Posted on 2003-12-13 17:56:12 by etn
your browsers sends its version and your OS version the all websites you visit. The server gets your IP address when the connection is made to the web server.
Posted on 2003-12-13 18:11:12 by ENF
....and system XP and IE6?????????

I'm behind a firewall.....

so, how it is possible?
Posted on 2003-12-13 18:18:52 by etn
this information is sent by internet explorer.
Posted on 2003-12-13 18:34:44 by ENF
My browser sends this I think:

Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007 Firebird/0.7

AFAIK you can't really stop it, the IP is necessary for communication so you can't really get rid of that either though you can use an anonymous IP, that may be against the law now, never know with the DMCA what is illegal anymore.
Posted on 2003-12-13 20:15:07 by donkey
I think the firewall is for other porpouses, like dont let open X port or some like that... dunno much about they...

But you continue with some ports opened, in specific the ones that are used for communication, and the application use this, it send is version and all such things, the server (eg. apache) get your direction and make the conection, for example, if you have php installed, it assignate a 'sesion' for you each time, and it know what sesion is of what ip.

Nice day or night.
Posted on 2003-12-13 20:45:38 by rea
I have seen programs that stop the browser from sending the referer information so it would be possible to block OS and browser version, just havn't seen any software that bothers to do it.
Posted on 2003-12-13 20:59:53 by ENF
Interesting... why not encrypt it?? :)

Get the idea, see what 'packets' will be sended with that info, and only modify this text... I not think this will be usefull for the ip, and I think it will be sended only 9one time per connection?? to a page, it will be so redundant send this information each time, maybe the only important is the ip, but also, some pages use this information.. i think for example for see if a java script is suported in your browser.

Nice day.
Posted on 2003-12-13 21:06:27 by rea
I agree the reason this info is sent is to allow a website to check weather or not something is going to be compatable.
Remember only the websever sees this information so if somone posts an image link in a forum wich displays this info only you and the website see this, the person who posted it dosen't unless he has access to the server logs.
Posted on 2003-12-13 22:17:02 by ENF
you can always use a one of those proxy programs to stop or change what goes out, or write your own :-)
Posted on 2003-12-13 22:27:02 by Gunner
mozilla firebird allows you to put anything you want for the headers :stupid:
Posted on 2003-12-14 23:11:35 by illwill
you can use ISP that provides dynamic IP, anonymous IP maybe illegal but dynamic is not. everytime you log in to your ISP you'll get a different IP. i'm not sure if it is available to your location. here in my place you can purchase an internet card for a particular ISP, and log in using the username and password on the card. this is only applicable with dial-up.

if you're concerned of being traced, you ca be, but it's quite difficult since they have to rely on only on your phone number.

there's one trick system cleaner vendor are using to entice tou to buy their product. aside from your IP, browser, etc. they also show you your directories. this can be done with VbScript just to scare the uninformed but their are also application that can get your system profile.

one suggestion though, if your using window explorer, don't use "web view" to your folder option, a lot of exploits were made through folder.htt. as of now miscrosoft had not fix this issue.
Posted on 2003-12-23 04:18:53 by <null>
donkey, "use an anonymous IP" ?

You can use a open proxy servers to hide your IP, as long as the proxy server doesn't send "x-forwarded-for" (or whatever it's called) information. One list of proxy servers: http://www.samair.ru/proxy/08.htm
Posted on 2003-12-23 05:23:38 by f0dder
Hi f0dder,

I may have gotten the exact name wrong I don't know all of the proper terms and that is what it was called on a security site that I visited a few times. They distinguished between a simple proxy server that would not really hide your real IP and one that allowed you to remain truly anonymous, I can't remember the site name any more but Google comes up with nearly 2 million hits for "anonymous IP" so it must be what it's called. I have never actually used one, I really don't care if someone sees my IP and I have the sneaking suspiscion that it can be construed as an attempt to disguise my identity on the internet which may or may not be against the law now.
Posted on 2003-12-23 05:36:34 by donkey
That would probably be distinguishing between proxys that send the "forwarded for" information to the webserver, and proxies that don't.

I run a SQUID proxy on my LAN, so websites get addresses like "192.168.1.x" in the "forwarded for" - of course they still get the real external IP directly from the connection - but it was fun to see a couple websites telling me I surfed in from ^_^
Posted on 2003-12-23 05:41:07 by f0dder
Hi f0dder,

Actually the site was in my bookmarks under security, that's probably why I couldn't find it :rolleyes:

Posted on 2003-12-23 05:42:28 by donkey
Ah yes, 's what I though - proxy servers not forwarding your IP.
Posted on 2003-12-23 05:46:46 by f0dder
Originally posted by donkey
I really don't care if someone sees my IP .

but the system version???? browser type???? for what it is needed?
Posted on 2003-12-23 17:58:27 by HarryTuttle
Collecting site stats. The version reported by your browser in the HTTP headers aren't that much use IMO, but the browser version you can get through javascript i important because various browser versions have various bugs...
Posted on 2003-12-23 18:01:22 by f0dder
The browser version information is very important for web pages that are using new features, as the scripts will know to then forward the browser on to a different page if the features are not supported. As for OS version... well... I had to think for a while, but there are legitimate purposes for a server getting that, too. Different versions of Windows come with various components (Example: Windows XP comes with its own Microsoft Agent engine, whereas under Win98 it must be installed before use).

Having this information sent is not a big deal since if you're inclined enough to know that this information is being sent, then you're probably also well-informed enough to run a personal firewall program and virus scanner and keep up with the patches for your OS.
Posted on 2004-01-10 15:37:07 by tomdfx