Delivery-Date: Thu, 16 Jun 2016 12:52:03 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,URIBL_BLACK autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [138.201.14.202])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 731491E0C0E;
	Thu, 16 Jun 2016 12:52:01 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 63996E08AC;
	Thu, 16 Jun 2016 16:51:55 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 292DFE08AC
 for <tor-talk@lists.torproject.org>; Thu, 16 Jun 2016 16:51:51 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id AS3yVwdODBAp for <tor-talk@lists.torproject.org>;
 Thu, 16 Jun 2016 16:51:51 +0000 (UTC)
Received: from outbound.mailhostbox.com (outbound.mailhostbox.com
 [162.222.225.27])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id C2F60E06D1
 for <tor-talk@lists.torproject.org>; Thu, 16 Jun 2016 16:51:50 +0000 (UTC)
Received: from [0.0.0.0] (tor-exit1-readme.dfri.se [171.25.193.77])
 (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 (Authenticated sender: s7r@sky-ip.org)
 by outbound.mailhostbox.com (Postfix) with ESMTPSA id 6ADE5360488
 for <tor-talk@lists.torproject.org>; Thu, 16 Jun 2016 16:51:44 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sky-ip.org;
 s=20110108; t=1466095905;
 bh=nbMUvd1SgciZT7PpW+WFZ4aPsTrYiDTA/Ph0BMN50BU=;
 h=Reply-To:Subject:References:To:From:Date:In-Reply-To;
 b=Fq2lgWjiWv0nTp5efJqjiBKoE0a3G9imiq0hJxPTGujFsEKdDae/pW/6NK/rv5Z/N
 8ttME/8CWt8TuJCUqAKWhPV8IbBuArd/0f9pIsnKS/uLcCEU31mYACrKx7D/bV6G4b
 Cx66pbuzg/ANbGs/eLa1l7f3yqDAqiwnRCAetblA=
References: <57623B73.5010402@riseup.net>
 <CAD2Ti2_U4FMtanXsV6YH7oOnF_YYpwTztB9A6_4Ev=3rwskL=w@mail.gmail.com>
To: tor-talk@lists.torproject.org
From: s7r <s7r@sky-ip.org>
Message-ID: <11408088-1a47-319b-62c2-bac215642514@sky-ip.org>
Date: Thu, 16 Jun 2016 19:51:30 +0300
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.1.1
MIME-Version: 1.0
In-Reply-To: <CAD2Ti2_U4FMtanXsV6YH7oOnF_YYpwTztB9A6_4Ev=3rwskL=w@mail.gmail.com>
X-CMAE-Score: 0
X-CMAE-Analysis: v=2.1 cv=ZolNU4PG c=1 sm=1 tr=0
 a=KUH7ZFjCMrZRJkmb1c8eNw==:117 a=KUH7ZFjCMrZRJkmb1c8eNw==:17
 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10
 a=13zjGPudsaEWiJwPRgMA:9 a=WbPmnYzAfxEA:10 a=o7o4oZPfVB83X5eMeOUA:9
 a=QEXdDO2ut3YA:10 a=-FEs8UIgK8oA:10 a=NWVoK91CQyQA:10
 a=XQ8P1ybZUMOfhrQvCRUA:9
X-Scanned-By: MIMEDefang 2.72 on 172.18.214.93
X-Content-Filtered-By: Mailman/MimeDel 2.1.18
Subject: Re: [tor-talk] Only nine of the 29 Windows VPN clients that I
 tested didn't leak
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Reply-To: tor-talk@lists.torproject.org
Content-Type: multipart/mixed; boundary="===============7608308787793673957=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============7608308787793673957==
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="9jL26lV3dHk7ihdarWhSn6O56rSkc4I6S"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--9jL26lV3dHk7ihdarWhSn6O56rSkc4I6S
From: s7r <s7r@sky-ip.org>
Reply-To: s7r@sky-ip.org
To: tor-talk@lists.torproject.org
Message-ID: <11408088-1a47-319b-62c2-bac215642514@sky-ip.org>
Subject: Re: [tor-talk] Only nine of the 29 Windows VPN clients that I tested
 didn't leak
References: <57623B73.5010402@riseup.net>
 <CAD2Ti2_U4FMtanXsV6YH7oOnF_YYpwTztB9A6_4Ev=3rwskL=w@mail.gmail.com>
In-Reply-To: <CAD2Ti2_U4FMtanXsV6YH7oOnF_YYpwTztB9A6_4Ev=3rwskL=w@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hello grarpamp, mirmir

Speaking of, there is this website:
http://ipleak.com/

If you go to Proxy/VPN in the left menu it will show you some info
related to vpn usage detected.

In my latest firefox it says:

First seen 	2016/06/16 16:47:04
Last update 	2016/06/16 16:47:04
Total flows 	1
Detected OS 	Windows 7 or 8
HTTP software	Firefox 10.x or newer (ID seems legit)
MTU 	        1406
Network link 	OpenVPN TCP bs64 SHA1 lzo
Language 	English
Distance 	11


Where I use exactly OpenVPN in TCP mode. In Tor Browser this is not
detected.

I am not sure how reliable is this tool, but what's the trick in normal
firefox to disable this so that networking info is not revealed any
more? How is this information gather by this website?

On 6/16/2016 7:28 PM, grarpamp wrote:
> On 6/16/16, Mirimir <mirimir@riseup.net> wrote:
>> https://vpntesting.info/
>>
>> I tested 29 Windows VPN clients for DNS, IPv4 and IPv6 Leaks.
>=20
> Nice.
>=20
> You might want to include
> - For clients that may be doing packet filtering instead of just modify=
ing
> kernel routing tables... test ICMP, generic UDP (non-DNS), TCP, etc.
> - The codebase and VPN protocol of each client (OpenVPN, SoftEther, etc=
)
>=20
>> hit VPN-specified nameservers directly while
>> reconnecting after uplink interruption. But that's not a huge issue,
>> in that they didn't hit other nameservers.
>=20
> Seems big if the direct hits were not encrypted over the VPN
> and user's requirement is to encrypt to the VPN termination.
>=20
>> After uplink interruption,
>> some failed to reconnect automatically
>=20
> These interruption, reconnect, renegotiation, timeout,
> edge cases are important to discover.
>=20
>=20
> More advanced users of Tor + OpenVPN might be interested
> in this capability...
> https://community.openvpn.net/openvpn/ticket/577
>=20


--9jL26lV3dHk7ihdarWhSn6O56rSkc4I6S
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBCAAGBQJXYtkcAAoJEIN/pSyBJlsRBAsIAKyTcloOyS6gbWBdBoJf43WW
pf7P5Lztd+R8K7q9tD+WNEKYdlLeXVZmV0hbgFH8IQdxAd10RfjCHaiJblIIaOLy
/Ir9LPTjHuXW42m3knoSgQLPs1aOfh6fZxjr2Q9exh0zH+N5ylVK5GtQ+BEsy3r4
+dkc++AqTi9C5c+fDxBCc253XP60s/mjYHOUKLXQpijGQq5lH6tVqNhmuYvp/SI3
OZ77aL1J5iMe3i33VKQFL/oticSqxMzwuk3IWkZEkLy7mothYlK0wY+qaBcYrfM1
q5enM3mtY7BUDzHU0BQpn1rrxknPka3imSQsfy4cp1Og31BMNQr2+xVYQc3QPHY=
=N6cW
-----END PGP SIGNATURE-----

--9jL26lV3dHk7ihdarWhSn6O56rSkc4I6S--

--===============7608308787793673957==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnRvci10YWxrIG1haWxpbmcgbGlzdCAtIHRvci10YWxrQGxpc3RzLnRvcnByb2plY3Qub3Jn
ClRvIHVuc3Vic2NyaWJlIG9yIGNoYW5nZSBvdGhlciBzZXR0aW5ncyBnbyB0bwpodHRwczovL2xp
c3RzLnRvcnByb2plY3Qub3JnL2NnaS1iaW4vbWFpbG1hbi9saXN0aW5mby90b3ItdGFsawo=

--===============7608308787793673957==--

