Is this DNS leak?

Discussion in 'privacy technology' started by archer2, Apr 21, 2009.

Thread Status:
Not open for further replies.
  1. archer2

    archer2 Registered Member

    Joined:
    Apr 21, 2009
    Posts:
    4
    I'm using SwissVPN with EAP-TTLS encryption, I tested with cmyip.com and whatismyip.com, both showed the SwissVPN IP. However, when I test it with https://www.dns-oarc.net/oarc/services/dnsentropy the test showed my real IP. Is this a DNS leak? If it is, will this happen when using BitTorrent, or is this only happens on rare circumstances? Thanks.
     
  2. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Yes, that is a DNS leak.
     
  3. archer2

    archer2 Registered Member

    Joined:
    Apr 21, 2009
    Posts:
    4
    Will this happens when using BitTorrent, or is it something that rarely happens? I thought EAP-TTLS doesn't have the DNS leak problem.

    Thanks for the reply.
     
  4. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Obviously it does. Yes, it will likely continue to do that, regardless of what programs you are running (torrents etc). No change = things stay the same. I can't say how their network works, so I can't tell you what to do to fix the problem other than contacting them.
     
  5. snowdrift

    snowdrift Registered Member

    Joined:
    Sep 7, 2007
    Posts:
    394
    I have the same problem with Xerobank; the problem is inherent to OpenVPN.

    Here is a solution:

    https://forum.perfect-privacy.com/showthread.php?t=702

    It is tedious but it does work.

    If you use OpenDNS servers, they purge their records daily, I believe... So... while you may be leaking a request, the log entry at OpenDNS will be purged. I think your normal ISP can still see DNS request as they travel to OpenDNS servers, though, but they'd have to be looking for it. I don't think it is something that is normally logged.

    Someone please correct me if I mis-speak?

    Leaking DNS is a big hassle. Why developers can't get it fixed is beyond me.
     
    Last edited: Apr 21, 2009
  6. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    Put it this way...... your REAL IP is shown and recorded already if you have been engaging in illegal torrent downloads.

    Don't fool yourself.. you are never 100% anonymous.

    Stay away from illegal activities and you will be fine, no need to try to hide your real IP.
     
  7. JokersWild

    JokersWild Registered Member

    Joined:
    Nov 10, 2008
    Posts:
    23
    I have the Xerobank DNS Server specified in my network settings for the TAP-WIN32 adapter.

    When I run the test: https://www.dns-oarc.net/oarc/services/dnsentropy it does not report back my real IP address, rather it reports an IP address other than my IP address through my ISP.

    Further, if I mistype a URL, Xerobank reports back with an error message, and not my ISP.

    It seems as though I'm covered, or have I missed something?
     
  8. n33m3rz

    n33m3rz Registered Member

    Joined:
    Jan 10, 2009
    Posts:
    114
    Put it this way...... your REAL IP is shown and recorded already if you have been engaging in illegal torrent downloads.

    Not if he is using an anonymity network and has it set up properly. Really you don't need much anonymity at all to download torrents safe, why would they waste their time to tace you back over a one hop connection when there are millions and millions of people using no anonymity networks.

    Don't fool yourself.. you are never 100% anonymous.

    As with most things in life it comes down to levels. You don't need to be 100% anonymous you just need to be so anonymous that those trying to find you won't bother. For torrents you don't need to be anywhere near 100% anonymous to be safe. I think people can be 99.99% anonymous, I will give someone a million dollars if they can trace me down if I am using Tor plus random unsecured WiFi with a long range antenna from a rotating mobile position (car) and spoofed mac address. That may not be solidly 100% anonymous but its 99.99% - 100% anonymous, someone would need to be doing some seriously ****ed up **** for anyone to even attempt to trace them doing that.


    Stay away from illegal activities and you will be fine, no need to try to hide your real IP.

    What a horribly defeatist attitude. Would you tell a German in Nazi Germany to not hide Jews in their attic? Morality trumps illegality. Don't be immoral, break whatever stupid immoral laws you want is my motto. Of course that only works if people don't delude themselves as to what is moral and what isn't, victimless crimes are not immoral, crimes with a victim are immoral. The same thing can be seen from the flip side as well, "victims" shouldn't delude themselves either. People have no rights to arbitrary strings of 1's and 0's, information is free, technology has changed the way people need to think of property ownership. Thats just the simple truth of the matter, anything else is trying to plug a massive leaking dam with bubble gum.
     
    Last edited: Apr 21, 2009
  9. archer2

    archer2 Registered Member

    Joined:
    Apr 21, 2009
    Posts:
    4
    Well, I don't mind the VPN company recording my real IP, I just don't want the peers to see my real IP. I also never claimed I'm 100% anonymous, but I would make effort to make myself harder to track. I'm not discussing the legality of torrents, I didn't ask for illegal torrents. I'm asking a technical question of whether if this is a DNS leak and if it'll happen if I run BitTorrent.

    Jokerswilds: What settings did you use? Please share them or post a link, thanks.
     
  10. n33m3rz

    n33m3rz Registered Member

    Joined:
    Jan 10, 2009
    Posts:
    114
    I don't think BitTorrent needs to resolve any domain names other than maybe the tracker, so I doubt it will matter too much, although it technically probably could happen.

    The most that will happen from a DNS leak is your ISP will be able to see you contacted a torrent tracker for some reason. The torrent tracker still wont be able to see your IP, nor will any of the peers. DNS leaks make it so your ISP can see who you talk to, they don't make it so the people you talk with can see who you are.
     
  11. archer2

    archer2 Registered Member

    Joined:
    Apr 21, 2009
    Posts:
    4
    Ok, thanks for the info. As long as the tracker and the peers do not see my real IP, that's good enough for now.
     
  12. fuzzylogic

    fuzzylogic Registered Member

    Joined:
    Mar 12, 2008
    Posts:
    149
    May i suggest another idea, look into a seedbox. Its a server that runs either a php script like TorrentFlux or a web interface for utorrent/rtorrent that is used solely for bittorrent; they massively faster than your own connection, using connected to a 100mp backbone. That way you can save your bandwidth to download via http/ftp and your ip address is never recorded in the spawn.
     
  13. JokersWild

    JokersWild Registered Member

    Joined:
    Nov 10, 2008
    Posts:
    23
    This is on a Windows XP Box SP2:

    Control Panel>Network Connections>TAP-WIN32 Adapter>Properties>Internet Protocol(TCP/IP)>Properties

    Change: Untick Obtain DNS Server Automatically
    Check: Use the Following DNS Server addresses

    Input: 10.244.2.1

    That is the Xerobank DNS Server.
    Has worked well for me.
     
  14. SKA

    SKA Registered Member

    Joined:
    Aug 2, 2002
    Posts:
    154
    JokersWild

    Pls tell what is alternate(apart from 10.244.2.1) DNS server for Xerobank ?
    Should there not be at least 2 addresses ?

    Are both these for use only by paying clients of Xerobank or others too may also use them , like for eg.OpenDNS ?

    Can these 2 DNS's be put on a router ?

    Thanks for yr kind advice/tips

    SKA
     
  15. JokersWild

    JokersWild Registered Member

    Joined:
    Nov 10, 2008
    Posts:
    23
    I agree, that historically, I've seen this configuration specified
    with two alternate DNS Server addresses.

    However,as I mentioned, specifying the XB DNS, if you mistype a URL it returns with the following error message:

    "The host you tried to connect to does not exist
    This is a warning page generated by Xerobank to warn you that the host you tried to contact does not exist."

    Also, the leak test does not reveal my true IP address.

    Steve will have to weigh in as to whether or not this is available to non-Xerobank customers.
     
  16. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    I do not have anything configured at all on any of my computers (I have 3) and this test does not show my real IP on either of them. It always shows XB without fail. And if I type an incorrect addres. Xerobank tells me that it is incorrect.
     
  17. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    I don't know if we are blocking external requests to our DNS. However, I do know that we are adding more DNS servers for geographic distribution. If users do external requests and it causes any slowdown for clients, we would firewall external requests.

    However, if you AREN'T on XeroBank, you shouldn't be sending requests through XeroBank, because then nodes between your network and ours would see the data going over it, leaking your DNS info to them and to XeroBank.
     
  18. traxx75

    traxx75 Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    106
    Only people connected to Xerobank's network via VPN can use the DNS server on 10.244.2.1. This is because that IP is on a private IP range that is inaccessible from the Internet unless it also has an external "public" IP or Xerobank forward requests from an external interface to the internal server.

    The private IP range of 10.0.0.0-10.255.255.255 is basically a bigger version of the private IP ranges you might see on your own home LAN like 192.168.*.
     
  19. SKA

    SKA Registered Member

    Joined:
    Aug 2, 2002
    Posts:
    154
    traxx75
    Thanks for your explanation - deeply appreciated.

    SKA
     
Loading...
Thread Status:
Not open for further replies.