Jump to content
Not connected, Your IP:

Recommended Posts

I m connected to Talitha and all DNS is going trough the VPN.

I took a look at my windows firewall (which i enabled due to "network lock") and it shows a lot of these:


date time action protocol src-ip dst-ip src-port dst-port size tcpflags tcpsyn tcpack tcpwin icmptype icmpcode info path
2015-06-29 11:33:34 DROP UDP 58683 3478 0 - - - - - - - SEND
2015-06-29 11:33:35 DROP UDP 58683 3478 0 - - - - - - - SEND
2015-06-29 11:33:37 DROP UDP 58683 3478 0 - - - - - - - SEND --> is an amazon IP


After allowing this IP, my IP get leaked by webrtc. (tested on https://ipleak.net/)

Can anyone explain this behaviour?

Share this post

Link to post

I think I can:

The Windows Firewall, as configured by the Network Lock, correctly blocked untunneled connection attempts to

Sounds like WebRTC - let's see what this IP is up to:

stun.services.mozilla.com. 300    IN    CNAME    stun1.webrtc.us-east-1.prod.mozaws.net.
stun1.webrtc.us-east-1.prod.mozaws.net.    60 IN A


Sure enough, it's one of Mozilla's STUN servers hosted on Amazon AWS.


If ...

  • a website makes use of your browser's WebRTC implementation
  • your firewall allows direct connections to one of the STUN servers and ...
  • you haven't disabled WebRTC in your browser

your IP will leak as you experienced.




  • Don't touch Air's firewall setup.
  • Regardless of the particular firewall you use, never allow any direct connections between your local network / local router and a remote host - other than to Air's servers, of course.
  • Disable WebRTC in Firefox. Open about:config, find the following entry and set it to false:
  • media.peerconnection.enabled

all of my content is released under CC-BY-SA 2.0

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Security Check
    Play CAPTCHA Audio
    Refresh Image

  • Create New...