Topic: bugs on e-smith or security flaws

[Renan Nepomuceno]

To All,

       I just test the e-smith 5.5 proxy server and use a windows 98 PC to connect the internet and it appears that my private ip which was 192.168.40.23 was detected by the site www.taruo.net (this site is a japanese if you want to test just go to the site and click the the 3rd button).

      Do you think this is squid problem which is regards to transparency of the squid or should it be integrate with masquarading.

Thanks in advance
  renan

[Nate]

Seeing an ip address isn't a security flaw, at least IMO.  Especially when  it's a 192.168 address that won't 'fly' across the net anyway.

[Renan Nepomuceno]

NATE,
 
       Yes Nate your correct that 192.168's ip isn't routable on internet but seeing your private ip on the net, to my opinion is not correct and may cause you a security breaches because hacker can penetrate to your network.

best regards,
 renan

[Terry Brummell]

This thread may help...

http://forums.contribs.org/index.php?topic=6479.msg23272#msg23272

[Gordon Rowell]

Please report any security issues, or suspected security issues,  with
the Mitel Networks SME Server (nee e-smith server and gateway) to:

     smesecurity@mitel.com

and only to that address.

As with all products, you should contact the vendor (in this case,
Mitel Networks), for any security related issues. You should not
post them to open discussion forums.

Thanks,

Gordon