Askov asked 4 years ago
I've just exposed a hacker on one of our customers servers. Weird experience. He was trying to set up a service for a poker-site. The server has almost no communication externally, but a little while before the attack, Internet Explorer was used to lookup the IP address on WIMI. Is there any chance, that WIMI could be used by criminals to get information on ip-addresses, that are "relevant subject for attack"?
Steve Bonilla Staff answered 4 years ago
It is possible for WIMI to be used by anyone who needs to obtain the public IP for the connection they are using, whether it be local, remote, legal, or illegal.
Rob Vargas Staff answered 4 years ago
It is possible to see your IP address whenever a machine visits a Web site. The code that WIMI uses isn't that hard to create in javascript, ActiveX, etc.
Yes, WIMI *could* be used this way, but it's not that hard to locate a machine using port scans, IP scans, etc. Those scans don't even require you to actively be on the Internet. If the connection is live, then the door, potentially, is open.