[unisog] 2 Questions

Jenkins, Matthew mjenkins7 at fairmontstate.edu
Fri May 19 21:43:23 GMT 2006 

1.  By the HTTP referrer information.  Many web server log analyzers provide what keywords were used to attract visitors.
 
2.  Not generally.  Unless the workstation or some sort of proxy server provided it for a purpose, your firewall's xlate tables are private.
 
Matt

________________________________

From: unisog-bounces at lists.sans.org on behalf of Allen Mundt
Sent: Fri 5/19/2006 4:19 PM
To: unisog at sans.org
Subject: [unisog] 2 Questions


I have 2 questions for the group.
 
This text [some changed to protect identities] appeared on a blog:
 

"XXXXX, who I've noted previously is .....a terrific staffer, is being scouted by the big boys. I see the <political organization> searching her name in Google and finding my blog. 

 

Question 1:  How are they getting that information?  Would this person likely be obtaining such information as a result of personal conversations, or is there a way that I or anyone else can submit a Google query that tells who is accessing what?  What would the syntax be?

 

Question 2: Lot's of organizations use non-routable IPs internally.  When those are NAT'd or PAT'd out through a firewall, is it possible for a web site to track the actual user IP, or obtain information like machine name, login ID, etc., without the knowledge of the person hitting the site?

 

Thanks

 

Al

 

 

 

******************************************************************************************************************************
Allen Mundt
 
"We need a renaissance of wonder. We need to renew, in our hearts and
in our souls, the deathless dream, the eternal poetry, the perennial
sense that life is miracle and magic."
    --  E. Merrill Root
******************************************************************************************************************************
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 5261 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20060519/5ca773ff/attachment-0001.bin

More information about the unisog mailing list