WIMI and security

Askov asked 2 years ago

I've just exposed a hacker on one of our customers servers. Weird experience. He was trying to set up a service for a poker-site. The server has almost no communication externally, but a little while before the attack, Internet Explorer was used to lookup the IP address on WIMI. Is there any chance, that WIMI could be used by criminals to get information on ip-addresses, that are "relevant subject for attack"?

2 Answers
Steve Bonilla Staff answered 2 years ago

It is possible for WIMI to be used by anyone who needs to obtain the public IP for the connection they are using, whether it be local, remote, legal, or illegal.

Rob Vargas Staff answered 2 years ago

It is possible to see your IP address whenever a machine visits a Web site. The code that WIMI uses isn't that hard to create in javascript, ActiveX, etc.

Yes, WIMI *could* be used this way, but it's not that hard to locate a machine using port scans, IP scans, etc. Those scans don't even require you to actively be on the Internet. If the connection is live, then the door, potentially, is open.

Know the answer? Login or sign up for an account to answer this question.
Sign Up