Can servers ever find out what your private IP address is?

[fwacct4]

I am wondering if public ip and private ip packets are ever both sent out to public servers.

For instance, if I have a 172.16.0.0/12 subnet using NAT, I might be more easily identified where most subnets are 192.168.0.0/24.

 

[Net]

of course. i have bluehost and i can see what ip address visit my site. i get a nice graph of what countries visit most too. i can even see which pages they view and i can block them from coming back if i want.

its going to be your outside ip address. the ip address given to you by your isp. go to google and type what is my ip address.

 

[fwacct4]

Originally posted by: net
of course. i have bluehost and i can see what ip address visit my site. i get a nice graph of what countries visit most too. i can even see which pages they view and i can block them from coming back if i want.

its going to be your outside ip address. the ip address given to you by your isp. go to google and type what is my ip address.

What I mean is can servers see the PRIVATE IP address of my LAN, not my public IP address.

 

[Atheus]

No, they can't, the NAT on your router means all packets are sent out with only your public IP as a return address. Any packets sent to that public address will encouter only the router unless a) they are classified established/related or b) port forwarding or DMZ is active.

This doesn't mean it's impossible to touch the internal compters of course - many consumer routers have a web interface open to the web where someone could check the DHCP clients and open ports.

 

[fwacct4]

Originally posted by: Atheus
No, they can't, the NAT on your router means all packets are sent out with only your public IP as a return address. Any packets sent to that public address will encouter only the router unless a) they are classified established/related or b) port forwarding or DMZ is active.

This doesn't mean it's impossible to touch the internal compters of course - many consumer routers have a web interface open to the web where someone could check the DHCP clients and open ports.

My guess is that some transparent proxy servers might forward private ip addresses in the packet, and just allows the server to do whatever it wants with it, and since it's non-routable, it just discards it.

NAT would probably hide it, but I wonder if proxy servers can potentially forward that information as well, in which case, knowing your private subnet can additionally help expose your id.

 

[Crusty]

How would the proxy know your private IP address? Once your packet hits your firewall and the headers are changed for NAT that IP is lost for anyone receiving that packet.

 

[fwacct4]

Originally posted by: Crusty
How would the proxy know your private IP address? Once your packet hits your firewall and the headers are changed for NAT that IP is lost for anyone receiving that packet.

That's the thing. Proxy servers, especially if they're a part of the private subnet, CAN use NAT, but I don't think they're restricted to it. There is nothing that stops them from providing additional information on behalf of the client, and maybe that can be private ip address. I'm not wondering whether NAT in general does not forward private IP. I'm wondering whether there may be ANY transparent proxy servers that may forward private subnet information to servers.

 

[Crusty]

It would depend on what kind of proxy you are using. Your packets will not include any private address information whatsoever in the headers, it just doesn't work like that but there is nothing stopping a proxy from altering your data in the packets. Like if you are using an HTTP proxy it might include the X-FORWARDED-FOR header with your private IP information but that is not part of the TCP/IP header.