Jump to content
Not connected, Your IP: 3.133.139.28
AirVPN
Sign in to follow this  
Followers 0
Marcus.Aurelius

ANSWERED AirVPN and (im)perfect protection of Firewall

By Marcus.Aurelius, ... in Troubleshooting and Problems

Recommended Posts

Marcus.Aurelius    2

Marcus.Aurelius
Posted ...

I have used AirVPN quite a long time, but recently I noticed something which, in my opinion, need further explanation. When I am disconnected from AirVPN, my firewall is able to pass all the tests on Gibson Research Corporation's site. When I am connected to one of AirVPN servers (it doesn't matter which precisely - my test was proceeded on Linux Ubuntu 13.10 and Windows 8.1), Gibson's report reveals holes in firewall. They are related actually, as I presume, to AirVPN server's firewall, not mine. However, port 88 (Kerberos) is open. Furthermore, system replies to ping.

 

Could you explain, is it deliberate action? Is it safe? Is my security copromised? Can someone obtain unauthorized access to my computer through port 88? I would like to emphasize in the end that my firewall works properly. I use Online Armor and I have tested AirVPN connection with Comodo Firewall as well.

 

Thank you. Please respond. Screenshots are below. 

Share this post

Link to post

Staff    9973

Staff
Posted ...

Hello,

 

no, that's perfectly normal and does not compromise security in any way. One of our services runs and listens to port 88 of the VPN servers exit-IP addresses. Packets are not forwarded to th Virtual Private Network or to the VPN nodes. The fact that our system replies to ping is deliberate, and it must be so, otherwise we could not gather reliable data for the Ping Matrix that you can access through our Servers Monitor, see https://airvpn.org/status and https://airvpn.org/pingmatrix

 

Actually what GRC web site states ("of YOUR system...") is technically wrong. It is in many cases true just for the coincidence that a long ago, when IPv4 addresses were still available, NAT and VPN were relatively uncommon. The GRC system sends packets not to your system, but to the exit-IP address of our VPN servers, i.e., so to say, "the IP address your node is visible on the Internet". This assumption is quite trivial and it is probably the reason for which it is not clarified by the GRC web site, but we understand that it can be confusing for a network-unexperienced user.

 

By default, all accounts ports are closed. Each account can anyway remotely forward up to 20 ports, in which case the system will properly forward packets to the VPN, to the appropriate client VPN IP address.

 

Kind regards

OpenSourcerer and Marcus.Aurelius reacted to this

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...