[Dshield] little experiment
abuse at what4now.com
Wed Mar 2 05:40:28 GMT 2005
** Reply to message from "Johannes B. Ullrich" <jullrich at euclidian.com> on Tue,
01 Mar 2005 17:42:54 -0500
> > How do you get the "behind firewall address"??
> its a little bit of javacode I found. Essentially, it tells your browser
> to reload the page, but adds the IP address of your system to the end
> (you will see 'IP=22.214.171.124' at the end of the URL).
Strange. I have JAVA enabled but my internal IP was not given, I am using
> But so far, I have only seen java code that was able to actually send it
> to the server.
> As others have commented, many e-mail clients (e.g. mine) add it to the
> header, or mail servers add them if they are inside the natted network.
> If someone knows how to tell thunderbird not to send the IP as part of
> the 'helo', let me know ;-)
I don't know how Thunderbird works but here is what I did for my email client.
Polarbar gets the IP of the machine it is running on and does a DNS lookup, if
it does not resolve it uses the IP for the HELO. If it does resolve it uses
the resolved domain name for the HELO. I added my machines IP to the HOSTS
file and put the domain name I wanted to use externally there. Since this is a
laptop using DHCP at home I always get the same IP and when I travel, who knows
what IP comes up, I really don't care if the IP is used but if I did I could
change the HOSTS file.
More information about the list