Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ@lemmy.dbzer0.comEnglish · 7 hours ago

Torrenting with mullvad - Possible leak?

sp3ctre@feddit.org to

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ@lemmy.dbzer0.comEnglish · 7 hours ago

Hey fellas,

just came across this sub to discuss my torrenting issue.

I am using linux, have a mullvad subscription and use qbittorrent. Because I read something about VPN-killswitches not being 100% reliable, I also bound the network interface from my mullvad-VPN to the qbittorrent-client.

Now something, what is kind of weird. I started a testrun over night with some legal torrents. In the morning I saw, that the downloads where finished and also seeding. The mullvad client said, that it was connected. But when I wanted to make a “torrent-IP-leak-test” online, I realized, that I couldn’t open any website, because the “website couldn’t be found” (firefox btw).

So I tried to ping 8.8.8.8, which worked, so I assume it must be something wrong on a DNS-level. In terminal I also checked if the Mullvad network interface was still connected, and it was. After I made a simple reconnect to the VPN-server via the MV-client, everything was normal again.

My first guess was, that this issue possibly occurs, because my ISP does an automatic reconnect in the middle of the night.

Now I’m wondering if that setup still can be considered safe. Did you experience similar problems? Is it a threat to privacy?

Using Debian if that’s important.

~sp3ctre

+++EDIT+++

Observation 1: The source of the issue must be the automatic reconnect in my router (required from ISP) in the middle of the night. It encountered too, when I chose another reconnect-time. A manual reconnect in the router interface led to the same issue. Interestingly, pulling the plug from the router doesn’t lead to it.

Observation 2: Since I wasn’t able to check my external IP without being able to DNS-resolve these “ip-check-websites”, I decided to go the direct way via IP of the website (found via who.is), which worked for some websites. Turns out, at least my IP-address seems not to leak (its my VPN-IP). These special torrent-IP-check-websites won’t work at all, if the DNS can’t be resolved at the beginning of the process (when putting the test-torrent into the list).

I will try if it makes any difference, when I turn of my alternative-DNS in the router. Will also try some other VPN-servers.

Chat

sp3ctre@feddit.orgOP
link
fedilink
English
arrow-up
1·
19 hours ago
I guess I can rule that one out. FF has DNS-over-HTTPS but it’s turned off. The DNS from Mullvad is usually used in my case…
- B-TR3E@feddit.org
  link
  fedilink
  English
  arrow-up
  1·
  18 hours ago
  Well, if it’s not DNS then most probably the routing might have been set wrong. Faulty netfilter rules are less likely but possible.

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ@lemmy.dbzer0.com

piracy@lemmy.dbzer0.com

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !piracy@lemmy.dbzer0.com