Here’s How Your IP Address Can Be Traced Through a VPN!

Choosing to connect to the internet using a VPN can provide extra privacy. With many people believing the VPN protects their real IP address from being traced, as they are anonymous to the internet.

Here’s how your IP address can be traced through a VPN. A VPN user’s real IP address can be traced through a VPN, if the VPN leaks information (DNS, WebRTC or Torrent leaks), keeps logs or doesn’t have a kill switch for when the VPN connection fails. Governments, surveillance agencies and police can then find the person associated with the real IP address by getting this information from their Internet Service Provider (ISP).

The quality of VPNs varies considerably and unfortunately will give away information that the VPN should actually be protecting. This can put the VPN user at risk of their privacy being divulged. These privacy failures could end up coming back to haunt the user if these are used during any investigation.

Avoiding falling into a privacy nightmare is quite straightforward as long as the steps in protecting privacy are taken. Making it more difficult to be traced and monitored when using a VPN.

In the following parts of this article, I will look in detail at what can be done to make sure any tracing of VPN traffic is minimized or completely eradicated.

1. DNS Leaks

People can get traced on the internet by law enforcement, government agencies and other legal authorities like a copyright holders legal counsel through IP addresses. By contacting the ISP who owns the IP address, the details of the person using the IP address can be obtained.

Keeping this real IP address from the websites being visited during the time spent on the internet will make it more difficult to trace the person as the assigned IP address will not be their real IP address.

By using VPN software, the VPN assigned IP address will be visible publicly and not the IP address assigned by the ISP. Making it difficult to for the ISP to see their customer’s browsing histories other than the connections made to the VPN servers.

However, VPNs can sometimes leak the real IP address information when they inadvertently use the Domain Naming Service (DNS) of the user’s ISP to find the IP address of the website the user is connecting to and in doing so, the ISP DNS service logs the request.

Providing valuable information about the real IP address of the person and allowing them to be easily traced by approaching the ISP with a court order.

Choosing a VPN with good DNS leak protection is a must, as these VPNs will route any requests to find the IP addresses of the internet resources like websites to the VPN DNS service.

Meaning the ISP does not get to see the DNS request for the website name, making it impossible for the ISP to be able to see any of their customer’s internet browsing history.

2. WebRTC leaks

WebRTC leaks can give away a person’s real IP address, allowing them to be traced as they will leave logging information in their ISPs DNS logs as well as revealing their real IP address to the websites they visit.

What is a WebRTC leak?

Using web applications for video calling and voice calling (like Skype) use the Web Real-Time Communication (WebRTC) protocol and sometimes this can bypass VPNs and show the person’s real IP address to websites they are visiting.

Common web browsers like Mozilla’s Firefox, Google’s Chrome and Opera Web Browser all have built in support for WebRTC using applications for their desktop browser versions as well as Android versions on smart phones.

Apple’s Safari uses WebRTC but has stronger controls over what it can reveal, whilst I don’t think Microsoft Internet Explorer uses WebRTC at all.

Disabling WebRTC from the web browsers configuration options is a good idea in protecting privacy and some VPNs also have the capability to stop WebRTC leaking the real IP address of its users.

3 Torrent Leaks

Some VPNs are not able to protect their users from their torrent software from leaking their IP address to the torrent websites, as these VPNs are unable to stop the torrent traffic from bypassing them and going directly from their computer to the torrent site.

This is part of the torrent client sending what’s known as a announce request to the torrent website and involves divulging your real IP address instead of the VPN assigned IP address.

Not only will your ISP be able to see you are connecting to a torrent website as you’ll be using the ISPs DNS services instead of the VPN DNS services but they will be able to see what you’re downloading.

As any file being downloaded can easily be analysed by a number of tools available to determine if it’s a movie file, audio file to just plain images and documents. The ISP can be contacted to reveal the identity associated with an IP address using a court order.

To avoid revealing the real IP addresses to torrent websites and for protect from ISPs revealing identities, many people use VPNs with torrent leak protection.

These VPNs stop torrent traffic from bypassing their VPN connections and force them to go through the VPN instead. Protecting the identity of the VPN user as only their VPN IP address will be revealed to the websites being visited and their ISP will only see the IP address of their VPN in their browsing history.

4. Using a VPN that logs IP addresses

Any form of logging of IP addresses can prove the web browsing history (as well as other internet connection history like using torrent sites, email, voice calling, video calling, file transfers) and many VPNs promise not to keep any of this history as part of their privacy protection marketing.

This doesn’t necessarily mean they don’t keep logs as there have been some VPN services that have kept logs and provided these to law enforcement and government agencies when presented by legal orders.

VPNs that keep logs will ensure the logs contain information about the real IP address of their customers, the assigned VPN IP address, the internet connections visited including the date and time of the visits.

To avoid having logging details stored many people choose VPNs who advocate not storing any logs with some going to extraordinary measures to prove they are not storing any logs by using third party auditors to come and inspect their VPN setups.

Again, an audit is just a point in time and having a successful audit doesn’t necessarily mean the current state post the audit is the same. The VPN service provider could simply turn logging back on a few days after having a successful audit validating, they didn’t keep logs.

Which VPN does not keep logs?

Using their privacy policy and marketing information is one way to look at whether the VPN is keeping any logs but generally a better way is to see if the VPNs have had any legal orders to divulge logging information.

Any VPN who has refuted these requests could be construed as being outside the jurisdiction of the legal order as well as not keeping any logs to be able to comply with these legal orders.

Checking on VPN related forums such as Reddit, can sometimes bring up clues as to which VPNs may be storing logs but not publicly admitting it. Sometimes, you’ll get an insider from one of these organisations put up comments to either corroborate or deny any of the logging allegations.

5. VPN Proxy leaks

I don’t like these VPN Proxies being called VPN Proxies, as they are just proxies with many being anonymous proxies to try to hide the real IP addresses of their users.

They don’t do any encryption unless they are specifically able to encrypt as HTTPS proxies, so whilst they can protect the real IP address when it comes to browsing websites, they can’t protect any other leaks from a computer unless these proxy is configured for all applications potentially communicating from the user’s device.

Torrent leaks will need a proxy capable of handling non web (http) traffic like a SOCKS proxy and WebRTC leaks will require any browsers used for the browsing the internet to have their relevant WebRTC configurations disabled, and this may be easier said than done with some of the web browsers being used today.

Using these proxies includes an element of risk, as some of these are maliciously set up to steal passwords, inject adware (so you see loads of adverts on every page you visit) to injecting malware and other malicious scripts.

6. Using a VPN without auto-start and a Kill switch

I used to occasionally forget to switch on my VPN connection when I was browsing the internet and by the time I’d realised I’d done this, I’d already done a good chunk of internet browsing and revealed my real IP address to many websites.

VPN auto-start

After some research, I found out my VPN service provider had an auto start at logon setting for VPN software and I enabled this. So, every time I started my computer and logged in, the VPN software would automatically start and connect to the VPN service provider.

Now I didn’t have to worry about forgetting to switch my VPN on, as it would always automatically start. I also did the same on the VPN I used on my smart phone and switched this on to auto-start too, providing me VPN protection as soon as I booted up my phone.

VPN Kill switch

There would be times when I’ m browsing away and from the corner of my eye, I would notice the VPN icon in the bottom right hand corner of my screen had a red ‘X’ showing.

Upon further inspection, by clicking on the VPN icon, it would become clear the VPN connection had stopped so for however long this had happened, my real IP address was being touted to the websites I’d been visiting as the none of my web browsing was being directed through the VPN and it’s secure tunnel.

Again, a bit of research led me to my VPNs kill switch setting, which once set would only allow traffic from my computer to the internet using the VPN connection and if the VPN connection failed, the kill switch would stop all connections from my computer to the internet until a time the VPN connection restored itself.

This was very important when I’d leave my computer on all night, if I was downloading large ISO files (Linux distributions) at night and wanted to make sure I only did this using the VPN. Any failure in the VPN connection would cause a temporary interruption in my downloads only to be rectified as soon as the VPN connection was re-established.

By using the VPN’s kill switch feature, I was assured my real IP address would not be given away when the VPN connection was interrupted or failed.

7. Not using a VPN on all devices

Connecting to the internet today is different from years ago when people normally had a single device, a computer to connect to the internet. Today, with the advent of tablets, smart phones and smart watches, the choice of device to connect to the internet has increased markedly.

To be able to benefit from privacy protections from using a VPN, any connection made from any device used must ideally use a VPN. Otherwise visiting a website without a VPN after also visiting the same website using a VPN may have left some tracking cookies, session cookies and browser finger printing, that could allow the website to correlate the real IP address from just having these present.

If the website is logging information such as visitors IP addresses and is also using cookies to retain sessions, then the real IP address could be logged against the id associated with the session.

This same id could also have the VPN assigned IP address logged with it, when connections are made across a VPN. It doesn’t take much effort to be able to work out the person’s real IP address from these logs.

8. VPN plugins and extensions

I’m not a fan of the web browser VPN plugins and extensions as sometimes they are not even real VPNs, that is they don’t provide any encryption and may not even provide any IP anonymising protections.

Their biggest downfall is they are only useful for web traffic from your web browser being encrypted and anonymised if they can do this. Therefore they will give a persons real IP address away, as they can’t anonymise non web browser traffic.

Using these VPN plugins and extensions includes an element of risk, as installing them allows information on web pages to be read, so some of the VPN plugins may actually be maliciously set up to steal passwords, inject adware (so you see loads of adverts on every page you visit) to injecting malware and other malicious scripts.

Conclusion

Your IP address can be traced through a VPN if the VPN is not doing its job properly and is instead, leaking information about you or you are only using a VPN on some of your internet connections. Using a reputable VPN will provide privacy protection and allow online activities to remain anonymous (check out my list of reputable VPNs here).