I do have a firewall and other security. This was just a posting on a notice board, anyone know how my information was obtained and displayed? More to the point how can I stop this?
Back to top
View user's profile Send private message
M0PHP
LXF regular


Joined: Wed Apr 06, 2005 8:40 am
Posts: 737
Location: Bishop Auckland, County Durham, UK

PostPosted: Sun Oct 30, 2005 3:17 pm    Post subject: Reply with quote

Most probably the image was generated dynamically using PHP or something similar, which can obtain information about you from your browser (user agent), like phpSniff.

Mine is mozilla/5.0 (windows; u; windows nt 5.1; en-us; rv:1.7.12) gecko/20050915 firefox/1.0.7

which shows I'm running Firefox 1.0.7 on Windows XP (NT 5.1).

There is an extension for FF which allows you to fake your user agent.

As for the ISP - your ISP is allocated a specific block of IP addresses to give to users. The information (which IP blocks belong to which ISP) is available freely on the web.

A good example of good use of this data is BBClone - an advanced web counter.
Back to top
View user's profile Send private message Visit poster's website
linuxgirlie
LXF regular


Joined: Sat Apr 09, 2005 7:34 pm
Posts: 787
Location: Kent...UK

PostPosted: Sun Oct 30, 2005 3:40 pm    Post subject: Reply with quote

I agree with M0PHP, I had a heartattack when I first saw it, I then went to a free firewall tester and it found nothing! Though it still new my web browser info etc, I turned it off and it was ok, but I turned it back on again as I want to prove to people out thier that I do use Linux!
_________________
My knowledge comes with no warranty...........

Server operating system designed for schools:www.linuxschools.com
Back to top
View user's profile Send private message Send e-mail
Marrea
LXF regular


Joined: Fri Apr 08, 2005 10:32 pm
Posts: 1873
Location: Chilterns, West Hertfordshire

PostPosted: Sun Oct 30, 2005 4:05 pm    Post subject: Reply with quote

One of the forum members on the SuSE Linux Forums has this on all his/her postings, and the image seems to come from http://danasoft.com/.

I too was somewhat alarmed to see this when I was browsing through the posts and even thought of informing the member in question that I didn't think it was a very good idea to have a signature like this. But then I thought, am I being paranoid or what? It makes me feel very uneasy though.

It's exactly the same sort of thing which appears if you go to Steve Gibson's Shieldsup site to test your firewall. But I don't like seeing this on Help forums at all, harmless or not.
Back to top
View user's profile Send private message
ollie
Moderator


Joined: Mon Jul 25, 2005 12:26 pm
Posts: 2749
Location: Bathurst NSW Australia

PostPosted: Mon Oct 31, 2005 9:16 am    Post subject: Reply with quote

The site is hosted using Dragonfly CMS and all this information is easily logged using PHP. You can see exactly the same information using JavaScript - The Ultimate Browser Sniffer - although you can see that the script is out of date Wink . Your details are listed about half way down the page after the actual script is displayed.

Similar information is available to every webserver when you browse to web sites - there is a wealth of information using something like AWStats to collect and display web server stats.

The only way to avoid this is to run through a number of anonymizers when you go Internet surfing - but then you need to have some config and hacking skills. Laughing
Back to top
View user's profile Send private message
jjmac
LXF regular


Joined: Fri Apr 08, 2005 2:32 am
Posts: 1996
Location: Sydney, Australia

PostPosted: Mon Oct 31, 2005 8:42 pm    Post subject: Reply with quote

Yeah, it's just a cheap trick and means nothing. I suppose you could hide your browser if you wanted but it's a bit had to hide your IP address. And then it depends on the range that the provider has, so it dosen't really narrow down that much.

http://www.arin.net/whois/

is a good starting point if you want to check on any logged addresses you may have.


jm
_________________
http://counter.li.org
#313537

The FVWM wm -=- www.fvwm.org -=-

Somebody stole my air guitar, It happened just the other day,
But it's ok, 'cause i've got a spare ...
Back to top
View user's profile Send private message
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Discussion All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast