How to secure a VPN/tell if there are leaks?

So, I recently subscribed to a VPN and, regarding torrent leaching and seeding, how can I tell if my true IP address is leaking torrent activity?

I've done a lot of searches and looked all over a bunch of forums, and I've learned a lot, but haven't found any clear cut answers to this question, so any help would be appreciated!

 

Which VPN did you subscribe to?

What type of software does it use to connect, what Operating system are you on? Etc..details will help further your answers..

http://www.checkmytorrentip.com/

This website generates a legal torrent that connects through the torrent client you are using, and it displays the IP you are projecting.

FWIW, I have no idea who runs/controls that site.

 

Thanks so much for your response! I've been recommended here from two other forums, and I was worried that I wasn't going to get any response here.

So, to answer your questions, the VPN I am using is IPREDator (click here to see the set-up configuration), my OS is Windows 7 Professional, and http://www.checkmytorrentip.com has been very helpful, but hasn't answered all of my questions.

To be specific, these are the questions I still have:

1. I'm using regular ol' uTorrent 2.0, to prevent leaks, do I need to disable UPnP and NAT-PMP port mapping in its settings? 1b. Do I also need to disable DHT (network and for new torrents)? 1c. Additionally, do I need to disable Local Peer Discovery and Peer Exchange? 1d. Anything other settings with uTorrent or my firewall or Windows, etc. that I need to change? 1e. And, if I just disable "UPnP port mapping" on uTorrent is that sufficient, or do I need to disable it on my router, too? 1f. Do I still need to disable all these things, even though my VPN anonymizes all web traffic?

2. What program or service can I use to easily and reliably monitor whether or not I am leaking my real IP address (that includes some alert or logging/history feature)? 2b. And how do I use the program/service and where and what do I look for in the program/service to tell if my real IP address is leaking?

3. Right now, in case my VPN drops unexpectedly, I have Windows Firewall blocking uTorrent on my local internet connection (i.e. my real IP address), but, when I disconnect my VPN (to test the settings), I think my real IP address still leaks. At least, this shows up under uTorrent in Netlimiter and it shows upload amounts for awhile before stopping:

Outgoing connection to remote host 239.255.xxx.xxx and remote port 3702

Node Properties
Protocol: Udp
User: Ben
--------------------------------------------------------------------------------
Local Address: 192.168.x.xxx
Local Zone: local
--------------------------------------------------------------------------------
Remote Address: 239.255.xxx.xxx
Remote Zone: internet

4. I also have a lot of allowed traffic on PeerBlock, like:

Source: 127.x.x.x:1900 to destination: 239.255.xxx.xxx (UDP)
...and...
Source: 192.xxx.x.x:1900 to destination: 239.255.xxx.xxx:1900 (UDP)
...and...
PeerBlock is also showing a lot of allowed "unknown" protocol (not UDP or TCP, then?) traffic from 192.168.x.xxx (my real IP address) to 93.182.xxx.x, which is not my IPREDator (VPN) address, but another IPREDator address... Netlimiter doesn't show any evidence of this traffic, as far as I can tell...

Do you know what might be going on in any of these cases here and if these things are leaks?

 

Channel_Z,

I mean this with no disrespect, but I would rather answer questions 1-4 after you have found a more suitable VPN Provider.

How much research have you done into IPread? I will admit, I do not know how their network is setup, but have you looked into their Privacy Policies?

 

No disrespect taken, but, to be honest, I don't really understand what you mean. Is IPREDator not a perfectly suitable VPN? If not, why not?

Yup, I have--they're on their website (I'll post a link when I get to my home computer). They're just not very extensive. I've also e-mailed their tech support, but haven't gotten a response from them yet.

Huh? Were my links changed because the site is in Swedish? If so, you just have to choose the little language pull-down menu on the right-hand side of their website to change it to English...

 

IPREDator is simply rebranded Relakks. Relakks leaks 100% of your DNS, and a lot of your data traffic. PPTP is not suitable for anonymity.

 

How is it not secure, The website says it is 100% secure as in your IP is totally masked. Is this an outright lie? I was gonna go with this one based on them not keeping logs of any sort which other VPN do.

Also what about something like this?

http://www.securstar.com/products_ssolo.php#up3

This part erks me : "* Monthly traffic limit - 20GB"

Also is there a OpenVPN that does not log like Ipredator?

 

1) Run the Metasploit Decloaking Engine to check for IP address leaks. You should see only your VPN's exit IP address.

2) Run Steve Gibson's DNS Nameserver Spoofability Test to see what DNS servers you're using (and how spoofable they are). You should see only your VPN's DNS server(s). If you're using other DNS servers, tweak routing or configure the firewall to prevent that. Your VPN provider should have instructions for doing that.

3) Don't use a wireless router -- unless you're inside a Faraday cage

4) Spend your free time reviewing Wireshark captures

 

Mullvad and Darknet are both OpenVPN providers that offer unlimited traffic for €5. Both are in Sweden and do not keep logs. Mullvad has a custom client that guards against leaks in case of VPN drop out.

 

I see that Mullvad accepts Bitcoin.

Please share experience and opinions re Bitcoin.

 

They both seem great! Are they trusted ones, since I know that everything routes through them now instead of my internet provider right? Where does it state they do not keep logs, I see it on the Darknet one but this one isn't as specific, is Mullvad better because of the VPN dropout feature or can I set Darknet to do this anyways? Also what kind of encryption does darknet use...does not list it sadly...


Oh and about these? http://www.avinashtech.com/internet/15-best-free-vpn-for-secure-anonymous-surfing/ Is this for real? Free..how? This one looks neat https://www.ultravpn.fr/

 

From https://www.mullvad.net/en/faq.php

How do you protect against IPRED? What if a court orders you to divulge sensitive user information?

We don't collect or store such information. There is nothing to divulge.



EU data retention laws only apply to ISPs.

If you use a standard OpenVPN client you will need to run something like VPNCheck or VPNetMon to protect against a VPN drop, or else configure your firewall. Also if they are not using the latest client you can download it yourself from OpenVPN. You just need to grab the "config" and "key" folders from their client and copy (overwrite) them to your client.

I have never managed to get UltraVPN to work.

 

But they don't tell you the rest of the story.....

Mullvad.net is a VPN which is hosted at - GoDaddy!

Domain servers in listed order:
NS49.DOMAINCONTROL.COM
NS50.DOMAINCONTROL.COM

GoDaddy keeps logs. GoDaddy is based in Phoenix, AZ in the USA.

Easy traffic analysis if TLA/Law Enforcement is interested in you.

 

So that one is a lie...Guess the other one is fine then...?

 

No, it's not a lie, it's just not telling you everything.

As for Darknet, they're hosted by a Swedish webhost. So, same thing.

Again, I'm not talking about direct IP connections being logged, I'm talking about traffic analysis by web forensics specialists.

 

Would companies and government(Not to sound crazy, I just like privacy) go through measures to even look at what I do over these VPN Networks from there various host such as godaddy? Darknet seems more professional, well there site at least.

 

Fair question. I think the answer is you world have to already be an active subject of investigation before they went to the trouble of traffic analysis.

 

Thanks, that seems to make sense...Wish there was one that kept no logs at all...Thanks for the answer though.

 

Mullvad is hosted by LeaseWeb and appear to have servers in Netherlands and Sweden which are randomly assigned. I don't know why their website is hosted in the US. Darknet uses Portlane and you will always appear to be in Sweden.

 

So that would be a safe bet then If I am located in the U.S? Since Its not run by the same government, Plus companies & government have no authority there I would think.

 

The legal issues for a VPN in Sweden is explained on the Ipredator site. Mullvad also has an "exclude Swedish traffic" option in case things turn ugly in Sweden. It goes without saying that all your drives should be fully encrypted with DiskCryptor or Truecrypt.

 

I understand the Sweden problem but since I do not reside there but in the U.S would I not be fine?

Thanks for all the info and help thus far btw guys, really nice of you.

 

Nothing would happen to you unless there was cooperation between Swedish and US authorities.

 

Thanks, I think I found my VPN provider then!

 

Oh please.