Jump to content
Not connected, Your IP: 3.149.214.223
Sign in to follow this  
mcampbell

Security/logging question with forwarded ports

Recommended Posts

If I have a port forwarded for uTorrent (for example), can that be used combination with the current logs that Air keeps in order to identify a subscriber to your service in any way?

Share this post


Link to post

If I have a port forwarded for uTorrent (for example), can that be used combination with the current logs that Air keeps in order to identify a subscriber to your service in any way?

Hello!

No, it's not possible to make such a correlation because there are no logs.

However, if you forward the SAME port on your router while connected, certain correlation attacks from an adversary who has the ability to monitor your line or knows in some way your real IP address are possible. Just do not forward the same ports on your router and such attacks can't succeed.

Please do not hesitate to contact us for any further information on such an important subject.

Kind regards

Share this post


Link to post

"There are no logs"

But you do log when I, as a subscriber, log in to your service, and when I log out. And you know what ports I have forwarded, and I am the ONLY one that can have a *given* port forwarded due to the shared IP, right?

Is it not possible for a court to say "On date <aa/bb/cccc> someone using IP <iii.iii.iii.iii> on port <qqqqq> did <something>. Who was that?" If they know the IP, they can find out via the login/logout record who was on that IP at that time (many people), and then with your database of who has which ports forwarded, who *exactly* it was from that list of many people.

I'm sure I have something wrong here and at least one of my assumptions is not true. Can you walk me through it?

Share this post


Link to post

"There are no logs"

But you do log when I, as a subscriber, log in to your service, and when I log out. And you know what ports I have forwarded, and I am the ONLY one that can have a *given* port forwarded due to the shared IP, right?

Hello!

Log in and log out time and date can be activated, deleted and completely disabled by you. They are not data which can be used in a court, for example. Anyway, as long as you don't put in your account data any information which can be exploited to disclose your identity, you are protected even against a catastrophic account database leak from us.

Is it not possible for a court to say "On date someone using IP on port did . Who was that?" If they know the IP, they can find out via the login/logout record who was on that IP at that time (many people), and then with your database of who has which ports forwarded, who *exactly* it was from that list of many people.

If those data were authenticated by a proper authority and recognized as reliable by a court, and that authority could get its hands on our database (which is not in any VPN server), and the user had kept the login and logout dates and times active, and that authority could wiretap in real time all of our servers, then it could make such correlation regardless of forwarded ports or not. Please note that our system is designed to defeat even such an adversary:

https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=54&limit=6&limitstart=6&Itemid=142#1745

In general, an authority needs our cooperation to try to disclose an identity in ex-post investigations. As you probably know from our ToS, we will cooperate with all our resources with proper and competent authorities when the alleged crime is a violation or an attempted violation of human rights as enshrined in the ECHR. In particular, we will not tolerate usage of our systems for aiding or inciting human trafficking, child exploitation and privacy infringements.

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...