New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
How to prevent VPN connection detection
Wira_Soenaryo
Member
in General
Hello,
Currently I use one of my VPS as a PPTP and openVPN VPN.
When I use those VPN and access some website or services, they can know that I'm using a VPN on my connection.
How can they know that and how to prevent this detection? Thanks..
Comments
use TCP with openvpn for starters
webrtc leak? maybe
you can check http://ipleak.net
@Wira_Soenaryo for a start to help you post your config both server and client with IP reacted are set some thing like 8.8.8.8
some websites simplely detect ip address if it comes from a data center, so ....
Bingo!
Exactly, they are not using any advanced technique, just restricting to residential IPs.
I see.. I thought that there are some technic to do that.. thanks all...
In fact I think many don't even bother to do that. My feeling is that a lot of places simply rely on blacklists for all their needs.
I've been using a mix of my own VPN and a larger commercial VPN provider for the last year and I see different responses "out there". The commercial ones are indeed very good for privacy, but they are also very well known so often end up on blacklists. On the other hand my own VPN has a very clean IP (and I keep it that way). So, depending on the purpose of the VPN one or the other might be a better choice.
+1 for that
The only technical way I've seen is W I T C H but yes, most detection service try to distinguish residential IPs vs hosting networks.
As opposed to UDP? how does this make a difference?
It doesn't make a difference. I think he misunderstood the question. The OP wants the end destination to not know it's a VPN and of course UDP or TCP makes no difference there because they're only looking at the IP.
However if it is desired to obfuscate the fact that you're using a VPN from your ISP or anyone else in the middle, then TCP on port 443 is probably the best choice.
I would have thought if anything the increased jitter of tcp in tcp might leave some detectable fingerprint. Evading detection by your own isp is I guess reasonable.
The best way to get a residential IP in another country is to make a friend who lives there, and create a tunnel so you can each use each other's home connection. There is almost nothing Hulu can do to tell that my old iPad/2nd chromecast arent in my friends house in the US...
Seems a bit far stretched and extreme way to detect a VPN (would you write a kernel module just for that? hehe)
@classy - quite I'm sure white/black listing is 99% what sites do. Still, it's fun to stay several steps ahead...
just tested webrtc, chrome and firefox give up my actual IP address, even I use VPN
https://diafygi.github.io/webrtc-ips/
https://www.browserleaks.com/webrtc
EDIT: solution
Firefox
Type "about:config” in the address bar. Scroll down to
“media.peerconnection.enabled”
double click to set it to false.
Chrome
no proper solution,
Disable WebRTC.
In chrome, disable WebRTC, there's a plugin for that.
Here's my test, with VPN connected
All uBlock Origin users can disable WebRTC in the settings page of uBlock Origin. Works on Firefox and Chrome.
It was long available before a really working extra plugin was released.
Looks like this after I enabled it in Origin.
Does by disabling webrtc, website or any other services will not know that we are using VPN as the connection?
Any negative result by disable webrtc? I read a brief that the connection would a bit slower? Is that right?
Thanks..
No, the connection won't be slower. Where did you read that?
It will only work on sites where WebRTC is used to detect VPNs. However general VPN detection on sites like Hulu.com is based on the IP.
So all data center IPs are blocked there.
Once detected does it go into some sort of blacklist databases ? Or just blocks you temporarily
That's up to the person doing the blocking... There's little reason for them to unblock you though... It's not a slap in the wrist, they are (assuming Hulu etc) required by the terms of agreemrnts with their advertisers and content providers to prevent people outside of their intended market view the service.
Yep, it's up to the person blocking. That's probably some nitwit who doesn't know sheepshit from dates. If I'm using a VPN inside the intended market area, some would still block me. In that case it wouldn't be a "slap on the wrist" either - it would be plain discrimination.
You seem to make the assumption you have a right to view the content, I'm afraid this is not the case.
You may be right if you're talking about somebody else. The OP perhaps? I have no interest in movies, and have a strong dislike for TV shows. I would in fact be highly offended if you thought I had an interest in that stuff.
In my experience watching TV from another country is the least dodgy reason people want undetectable VPNs in specific countries ...
Ya, lots of TVers around. I'm not one of them. Better to use drugs, but I don't do that either.
Another flaw, but it concerns VPN networks anyone can access, not VPS's ?
http://www.itpro.co.uk/security/25677/vpn-flaw-could-expose-real-ip-address-to-hackers
That's getting a bit old now, but it concerns commercial VPN providers where multiple people are logged in at the same time. Hopefully they've all patched that by now.
A VPS makes a good VPN for browsing and will provide decent privacy, but it won't offer anonymity. One has to chose what one expects from a VPN. A commercial offering and a personal setup each has their advantages. However a VPN is often not what people expect it to be when it comes to anonymity, which the protocol is not really designed to provide.