[tor-talk] Only nine of the 29 Windows VPN clients that I tested didn't leak

Mirimir mirimir at riseup.net
Thu Jun 16 17:34:21 UTC 2016


On 06/16/2016 10:51 AM, s7r wrote:
> Hello grarpamp, mirmir
> 
> Speaking of, there is this website:
> http://ipleak.com/
> 
> If you go to Proxy/VPN in the left menu it will show you some info
> related to vpn usage detected.
> 
> In my latest firefox it says:
> 
> First seen 	2016/06/16 16:47:04
> Last update 	2016/06/16 16:47:04
> Total flows 	1
> Detected OS 	Windows 7 or 8
> HTTP software	Firefox 10.x or newer (ID seems legit)
> MTU 	        1406
> Network link 	OpenVPN TCP bs64 SHA1 lzo
> Language 	English
> Distance 	11
> 
> 
> Where I use exactly OpenVPN in TCP mode. In Tor Browser this is not
> detected.

It won't work in Tor Browser using Tor, because Tor isn't just TCP/IP.
If you mangle Tor Browser to work without Tor, you'll see it.

> I am not sure how reliable is this tool, but what's the trick in normal
> firefox to disable this so that networking info is not revealed any
> more? How is this information gather by this website?

I'm not aware that it's blockable. It's not an HTML5 thing. Read up on
TCP/IP stack OS fingerprinting.

> On 6/16/2016 7:28 PM, grarpamp wrote:
>> On 6/16/16, Mirimir <mirimir at riseup.net> wrote:
>>> https://vpntesting.info/
>>>
>>> I tested 29 Windows VPN clients for DNS, IPv4 and IPv6 Leaks.
>>
>> Nice.
>>
>> You might want to include
>> - For clients that may be doing packet filtering instead of just modifying
>> kernel routing tables... test ICMP, generic UDP (non-DNS), TCP, etc.
>> - The codebase and VPN protocol of each client (OpenVPN, SoftEther, etc)
>>
>>> hit VPN-specified nameservers directly while
>>> reconnecting after uplink interruption. But that's not a huge issue,
>>> in that they didn't hit other nameservers.
>>
>> Seems big if the direct hits were not encrypted over the VPN
>> and user's requirement is to encrypt to the VPN termination.
>>
>>> After uplink interruption,
>>> some failed to reconnect automatically
>>
>> These interruption, reconnect, renegotiation, timeout,
>> edge cases are important to discover.
>>
>>
>> More advanced users of Tor + OpenVPN might be interested
>> in this capability...
>> https://community.openvpn.net/openvpn/ticket/577
>>
> 
> 
> 


More information about the tor-talk mailing list