January 6th, 2004, 06:30 PM
Resolving ISP's thu a java chat client
Question: Recently I was in a java based chat room, thru internet explorer , fully up to date.
One of the chatters managed to resolve my isp and began to actually resolve my current IP. The client in question is unknown, but has no tools to do this as in some IRC clients. This is sort of worrisome. I've tried all over the net to find the utility he used. He was not a room moderator. The site that runs the chat client is not saying a word, so wondering if this is a vulnerability on their part as well.
Commenst and answers appreciated.
January 6th, 2004, 06:33 PM
If the java client has "host masking" (where it uses a hash to hide the IP Address), there are -- sometimes -- ways to get around that (particularly if the hashing isn't a strong algorithm and doesn't have a true random salt).
But, it is possible that the java client isn't masking the IP and he simply got it by doing a /whois <nick>