1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

When using a VPN is there the risk like with a proxy or tor to leak the own ip too?

Discussion in 'BlackHat Lounge' started by SebastianJu, Nov 7, 2010.

  1. SebastianJu

    SebastianJu Power Member

    Joined:
    Mar 27, 2008
    Messages:
    679
    Likes Received:
    130
    Hello,

    when using a proxy or tor and having java or other plugins enabled the real ip can be found out. Does the same thing apply to a pc connected through a vpn? Can the real ip found out then or will it only deliver the ip from the vpn?

    Thanks!
    Sebastian
     
  2. cooooookies

    cooooookies Senior Member

    Joined:
    Oct 6, 2008
    Messages:
    1,009
    Likes Received:
    216
    Google f DNS leaking, brrr. This means, your ISPs DNS server is used, which might be uncomfortable for you. Check here:
    https://www.dns-oarc.net/oarc/services/dnsentropy

    Apart from DNS resolving: What can be shown at maximum ยด to my best knowledge is your internal IP.
    This is your virtual net and can be in non-routed nets like 192.168.0.0/16.

    For maximum security, install a firewall and see for yourself. Allow only connections to your vpn server and log everything else.
     
    • Thanks Thanks x 1
    Last edited: Nov 7, 2010
  3. nme

    nme Junior Member

    Joined:
    Jan 17, 2008
    Messages:
    124
    Likes Received:
    36
    ipv6 can be a problem in some situations.
     
  4. SebastianJu

    SebastianJu Power Member

    Joined:
    Mar 27, 2008
    Messages:
    679
    Likes Received:
    130
    @cooookies

    I hoped the situation is like you describe... so even when for example java is establishing a socket-connection my real ip would be hidden correct?
    I tested my isp with your link and it said all is good and random...
    Have to check the same at my vps when I bought it...

    @nme

    What do you mean?
     
  5. cooooookies

    cooooookies Senior Member

    Joined:
    Oct 6, 2008
    Messages:
    1,009
    Likes Received:
    216
    Depending on the grade of anonymity you need, you should maybe investigate further a little. The link I gave you gives just generic information about the DNS server. Nothing apart regional laws prevents your ISP being in control of the DNS server to log individual requests. This is meant by DNS leaking. So if you are doing many DNS requests like I do, the worst scenario might be that they track it.

    A socket connection by itself is harmless - you are in control of the data sent over, right? I for instance use beside socket connections the htmlunit-java library which is a headless browser. I am in full control of the stuff, I for extra security track with wireshark sometimes, I use a IP-table based firewall and I can use my own cheap proxy server. I (hope to) know that there are no (flash) cookies sent, no browsing history, no other stuff allowing for identifying me.

    If you however want to do illegal stuff like email-spamming or worse, invest definitely some bucks in a bullet proof offshore VPS. IMHO such activities require to be very professional.
     
  6. SebastianJu

    SebastianJu Power Member

    Joined:
    Mar 27, 2008
    Messages:
    679
    Likes Received:
    130
    So when I understand you correctly the problem with dns-leaking is that your own pc is requesting the dns-servers directly and not through the vpn? Because the connection to the vpn-pc still goes through your isps internet connection.
    So they can see what dns were asked through vpn-ip and can see the pattern of dns used matching another pc that is yours. Or did I misunderstood this?

    At the moment I dont plan to use tools like you mentioned at this vpn but in the future this would be possible...

    With sockets I meant i have read a page where the tor-developers tested how vulnerable their tor-network is against ip-leaking. They wrote that all plugins that can create sockets can leak the ip. An exception was javascript on vista because sockets were restricted there or something. Which means that websites using java or a good amount of other plugins could theoretically put in an exploit to find out the real ip. I believe each recaptcha has such a functionality built in. Which is the reason why tor is blocking recaptcha. (I believe that was the case...)
    But when a vpn-connection only gives out the network-ip that wouldnt be a problem...

    The remaining rest would be of course the cookies and the rest where you shouldnt insert a trail.

    I dont plan to do illegal things. I think its not worth it. But I plan to use a vps, I think I choose united-hoster.com for the start. Alternatively ucvhost.com. And I plan to use a cheap vpn for this. I found some guys talking about their experiences in a hacker- or warezforum or so. I think the preferred services would be from top to lowest: vpntunnel.se, ipredator.se, anonine.com or itshidden.com. I dont know if hidymyass is any good in terms of anonymity when it comes to give out data. They provide many ips but they arent as cheap as others too...

    But anyways... I want to pay both, vpn and vps via fake-details. So even when they would track it down they would be leaved with a wrong adress. I still searching a secure way to do this but I have something in mind which involves a middleman somewhere in india or other countries...

    I hope at the end I thought of every possibility... :)

     
  7. burgerking726

    burgerking726 Newbie

    Joined:
    Nov 8, 2010
    Messages:
    1
    Likes Received:
    0
    Contrary to what others may believe if you use a private,offshore, VPN that deletes their log files every 10 minutes then you are fine. However, if you use a private domestic VPN that doesnt delete log files then you're screwed lol. My 2 cents.