| Security breach? Hello everyone, when logged into my VPN server in the US, I noticed Chinese Google ads showing up on the sites visited. I checked my IP location through »whatismyipaddress.com/ and Yahoo, and both showed my IP as in the US, so thought there must be a Chinese immigrant enclave there that the ads are targeting. It turns out that Google pinpointed all of my sessions through that server as from Shanghai, China. I am not in China but I deal with some content concerning human rights in China.
1. Is it even remotely possible that the Chinese government was tracking my sessions through this VPN server?
2. Even if they were, how & why does »whatismyipaddress.com show my IP as in the US while Google shows it as Shanghai?
3. Anyone else have this issue? |
|
| How is your VPN setup, and what is 'ipconfig /all' showing from your PC when connected?
1. if you don't control the path between the endpoints you're connecting to, ALWAYS assume someone can / is / will listen in.
2. can't answer that until we understand how your VPN is set up. If it's a standard IPSec remote access with
a split tunnel, likely ONLY the tunnelled traffic is VPN'd / encrypted. Anything else is set out to the
local ISP in cleartext.
Regards |
|
| Thanks for your reply but I am afraid IT isn't my strength.
- How do I see what 'ipconfig /all' is showing?
- What do you mean by "How is your VPN setup"? I downloaded a software from the VPN provider and just clicked through the instructions.
- Someone on another board speculated that it could be erroneous Google IP geo-positioning. Is that also a possibility? |
|
bdnhsv
join:2012-01-20
Huntsville, AL | reply to Sensitive
were the sites with the Chinese ads sites that are in China or contain content related to China? If so, it might be that those sites have chosen to have those ads displayed on their sites. It might interesting for you to visit a few of the sites in question both from your VPN and just from your un-VPN'd ISP connection to see if you get different ads for each. |
|
| reply to Sensitive
I've heard this happened to my friend. I will ask him what did he do. |
|
| reply to bdnhsv
The site is hosted in the US, has content related to China, but does not choose the ads. The choice is made by Google based on the location of the visitor. |
|
|
|
| reply to netsurfer1
Thanks in advance. |
|
| reply to Sensitive
said by Sensitive :- How do I see what 'ipconfig /all' is showing? 1) (if Windows) click Start -> Run
2) type 'cmd' (minus quotes) and hit enter
3) in the black box that comes up, type 'ipconfig /all' (again minus quotes) and hit enter
4) post the output
said by Sensitive :- What do you mean by "How is your VPN setup"? I downloaded a software from the VPN provider and just clicked through the instructions. Which provider, just out of curiousity?
said by Sensitive :- Someone on another board speculated that it could be erroneous Google IP geo-positioning. Is that also a possibility?
Hard to say without knowing the full technical details.
Regards |
|
| Hi, the provider is AirVPN. What do you think of them?
Thanks for the instructions for ipconfig. Does the output contain sensitive data? If so, could you please tell me what data I should look for to answer your question?
In fact, I ran the ipconfig twice while connected to 2 different servers of the VPN provider, and was surprised to find the output exactly the same. Is this to be expected? I thought that the different IP addresses of the 2 different servers would create at least one difference in the outputs.
I also ran the ipconfig once without the VPN connected to compare the output with the VPN-connected output.
Thanks for your help. |
|
| reply to HELLFIRE
Hi, In response to your question, the provider says that all traffic is encrypted. The routing table is pushed by their servers in order to tunnel all the traffic. Instead of a standard IPSec remote access with a split tunnel, they provide access with an OpenVPN based VPN.
And could you please elaborate on what you mean by "control the path between the endpoints you're connecting to"?
Thanks |
|
| reply to Sensitive
Presuming you mean these guys here
In which case, yes it looks like they do SSL VPN, but I have no opinion on them as I have never personally
used them before; maybe another board member can comment.
For your IPCONFIG output, the only thing sensitive is if the IP address is not a 10.x.x.x, 172.16.x.x or 192.168.x.x
address, generally speaking; if you can share this, it'd help.
said by Sensitive :The routing table is pushed by their servers in order to tunnel all the traffic. Instead of a standard IPSec remote access with a split tunnel, they provide access with an OpenVPN based VPN. Which endpoint in AirVPN were you connecting to? US-based? APAC-based?
said by Sensitive :And could you please elaborate on what you mean by "control the path between the endpoints you're connecting to"?
Just what I mean -- the actual internet pipe between you and the VPN server you were connecting to is not owned by you,
correct? Someone else does, and you don't know what monitoring software / devices / etc (if any) may be present.
That's what I mean.
Regards |
|
