Pinchy 1 Posted ... I was talking to a friend of mine who works in tech. He told me that any VPN can be pinged and your location found easily. my question, is it possible to ping your real ip through a VPN? Quote Share this post Link to post
Staff 9973 Posted ... Hello! That's a very generic sentence. In general that's not necessarily possible. Just think about our service: OpenVPN works in routing mode, not in bridging mode, and ICMP is a protocol at Internet layer, not a transport layer protocol. So VPN configuration and topology should be analyzed first to avoid potentially wrong or even crazy assumptions. Anyway the scenario seems to assume that the adversary already knows your "real" IP address (we mean the IP address assigned to one of your devices by your ISP) so the discussion shifts to correlation attacks (aimed to show that some activity behind the VPN is indeed YOUR activity) which have been treated over-abundantly in our and other forums. For the purpose of this discussion: 1) make sure to keep Network Lock enabled in our software Eddie and 2) maintain a definite identity separation. In this way you can be confident to defeat even complex correlation attacks. If your friend wants to clarify, he/she is welcome. However, more accuracy is strictly necessary. Kind regards Quote Share this post Link to post
nick75 25 Posted ... Hi, First, an adversary can't use a ping to do this because they'd only be able to ping the VPN server, the IP address the VPN gives you can't be directly reached from the internet. The only way to do this is if the target forwarded a port. Picture this, you're connected to a VPN server in Portugal and the adversary measures the difference of time between the server and you to guess where you are located, using UDP:NOTE: times aren't supposed to be accurate, it's just to give you an idea. <10 ms: within Portugal<20 ms Spain<30 ms: France<40 ms: Belgium, Switzerland,Luxembourg, etc...In this case it is quite accurate because of the geographical position of Portugal. Now take the Netherlands<10 ms: within the Netherlands<20 ms Belgium, Germany<30 ms: the UK,France, Luxembourg, Switzerland<40 ms: most of EuropeBecause of the central position of the Netherlands, it'd be very complicated to guess where you are. Basically, it's like counting the seconds between a bolt of lightening and the thunder, it'll only tell the distance but not if it happened in front of/behind you or on the left/right side! Quote Share this post Link to post
Pinchy 1 Posted ... Let me elaborate more. Suppose you enter a given site through the VPN, I was told that it was possible to ping the exact location even after you left the site. That you could easily reveal the true IP location using a ping trace. Quote Share this post Link to post
flat4 79 Posted ... Hi, First, an adversary can't use a ping to do this because they'd only be able to ping the VPN server, the IP address the VPN gives you can't be directly reached from the internet. The only way to do this is if the target forwarded a port. Picture this, you're connected to a VPN server in Portugal and the adversary measures the difference of time between the server and you to guess where you are located, using UDP:NOTE: times aren't supposed to be accurate, it's just to give you an idea. <10 ms: within Portugal<20 ms Spain<30 ms: France<40 ms: Belgium, Switzerland,Luxembourg, etc...In this case it is quite accurate because of the geographical position of Portugal. Now take the Netherlands<10 ms: within the Netherlands<20 ms Belgium, Germany<30 ms: the UK,France, Luxembourg, Switzerland<40 ms: most of EuropeBecause of the central position of the Netherlands, it'd be very complicated to guess where you are. Basically, it's like counting the seconds between a bolt of lightening and the thunder, it'll only tell the distance but not if it happened in front of/behind you or on the left/right side! I like you lightning reference very clever. 1 nick75 reacted to this Quote Hide flat4's signature Hide all signatures pFsense it works Share this post Link to post
nick75 25 Posted ... Let me elaborate more. Suppose you enter a given site through the VPN, I was told that it was possible to ping the exact location even after you left the site. That you could easily reveal the true IP location using a ping trace.That sounds more like paranoia! There are 3 ways to find your more or less precise location from a website:compromise the user's device by sending a malicious javascript that'll retrieve some kind of malware (e.g.: malvertising)turn the device's GPS on (but generally your browser will ask you whether you want to allow that action)link (or implement) on the website a service like speedtest.net that'll calculate the "ping" (it isn't an actual ping but it does the same job)What you describe is closer to the first option IMO. But a VPN isn't meant to be a security solution. For that, use an anti-virus/malware or an ad-blocker (an up-to-date system/browser is also a good idea!) Quote Share this post Link to post
Pinchy 1 Posted ... Let me elaborate more. Suppose you enter a given site through the VPN, I was told that it was possible to ping the exact location even after you left the site. That you could easily reveal the true IP location using a ping trace.That sounds more like paranoia! There are 3 ways to find your more or less precise location from a website:compromise the user's device by sending a malicious javascript that'll retrieve some kind of malware (e.g.: malvertising)turn the device's GPS on (but generally your browser will ask you whether you want to allow that action)link (or implement) on the website a service like speedtest.net that'll calculate the "ping" (it isn't an actual ping but it does the same job)What you describe is closer to the first option IMO. But a VPN isn't meant to be a security solution. For that, use an anti-virus/malware or an ad-blocker (an up-to-date system/browser is also a good idea!) Not paranoia, was truly interested if it was possible due to a claim from a hacker friend who said he could ping my location in under 5 minutes on a VPN. Thank you all for your responses. 1 therion reacted to this Quote Share this post Link to post
therion 7 Posted ... Let me elaborate more. Suppose you enter a given site through the VPN, I was told that it was possible to ping the exact location even after you left the site. That you could easily reveal the true IP location using a ping trace.That sounds more like paranoia! There are 3 ways to find your more or less precise location from a website:compromise the user's device by sending a malicious javascript that'll retrieve some kind of malware (e.g.: malvertising)turn the device's GPS on (but generally your browser will ask you whether you want to allow that action)link (or implement) on the website a service like speedtest.net that'll calculate the "ping" (it isn't an actual ping but it does the same job)What you describe is closer to the first option IMO. But a VPN isn't meant to be a security solution. For that, use an anti-virus/malware or an ad-blocker (an up-to-date system/browser is also a good idea!) Not paranoia, was truly interested if it was possible due to a claim from a hacker friend who said he could ping my location in under 5 minutes on a VPN. Thank you all for your responses.So test it. Make the person back up the claim... It's literally the easiest thing to decide if it's true or not. Have them 'pinpoint,' your location while you randomly connect to servers... Should be easy... Right...? Sent from my LG-LS777 using Tapatalk Quote Hide therion's signature Hide all signatures -Veritas Share this post Link to post
Pinchy 1 Posted ... Let me elaborate more. Suppose you enter a given site through the VPN, I was told that it was possible to ping the exact location even after you left the site. That you could easily reveal the true IP location using a ping trace.That sounds more like paranoia! There are 3 ways to find your more or less precise location from a website:compromise the user's device by sending a malicious javascript that'll retrieve some kind of malware (e.g.: malvertising)turn the device's GPS on (but generally your browser will ask you whether you want to allow that action)link (or implement) on the website a service like speedtest.net that'll calculate the "ping" (it isn't an actual ping but it does the same job)What you describe is closer to the first option IMO. But a VPN isn't meant to be a security solution. For that, use an anti-virus/malware or an ad-blocker (an up-to-date system/browser is also a good idea!) Not paranoia, was truly interested if it was possible due to a claim from a hacker friend who said he could ping my location in under 5 minutes on a VPN. Thank you all for your responses.So test it. Make the person back up the claim... It's literally the easiest thing to decide if it's true or not. Have them 'pinpoint,' your location while you randomly connect to servers... Should be easy... Right...? You are correct and I did ask him to back it up but he never did, thought I could get some insight here also. thank you everyone for your feedback. Quote Share this post Link to post