Jump to content
  • 0
Sign in to follow this  
Doris Haller

How can I find out the IP-address of another AV?

Question

Recommended Posts

  • 0

Baeric.Constantine wrote:

There are major security issues in Viewer 2.0 that have NOT been resolved. Web on a prim does have many issues... just think about the passage of passwords, say you want to do online banking....

As for finding IP addresses in viewer 2.0, that, from what I understand, is resoundingly easy with a script... and many have indeed posted on just such a thing in these fora.

Ok .. now this is being a little silly.  Remember that its just a web session displayed on a prim.  Authentaticed sessions like you mention WILL NOT be visable to other people.  All they will see is the logon page and nothing else.

Scruffy

Share this post


Link to post
Share on other sites
  • 0

Ackley.Bing wrote:

 

You're wrong.  Here's your interpretation of the TOS:

 

You agree that you will not post or transmit Content or code that may harvest  or collect any data or personal information about other users without  their consent;

According to your interpretation, no one should post media streams at all since IP#s are obtained automatically by them.

That's not my intrepretation .. that is a quote fromt the TOS.  IP addresses while available from a media stream, are not automatically stored and saved for later viewing.  Doing that would be breaking the TOS.

Remember just because somthing is technically possible DOES NOT make it right.

Scruffy

Share this post


Link to post
Share on other sites
  • 0

To clarify a little bit more: The texture on a prim is not the actual website, so to you it is just a graphical interpretation of a page from the website, it has no code or whatsoever behind it (unless off course the prim contains a script as well, this however should always be a script approved by Linden and the ToS). Hence it can not "know" your IP address until you actually physically make contact with that prim and then you will always be redirected to the actual website itself, only then will this website know your IP address.

For more information about what is is and how it works look over here:

https://blogs.secondlife.com/community/features/blog/2010/02/24/shared-media-bringing-the-web-inworld-with-viewer-2

 

Message was edited by: Linda Spargelcorrected a typo

Share this post


Link to post
Share on other sites
  • 0


Linda.Spargel wrote:

 

To clarify a little bit more: The texture on a prim is not the actual website, so to you it is just a graphical interpretation of a page from the website, it has no code or whatsoever behind it (unless off course the prim contains a script as well, this however should always be a script approved by Linden and the ToS). Hence it can not "know" your IP address until you actually physically make contact with that prim and then you will always be redirected to the actual website itself, only then will this website know your IP address.

 

The prim itself can act as a webserver so it is relatively trivial to get an IP address into a LSL script.

Share this post


Link to post
Share on other sites
  • 0

Is it possible to completely turn off this feature in 2.0 ?

What would be the impact (besides that I can't do online banking from SL anymore, lol)?

Share this post


Link to post
Share on other sites
  • 0

SimonT.Quinnell wrote:

Ok .. now this is being a little silly.  Remember that its just a web session displayed on a prim.  Authentaticed sessions like you mention WILL NOT be visable to other people.  All they will see is the logon page and nothing else.

Scruffy

If you wish to blind yourself... that is your choice.

Share this post


Link to post
Share on other sites
  • 0

Let me give you an example of how people would use this sort of information.

Lets say I set up an IP logger in my store, and for the next month I record the IP address of everyone who enters my store.  At the end of the month I perform an analysis on that data and find to my surprise that a surprising number of people visiting are from Germany.  So I decide to translate my products to German and watch with joy as my sales increase.


It all sounds so innocent BUT no one gave consent for me to collect their location information as they arrived at the store and THIS is breaking the TOS.

Now, as an outsider would someone know I had done this? Not unless I was stupid and said something.  But again just because its hard to prove doesn't not mean collecting this data is your right.

Scruffy

 

Message was edited by: SimonT Quinnell (fixed my spelling :)

Share this post


Link to post
Share on other sites
  • 0


If you wish to blind yourself... that is your choice.

I've tested it with alts.  I suggest you do the same.  Anything that requires you to enter a form with javascript is only displayed for the session that is entering it.  Noone else sees it.

Share this post


Link to post
Share on other sites
  • 0

Doris.Haller wrote:

 

Is it possible to completely turn off this feature in 2.0 ?

What would be the impact (besides that I can't do online banking from SL anymore, lol)?

Under the 'Sound & Media' tab in preferences uncheck 'Allow Media to Autoplay'. If you do that you can then chose to allow the shared media that you want display.

Scruffy

Share this post


Link to post
Share on other sites
  • 0

First, it is not very difficult for someone to get the IP of a user in SL. There are quite a few methods, depending on the viewer they use. But to what end. For starters, it appears to be against the ToS we all agreed to.

Second, as has been discussed in the forums many time, it gets you nothing. At best a persons IP can be used to determine the ISP they are using and the general geographic area they are in. But even that is marginal. If you use my IP, you get a city more than 70 miles from my actual location. On top of that, most IP's change fairly regularly, so the IP they log may only be valid for a few minutes to a week or so. Websites regularly gather IP information for their logs, especially ones that have a signin requirment. IPs are just not a big deal, web myths and scare tactics asside.

If you are worried that someone might find out your IP from inside SL, I think you are getting worried over nothing. If you stop doing all the things in SL that might, given enough effort, reveal your IP to someone, you are going to miss out on a lot of what SL has to offer.

If you are really trying to figure out how to do it, I would google your question, not ask it here.

_________________________________________

Share this post


Link to post
Share on other sites
  • 0

Baeric.Constantine wrote:

 

Testing it with alts... right... get a security company in to do some proper testing then... and let us see what they have to say....

Sure .. go for it. Post the report I'd be quite interested to read it. By the sounds of it you haven't bothered to see what is actually shared with shared media.

Share this post


Link to post
Share on other sites
  • 0

Agreed that this is something I just can't be stressed about.  I have a different IP every time I connect and if you looked it up you'd find an address ridiculously far away.  On the flip side, doing something like online banking via SL seems just insane to me, esp via 2.0 which does seem to have some significant security holes.  My advice?  Use your secure internet connection for things like that before your go inworld or after you log.  Paranoid?  Perhaps, but why take chances with something so important?  

  • Like 1

Share this post


Link to post
Share on other sites
  • 0

Hi i have same question and lot trouble too i be accuse For be other and he says he have my ip adress and is not me and Xarusdragon he lie or using tool on sl i not know but i think be good to give a warning to stop is **bleep** and my friend i did talk i says same thing like . the forum says . if have tool for see ip well hacker need be banned

Share this post


Link to post
Share on other sites
  • 0
On 4/2/2010 at 6:47 AM, Ackley Bing said:

Knowing someone's IP isn't much use these days as many ISPs change your IP frequently.  If you're PC is vulnerable, YOU are the problem, not the fact that they know your IP.

Not true. First of all, in the US, many ISPs use fixed IPs for home users, and dynamic IP for businesses. Absurd, but it happens. As businesses who run web servers need a fixed IP not a dynamic one, and most business nowadays do run web services. On the other hand, knowing an IP is useless to know your location, but useful for a hacker to attack your computer and hog your internet connection at the very least. Not talking about to spoil your operating system, or even your hard disk. That would would ruin your SL wedding, for example, or your experience in SL in general. Are there people who do such things in SL? unfortunately the answer is a definitive yes! Does Linden do something about it? No, as far as I know. 

So yes, IPs can be used for many evil purposes, even to insert a keylogger, in your computer or access windows 10 keylogs and spy your private conversations (IMs). Does it break the ToS? yes, but prove you've been a victim of such actions. And yes, this also has happened!

Am i the problem if I am vulnerable? definitely not. A hacker knows how to bypass most of internet security products. One does not have to be an expert in computer security for using SL. The problem here are the hackers that use SL, They are the ones who are doing illegal actions against others. I do not have to become a computer security expert, they do not have to do such things in SL!. Where have you seen the victim of a crime has been  considered the problem by a judge?

Edited by marquisdesoire

Share this post


Link to post
Share on other sites
  • 0
8 minutes ago, marquisdesoire said:

First of all,

first of all... look at the date where you resond to... quite irrelevant after more than 7.5 years...

till now you have the weekly record for posting in a necro thread ..

  • Like 2

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...