WebRTC may be leaking your real IP even with VPN!

April 24, 2015

WebRTC (Web Real-Time Communication) is an API that supports browser applications for voice calling, video chat, and P2P file sharing without the need any of plugins. Among the most popular browsers, Firefox and Chrome supports WebRTC. Internet Explorer and other browsers has no native support but there are plugins available that add support for WebRTC.

Leak Test

How does WebRTC leaks my IP?

WebRTC allow requests to STUN servers be made that will return the local and public IP addresses for the user. These request results are available to javascript, so you can now obtain a users local and public IP addresses in javascript. Additionally, these STUN requests are made outside of the normal XMLHttpRequest procedure, so they are not visible in the developer console or able to be blocked by plugins such as AdBlockPlus or Ghostery. This makes these types of requests available for online tracking if an advertiser sets up a STUN server with a wildcard domain.

How can I prevent this IP leakage?

They cannot be blocked permanently with browser plugins like WebRTC block. The best way to protect against this leak is using firewall rules to enforce that traffic can only be sent over the encrypted VPN tunnel. With the ZPNs Kill Switch options once a VPN tunnel is established that your provider assigned IP cannot be leaked by WebRTC or similar mechanisms.

Comments (0)