Jump to content
Not connected, Your IP: 3.16.203.27
Chino

Torrent Address detection finds IPv6 Adress

Recommended Posts

Hi,

 

I'm using Linux Mint with latest stable Eddie. When I use the magnet link with torrent address detection I get my VPN IPv4 address, the Port and a IPv6 IP address.

Everything looks fine, but this IPv6 address. Is this a potential risk?

Share this post


Link to post

Hi,

 

I'm using Linux Mint with latest stable Eddie. When I use the magnet link with torrent address detection I get my VPN IPv4 address, the Port and a IPv6 IP address.

Everything looks fine, but this IPv6 address. Is this a potential risk?

 

 

Hello!

 

Please upgrade to Eddie 2.9 Experimental. In Eddie 2.8.8 there is an issue with ip6tables: IPv6 outgoing traffic is not blocked. This has been fixed in Eddie 2.9 Experimental. Make sure to activate Network Lock and verify that the issue is fixed.

 

Kind regards

Share this post


Link to post

I just want to give you an update. I restarted my PC (after an update) and found myself leaking IPv6 again.

Not shure if the update changed something for Eddie. I have it configured to start automatically with Network Lock activated.

So what I did is this: In qbittorrent went to the advanced options. Changed Network Interface to tun0.

Even though Network Lock should be preventing leaks via eth0, if set to "any interface" it does leak IPv6.

I don't know if you are aware of that problem yet. Maybe this can be fixed in future releases of Eddie.

When set to interface tun0 however I'm not leaking IPv6.

 

If someone from the community has the same problem. You can also disable IPv6 altogether:

 

Edit the file - /etc/sysctl.conf

 

sudo gedit /etc/sysctl.conf

 

And fill in the following lines at the end of that file

 

# IPv6 disabled
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

 

Save the file and close it

Restart sysctl with

 

sudo sysctl -p

 

Use the ifconfig command to verify if there is still a IPv6 Address.

Share this post


Link to post

I'm running the experimental Version 2.9.2 on a 32bit Machine.

 

Thank you.

 

When the client is running and Network Lock is enabled, can you please send us the output of the command:

 

ip6tables -L --verbose

issued from a root terminal?

 

Kind regards

Share this post


Link to post

$ sudo ip6tables -L --verbose
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   20  2711 ACCEPT     all      lo     any     anywhere             anywhere            
    2   144 DROP       all      any    any     anywhere             anywhere            

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all      any    any     anywhere             anywhere            

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
   20  2711 ACCEPT     all      any    lo      anywhere             anywhere            
    8   722 DROP       all      any    any     anywhere             anywhere

Share this post


Link to post

Hello!

 

As you can see incoming and outgoing IPv6 packets to/from any interface except lo are dropped. What IPv6 address is detected via ipleak torrent check?

 

Kind regards

Share this post


Link to post

I made a screenshot. I can find the IP in my interface eth0 and in the DHCP Lease list of my router.

Also this is on a fresh system. I changed from Mint to Xubuntu.

 

What I also tested is Transmission. With it ipleak.net is not detecting IPv6 leak.

Share this post


Link to post

As you can see, your IPv6 addresses start with fd, fe.

 

Prefixes in the fd00::/8 range are like local addresses in IPv4 (RFC1918), and fe00::/8 is a Unique Local Unicast Address

which is essentially same as loopback (127.0.0.1) in IPv4.

 

You don't have any IPv6 leak.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

You have seen this through the blur? Anyways good thing this is a private Address.

I definitely learned something today.

 

But still I wonder. How come my private address is detected by the torrent address detection?

Share this post


Link to post

TL;DR This is simply the address your client reports to the tracker.

Exactly the same thing happens with IPv4 just on a slight different level.

In IPv6 there are no NAT addresses, so it makes sense to send to the tracker any detected IP addresses including the local ones.

 

 

http://www.bittorrent.org/beps/bep_0007.html


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

As you can see, your IPv6 addresses start with fd, fe.

 

Prefixes in the fd00::/8 range are like local addresses in IPv4 (RFC1918), and fe00::/8 is a Unique Local Unicast Address

which is essentially same as loopback (127.0.0.1) in IPv4.

 

You don't have any IPv6 leak.

 

 

Dredging up this year-old thread (sorry). Don't be so sure that there is no leak. IPv6 address generation usually inserts the MAC address of your Ethernet adapter into the low bits of the address. The high bits are the network prefix assigned to the interface (or the link-local prefix). Unless you took steps to change the hardware address then that IPv6 address is globally unique to the machine you are on. It's unlikely that a disgruntled MPAA/RIAA will be able to turn that back into your real identity but you never know.

 

The fe80::/10 address is link-local. It is not localhost. Every link requires a link-local address in that range, even if has routable addresses from other ranges. Localhost is required to be ::1/128 - the single address - which is a change from the 127.0.0.1/8 assignment on IPv4.

 

See here: https://en.wikipedia.org/wiki/IPv6_address#Unicast_and_anycast_address_format

 

IPv6 does allow for the generation of 'privacy' addresses, where the low bits of the address are generated randomly. Linux enables this by default for routable prefixes, but I haven't seen it do so in the link-local prefixes before. Nothing stops your torrent client publishing all of the addresses, including the uniquely identifying one.

 

If you are seeing IPv6 addresses of any kind in the torrent address detection then you probably have DHT enabled in a dodgy torrent client. Disable its peer discovery algorithms (DHT, etc) if you can, or switch to another program that respects your privacy better. I don't believe Transmission leaks your private IPv6 addresses with DHT enabled. It may leak your public ones if there are any on your system but I don't have routable IPv6 addresses on my system to test.

 

Your best bet is to completely disable IPv6 in your operating system as discussed above.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...