Chameleon - IPLeak getting really confused.

[hydrotux 3]

Hi,

just an observation that IPleak shows two IP addresses when Chameleon is active. When you turn the plugin off, it only shows the (correct) Netherlans AIrVPN server I have configured. DNSLeak is really clumsy as it shows only the Chameleon IP. WhatsMyIP instread only shows the AitVPN address. Should IPLeak not try to be smarter and not be fooled by Chameleon? Although this makes me think that Chameleon is actually well designed if its hiding my IP so well.

Regards

[OpenSourcerer 1359]

What is Chameleon?

[hydrotux 3]

giganerd,

"Chameleon is a WebExtension port of the popular Firefox addon Random Agent Spoofer." See here: https://sereneblue.github.io/chameleon/

 

[OpenSourcerer 1359]

I see.
On a screenshot I see the option to Spoof X-Forwarded-For/Via IP. Is this option enabled by any chance?

[hydrotux 3]

Yes, that option allows you to have a random IP selected for spoofing or to select a fixed IP. I think the point I was trying to make was that IPLeak is "seeing" two IPs from me when it should only see one? Like the other services? I worked it out by trial an error but someone else could be alarmed as IP leak is saying (see my screenshot) "Warning: it appears that you're using a proxy that may reveals your real IP Address. If you can read below your IP address, your real IP address is leaked. Use a transparent proxy or a VPN service.". I was alarmed when I first saw this as I thought I was leaking my real IP (the first time, Chameleon selected a UK IP).

Of course its not true that an IP is being leaked. I guess its a warning/point the maintainers of IPLeak.net need to add to the website.

[OpenSourcerer 1359]

41 minutes ago, hydrotux said:

I think the point I was trying to make was that IPLeak is "seeing" two IPs from me when it should only see one?

You explicitly set to spoof X-Forwarded-For, therefore the addon adds a X-Forwarded-For header entry into every request you do with whatever you configured in the addon. It is trying to "tell" all websites you visit that your current public IP (which is 109.202.107.15 in the screenshot, hence, the AirVPN exit server) is a proxy for the IP 184.122.97.74.
It's only informational, nothing gets sent to 184.x.x.x IP. There'd be no way to contact it, anyway, since the above proxy must be used. And that proxy happens to be the actual destination. Simple but more or less effective "deception".

Normally you'd use your ISP IP and a proxy to spoof your IP and location, so X-Forwarded-For would contain your ISP IP instead of that US IP, introducing the mentioned IP address leak. Hence the recommendation of IPLeak.net to use transparent proxies (which don't write X-Forwarded-For header entries) or VPNs (which don't even operate on application level to begin with).
 

41 minutes ago, hydrotux said:

I guess its a warning/point the maintainers of IPLeak.net need to add to the website.

So you see, there is nothing to do here. Working as intended.

[hydrotux 3]

Thanks for the explanation. So, no privacy concerns, that is clear. The plugin is doing what it was designed to do and ipleak.net seems to be doing what it was designed to do. Although, I still think that the explanatory message could/should include something on the lines of "Warning: it appears that you're using a proxy that may reveals your real IP Address OR you are using a IP spoofing app that make use of the X-Forwarded-For header. In the latter case, you're fine, in the former ....". Just a suggestion really ...

[OpenSourcerer 1359]

20 hours ago, hydrotux said:

OR you are using a IP spoofing app that make use of the X-Forwarded-For header. In the latter case, you're fine, in the former ....".

The purpose is to warn the user of a possible IP address leak. If they see their ISP IP there, they should be concerned, and if not, then they shouldn't. Simple as that. If you now start listing all the varying cases and explain why they are no cause for concern, what's the point? The condition is already met, the ISP IP is not there.