Advice Request About IP leaks caused by Flash or WebRTC

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

Maxxx58

Level 13
Thread author
Verified
Dec 20, 2014
619
Hi all,
I have a question want to ask? I've already tried Cyberghost VPN, F-Secure Freedome VPN and Zenmate VPN. But only in Cyberghost VPN, my real IP is not leaked. Beside, when I test with Freedome VPN or Zenmate VPN (using IP/DNS Detect), my real IP is leaked. I want to know why Freedome and Zenmate don't use technology same as Cyberghost to prevent leak real IP? That means Cyberghost is better than Freedome and Zenmate?
 
Last edited:

frogboy

In memoriam 1961-2018
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Not sure why here is a screenshot from Australia.
Screenshot_1.png
 
  • Like
Reactions: Maxxx58

frogboy

In memoriam 1961-2018
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
@Maxxx58 what browser are you using, if Mozilla Firefox try this. ;)

  • Mozilla Firefox – if you don’t want to install any extensions
  1. Type in “about:config” in the URL bar and press Enter.

  2. Make a search for “media.peerconnection.enabled”.

  3. Double click the option by setting it to “false”.
    If Chrome not sure.
 

Infamous

Level 1
Verified
Dec 20, 2015
34
I remember doing some research with WebRTC and blocking it awhile ago, it involved testing of ZenMate VPN (browser extension).

The reason why WebRTC can be used to obtain your real IP address when using a VPN extension is because when you are using an extension on the browser for VPN, all you are actually doing is using a proxy server. The way WebRTC works is it will allow requests to STUN servers which can then lead to your real IP address being leaked back - it will go from your computer to the gateway and then to the STUN server, and since you were just using a proxy (as this is all what the browser extension is), your real IP address is being used for the request for the STUN server.

However, if you are using desktop VPN software, it's a different story, and your IP address should not be leaked, but the IP address which you are using from the server of the VPN provider should be returned. The reason behind this is simply because when the requests are allowed to the STUN servers, it will go from your Computer to the Gateway and then it will go to the STUN server for the request. Since the desktop VPN is being used, your connection is protected overall in general and you are not just using a proxy server.

If you would like to keep using a browser extension such as ZenMate VPN, if you are currently vulnerable to a WebRTC leak, I recommend disabling WebRTC (blocking it). Depending on your web browser, you can find other extensions where the sole purpose is to prevent and block WebRTC, or you could try manual setting tweaks to get the job done.
 

frogboy

In memoriam 1961-2018
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
I remember doing some research with WebRTC and blocking it awhile ago, it involved testing of ZenMate VPN (browser extension).

The reason why WebRTC can be used to obtain your real IP address when using a VPN extension is because when you are using an extension on the browser for VPN, all you are actually doing is using a proxy server. The way WebRTC works is it will allow requests to STUN servers which can then lead to your real IP address being leaked back - it will go from your computer to the gateway and then to the STUN server, and since you were just using a proxy (as this is all what the browser extension is), your real IP address is being used for the request for the STUN server.

However, if you are using desktop VPN software, it's a different story, and your IP address should not be leaked, but the IP address which you are using from the server of the VPN provider should be returned. The reason behind this is simply because when the requests are allowed to the STUN servers, it will go from your Computer to the Gateway and then it will go to the STUN server for the request. Since the desktop VPN is being used, your connection is protected overall in general and you are not just using a proxy server.

If you would like to keep using a browser extension such as ZenMate VPN, if you are currently vulnerable to a WebRTC leak, I recommend disabling WebRTC (blocking it). Depending on your web browser, you can find other extensions where the sole purpose is to prevent and block WebRTC, or you could try manual setting tweaks to get the job done.
You can do this automatically in SlimJet, Cyberfox and uBlock origin.
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
F-Secure Freedome itself does actually not block WebRTC and therefore your local IP is leaked when using Freedome...without any specific WebRTC blocking options like frogboy mention. Even CyberGhost alone don't block WebRTC. Try also here to see if your local IP is leaked : ;)

WebRTC IP Leak VPN / Tor Test - privacytools.io

WebRTC Leak Test — Local IP Address Discovery — Media Device ID Fingerprints — BrowserLeaks.com

Personal I use addons that fix this issue. Chrome sorry to say don't seam to have a working one so your only option is to switch to another browser. Internet Explorer ( no issues with WebRTC ), Firefox or Opera and install a working addon that blocks WebRTC. SlimJet and Cyberfox I can't confirm as I never used those but frogboy has. But I'm curious how uBlock origin works in Chrome and if it blocks WebRTC so please test and let us know. :)
 

Infamous

Level 1
Verified
Dec 20, 2015
34
Even CyberGhost alone don't block WebRTC
They don't need to block WebRTC since it's desktop VPN. When the requests are allowed to the STUN servers for the WebRTC leaking to occur, the IP address you were using from the CyberGhost VPN would be given instead of your real IP being leaked.
 
  • Like
Reactions: frogboy

frogboy

In memoriam 1961-2018
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
But I'm curious how uBlock origin works in Chrome and if it blocks WebRTC so please test and let us know. :)

Be keen to know this as well as i have never used Chrome. Well for two days years ago, not a fan. :(
 

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
Thanks for the tips (all) & +1 to frogboy's SlimJet recommendation.:cool:
I've just set “media.peerconnection.enabled” to false on SeaMonkey ..but realized I'm presently in Shadow Defender,:rolleyes: and so must repeat once I've stepped out of the mode of shadows.;)
 

frogboy

In memoriam 1961-2018
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Thanks for the tips (all) & +1 to frogboy's SlimJet recommendation.:cool:
I've just set “media.peerconnection.enabled” to false on SeaMonkey ..but realized I'm presently in Shadow Defender,:rolleyes: and so must repeat once I've stepped out of the mode of shadows.;)
Don't you hate it when that happens, i do it all the time. :D
 

Infamous

Level 1
Verified
Dec 20, 2015
34
But I'm curious how uBlock origin works in Chrome and if it blocks WebRTC so please test and let us know. :)

Be keen to know this as well as i have never used Chrome. Well for two days years ago, not a fan. :(
Testing finished. :)

Whilst using Google Chrome, I started by getting ZenMate VPN browser extension and enabling it - I then made sure that it was indeed working. Afterwards, I proceeded to running some WebRTC leak tests. As expected, the leak was successful. I then enabled the WebRTC block from within uBlock Origin, which resulted in one of the leak tests to fail, however one of them was still successful.

Out of curiosity, I enabled my ZenMate VPN (desktop version - it's currently in beta) and as expected, all the leak tests failed simply because it's a desktop VPN meaning it's not working as just a proxy.
 

frogboy

In memoriam 1961-2018
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Testing finished. :)

Whilst using Google Chrome, I started by getting ZenMate VPN browser extension and enabling it - I then made sure that it was indeed working. Afterwards, I proceeded to running some WebRTC leak tests. As expected, the leak was successful. I then enabled the WebRTC block from within uBlock Origin, which resulted in one of the leak tests to fail, however one of them was still successful.

Out of curiosity, I enabled my ZenMate VPN (desktop version - it's currently in beta) and as expected, all the leak tests failed simply because it's a desktop VPN meaning it's not working as just a proxy.
Thanks as i did not want to install Chrome just to test it. :eek:
 

Maxxx58

Level 13
Thread author
Verified
Dec 20, 2014
619
Is it safe to disable WebRTC? Is there any errors after disable it?
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top