Jump to content
Not connected, Your IP: 3.140.196.5
Sign in to follow this  
itsmeprivately

Air VPN *and* PeerBlock together?

Recommended Posts

Maybe it is a dumb question, but when I am using mutorrent while connected to Air VPN and have PeerBlock running at the same time, I can see many blocked connection attempts in PeerBlock, from all kinds of countries (basically the same IP-sniffers as when I don't use Air VPN). Why is that? Shouldn't there be any incoming connection attempts but through the Air VPN server, and should those not all have the same IP?

Note: When mutorrent is running, everything seems fine. My torrenting IP checked with http://checkmytorrentip.com is the correct one of the server (in this case Sweden). The mutorrent network button (at the bottom right corner) is green even though I did not enable any port forwarding in Air VPN (why? is this normal?). Torrents down/upload normally.

My browser IP also seems to be fine, i.e., the Sweden server IP.

I'm grateful for any information on these questions....

P.S.: The reason I use PeerBlock on top of Air VPN is that I figured I would still have a very basic layer of "protection" (I know it's not much) if Air VPN would unexpectedly disconnect maybe in the middle of the night when I'm sleeping, and in this case the torrenting would continue using my real IP. Is such a scenario even possible to happen?

Share this post


Link to post

I don't use peerblock with air because I have to manually allow all the connections from the servers. Air is blocking leaseweb and other seedbox hosters. And it's not much of protection anyway, because everybody can see who's on the lists being blocked. ... but better than nothing I suppose.

You could block your outgoing traffic when not connected to Air with a firewall...in case of a disconnection. but I find the air servers very relieable which is why I want to stick with them. I absolutely HATE getting disconnected and it's not happened to me with air much at all, maybe a few times for 3 months or so...

Share this post


Link to post

Thank you for the reply. Could you still answer to my posted questions in detail, if possible?

1) Is it normal that PeerBlock shows the same (IP-sniffing) connection attempts with or without AirVPN running? (note: in PeerBlock I use a blocklist, not an allow-list, so any suspicious connectors are simply blocked. What surprised me that these blocked connections did not get affected by running AirVPN at all). I guess the answer is that, yes, it is normal (since AirVPN only obscures one's own IP, while not obscuring the IPs of others trying to connect to you), but I just would like to be sure that this is normal.

2) I have not opened any ports on the AirVPN website for port forwarding (and neither in my router), but I still get the green icon in mutorrent. Is this normal? Is everything all right? What advantage would I get from port forwarding since I already have the green icon (by which mutorrent indicates that one's network "works as it should")?

3) I have seen the long threads about how to disallow any internet traffic if AirVPN goes down using Comodo, but it seems a little daunting since there are lots of steps involved which is really difficult for non-experts. Could AirVPN not just create a script that one can run with the click of a button, so that internet traffic is ONLY allowed if AirVPN is up? That would help users like me a lot.

4) As for reliability, if I surf/connect a lot, for me AirVPN goes down about once in 2 hours, and then takes about 5min to reconnect (sometimes it does not reconnect at all, and I have to disable their virtual adapter and re-enable it to get it back to work). During this time, my PC is connected to the internet with my real IP. This is a real security risk and should be addressed by a feature that ensures that internet can only be connected when AirVPN is up and running. Otherwise one cannot leave the computer and walk away, because data would leak out unprotected while AirVPN is down and trying to reconnect. No idea why this issue is not top priority, since this defeats the whole purpose of the VPN (as you can never know when AirVPN will suddenly disconnect and try to reconnect).

Thanks for any answers to my questions...

Share this post


Link to post

Thank you for the reply. Could you still answer to my posted questions in detail, if possible?

1) Is it normal that PeerBlock shows the same (IP-sniffing) connection attempts with or without AirVPN running? (note: in PeerBlock I use a blocklist, not an allow-list, so any suspicious connectors are simply blocked. What surprised me that these blocked connections did not get affected by running AirVPN at all). I guess the answer is that, yes, it is normal (since AirVPN only obscures one's own IP, while not obscuring the IPs of others trying to connect to you), but I just would like to be sure that this is normal.

Hello!

Yes, it's totally normal.

2) I have not opened any ports on the AirVPN website for port forwarding (and neither in my router), but I still get the green icon in mutorrent. Is this normal? Is everything all right? What advantage would I get from port forwarding since I already have the green icon (by which mutorrent indicates that one's network "works as it should")?

No, this is important, please make sure that you don't have forwarded on your router the port your torrent client listens to.

3) I have seen the long threads about how to disallow any internet traffic if AirVPN goes down using Comodo, but it seems a little daunting since there are lots of steps involved which is really difficult for non-experts. Could AirVPN not just create a script that one can run with the click of a button, so that internet traffic is ONLY allowed if AirVPN is up? That would help users like me a lot.

Please see here for a clarifying explanation https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142 (if you have Windows; you can find rules for other systems in the top part of the forum, in the "Announcements" section).

4) As for reliability, if I surf/connect a lot, for me AirVPN goes down about once in 2 hours, and then takes about 5min to reconnect (sometimes it does not reconnect at all, and I have to disable their virtual adapter and re-enable it to get it back to work). During this time, my PC is connected to the internet with my real IP. This is a real security risk and should be addressed by a feature that ensures that internet can only be connected when AirVPN is up and running. Otherwise one cannot leave the computer and walk away, because data would leak out unprotected while AirVPN is down and trying to reconnect. No idea why this issue is not top priority, since this defeats the whole purpose of the VPN (as you can never know when AirVPN will suddenly disconnect and try to reconnect).

Thanks for any answers to my questions...

You should set firewall rules to prevent leaks in case of unexpected VPN disconnection. This is the safest solution. We don't recommend different solutions, due to security reasons.

Kind regards

Share this post


Link to post

when I am using mutorrent while connected to Air VPN and have PeerBlock running at the same time, I can see many blocked connection attempts in PeerBlock, from all kinds of countries (basically the same IP-sniffers as when I don't use Air VPN). Why is that? Shouldn't there be any incoming connection attempts but through the Air VPN server, and should those not all have the same IP?

That's not how it works. The IP addresses of your peers are the same regardless of your connection type (VPN or not). Using a VPN only changes *your* apparent IP address, not theirs.

Air is blocking leaseweb and other seedbox hosters.

I think you meant to say *PeerBlock* is blocking Leaseweb and other seedbox hosters, not Air.

Share this post


Link to post

"3) I have seen the long threads about how to disallow any internet traffic if AirVPN goes down using Comodo, but it seems a little daunting since there are lots of steps involved which is really difficult for non-experts. Could AirVPN not just create a script that one can run with the click of a button, so that internet traffic is ONLY allowed if AirVPN is up? That would help users like me a lot."

I have to agree...setting 14 firewall rules is daunting, especially when getting one wrong defeats the whole purpose. I think we Windows users need a new Air client to do this for us.

Share this post


Link to post

"3) I have seen the long threads about how to disallow any internet traffic if AirVPN goes down using Comodo, but it seems a little daunting since there are lots of steps involved which is really difficult for non-experts. Could AirVPN not just create a script that one can run with the click of a button, so that internet traffic is ONLY allowed if AirVPN is up? That would help users like me a lot."

I have to agree...setting 14 firewall rules is daunting, especially when getting one wrong defeats the whole purpose. I think we Windows users need a new Air client to do this for us.

Hello!

We are not willing to offer "false solutions" which give a dangerous, false sense of security, like other services do. If we find a solution as reliable as a firewall rule, we will of course be very glad to implement it.

Setting the rules for Comodo should take no more than 3-4 minutes, except for persons who don't know what a firewall is. In that case, reading the Comodo quick guides is useful and it is very well spent time. We repute that nobody should ignore what a firewall is nowadays. Techno-ignorance is the most powerful weapon in the hands of the censors.

Please consider that if you just need to block a torrent client, only ONE rule is necessary (application rule for the torrent client as explained).

Kind regards

Share this post


Link to post

Hi,

I consider myself relatively computer literate, but ...

Isn't it pointless to use an IP blocker when you connect to VPN?

I used to use Protowall to block all traffic to the MS IP ranges(... remeber WGA fiasco?), but I was always capable of accessing to MSN via Tor...

I don't do P2P, so things could be different though...

Share this post


Link to post

When using PeerBlock (with IP blocklists) while AirVPN is connected, there is no obvious difference to when AirVPN is not connected. You will still get all kinds of connection attemts from outside, and they will still be blocked by PeerBlock. (The big difference, of course, is that the outside world now does not see your real IP, but the 10.x.x.x IP.)

Running AirVPN and PeerBlock together would only make some sense if your traffic is not blocked (f.ex. by a firewall) during the times that the AirVPN connection unexpectedly drops. During these times, your torrent client would re-connect to the outside internet using your real IP which would compromise your privacy.

There are detailed instructions here on the forum on how to block all internet traffic (or just block traffic for specific applications like mutorrent) if AirVPN is disconnected, f.ex. by using Comodo firewall. Once you have set this up, then it really does not make much sense to run PeerBlock at any time if you are doing P2P, because this will just block out some IPs that could potentially contribute incoming data.

Share this post


Link to post

When using PeerBlock (with IP blocklists) while AirVPN is connected, there is no obvious difference to when AirVPN is not connected. You will still get all kinds of connection attemts from outside, and they will still be blocked by PeerBlock. (The big difference, of course, is that the outside world now does not see your real IP, but the 10.x.x.x IP.)

Hello!

Just a side note: our clients are "visible" from the Internet with the exit-IP address of the server they are connected to. The 10.4.0.0->10.9.255.255 IP addresses are internal, private IP addresses in our virtual private network.

Kind regards

Share this post


Link to post

"Just a side note: our clients are "visible" from the Internet with the exit-IP address of the server they are connected to. The 10.4.0.0->10.9.255.255 IP addresses are internal, private IP addresses in our virtual private network."

When I connect to Tauri, using OpenVPN, I -intermittantly- will get packets from my ISP's DNS server that are blocked by comodo. Why am I talking to their DNS server?

2012-08-20 18:31:28 Windows Operating System Blocked In ICMP 72.235.80.12 Type(3) 10.4.5.6 Code(10)

2012-08-20 18:31:30 Windows Operating System Blocked In ICMP 72.235.80.12 Type(3) 10.4.5.6 Code(10)

2012-08-20 18:31:32 Windows Operating System Blocked In ICMP 72.235.80.12 Type(3) 10.4.5.6 Code(10)

2012-08-20 18:31:36 Windows Operating System Blocked In ICMP 72.235.80.12 Type(3) 10.4.5.6 Code(10)

Share this post


Link to post

"Just a side note: our clients are "visible" from the Internet with the exit-IP address of the server they are connected to. The 10.4.0.0->10.9.255.255 IP addresses are internal, private IP addresses in our virtual private network."

When I connect to Tauri, using OpenVPN, I -intermittantly- will get packets from my ISP's DNS server that are blocked by comodo. Why am I talking to their DNS server?

2012-08-20 18:31:28 Windows Operating System Blocked In ICMP 72.235.80.12 Type(3) 10.4.5.6 Code(10)

2012-08-20 18:31:30 Windows Operating System Blocked In ICMP 72.235.80.12 Type(3) 10.4.5.6 Code(10)

2012-08-20 18:31:32 Windows Operating System Blocked In ICMP 72.235.80.12 Type(3) 10.4.5.6 Code(10)

2012-08-20 18:31:36 Windows Operating System Blocked In ICMP 72.235.80.12 Type(3) 10.4.5.6 Code(10)

Hello!

Most probably you are not talking with your ISP DNS server. Comodo correctly drops those unsolicited ICMP packets. Why your ISP DNS sends you ICMP packets remains to be seen, but a good hint is given on the last message of this thread:

http://forums.comodo.com/empty-t16873.0.html

Anyway, you can additionally (if you haven't already done so) configure Comodo to prevent any leak (including DNS leaks, which are Windows "endemic") for total security:

https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=3405&Itemid=142

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...