Jump to content
Not connected, Your IP: 18.234.165.107
h8jer

Eddie - Privacy in danger?

Recommended Posts

I have Threat Protection and every time I use the Eddie GUI the Threat Protection blocks the same ip 156.96.151.131.
The IP is blocked and an alert is posted right after launching Eddie and at this point I have no yet turned on a tunnel.
The IP is related to AirDNS and the ISP is VolumeDrive in USA!
The IP is not found in the GITHUB for eddie but AirDNS is: https://github.com/AirVPN/Eddie/blob/8f15122043dee05810e7f1dfc12272ece0cd16bc/common/lang/inv.json

Eddie works fine even though this IP in USA is blocked. - So why is it used and Why does it try to contact USA every minute?
Are there other USA ip-hardcoded into Eddie?
 

Share this post


Link to post

Not sure where you found that IP in the file you linked to, but I'd guess it's either a bootstrap server or a fallback DNS. I'd contact professional support to know for sure.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Thx.
When you lookup the IP on robtex.com it shows relation to 2 domains. One is airdns. Searching github gives a hit on airdns at linked to in my first post.
I will try and contact helpdesk.

Share this post


Link to post

Thank you for that hint. It's IP1 of Metallah, an AirVPN server.

$ dig a in metallah.airvpn.org +short
156.96.151.131

.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

One idea that comes to my mind is to "red flag"/block Metallah from the server list on Eddie.  Then when it scans for latency, etc... that server will not be part of the scan.  Just a simple idea -- IF -- you don't use that server.

Share this post


Link to post
Posted ... (edited)

Hi Guys - THX
You are both right.
The Support replied quickly yesterday:

"156.96.151.131 is AirVPN server Metallah entry-IP address. If you connect to Metallah, all of your system traffic will be routed to that IP address. Moreover, when Eddie performs round trip times checks, it sends a ping to each VPN server to tell you the round trip time from your system to any VPN server.
Kind regards
AirVPN Support Team"


(The threat proctection I use is builtin to the Synology Router and is provided by ET OPEN, "Threat Intelligence Database"? and Google Safe-Browsing. I can make an exclude rule.)
(https://www.synology.com/en-us/knowledgebase/SRM/help/SafeAccess/safeaccess_security)

I now understand the function of getting the Latency Round-Trip-Time for the Bars in the GUI. And somebody have got the Metallah server red-flagged somehow.

I would much rather like EDDIE to pull all the latency info from a Status-page in Italy than to send my real IP in a Pings around the World.
OK - found out that the Eddie has a setting "Enble Latency Tests" under the settings pane. Unchecking this and the pings stop. (Confirmed with wireshark)


Thanks to all for clarifying this matter.

Edited ... by h8jer

Share this post


Link to post
2 hours ago, h8jer said:

I would much rather like EDDIE to pull all the latency info from a Status-page in Italy than to send my real IP in a Pings around the World.


That would be nonsensical, seeing as a location in Italy won't have the same latency info as your own. In Italy, D, A and CH could have a good latency but if you're in the US, the US servers would have a better one. Now you connect to Kitalpha in Switzerland and will be wondering why your connection is slow. :)

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

We are trying to get you the best solution and running on slow "high latency" servers certainly is NOT that for you!

Would you consider re-enabling latency checks in Eddie -- BUT --- red flagging Metallah so the scan doesn't go there?  If successful, and I believe it will be, you then have low latency with better speeds AND the removal of the popup that has been bothering you.  Let us know how this works for you.  You can always untick latency again if my idea doesn't work for you.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...