Using a VPN is a great way to protect your identity when surfing the web. The applications of the technology are virtually are endless and can greatly enhance your online experience. For safety purposes, though, you may want to have an idea of how to check if your VPN is working properly or how to obtain the real IP of someone in your network.
How to find the real IP address behind a VPN? You can troubleshoot for any leaks in your VPN and legally find a user’s real IP address by:
- Testing with WebRTC
- Troubleshooting with free online services
- Requesting VPN log files
- Using the DNS
If you feel that your privacy has been breached or simply want to monitor the activity going on in a network under your control, these methods will help you to protect your own identity with a VPN and uncover the identity of possible hackers. There are many caveats to how VPNs and IP address function, though. The complexities of IP addresses, DNSs, and VPNs are discussed in depth below.
Why Find the Real IP Behind a VPN?
If you are an employer and need to track the web activity of your staff, or even a concerned parent monitoring your underaged child’s internet history, you may need to figure out how to find the real IP address behind a VPN. Doing so will help you to find the identifying information of a computer that has been accessing a network you either run or are a part of in some way.
On the other hand, knowing the methods by which one can find the real IP address hidden behind a VPN is a great way to prepare for any potential problems you may face when using one. For instance, you can use these techniques to stay one step ahead of any hackers by improving security where you find flaws in the network.
Recently, there was a flaw discovered in the security of VPNs that allows for remote websites to use a feature engineered into most browsers known as WebRTC (Web Real Time Communication). With this feature, websites can uncover a user’s real IP address, even when they were using a VPN. Although it is not a major issue quite yet, it is only a matter of time until popular services such as Netflix and Hulu use this function to keep VPN users off their platforms.
It only takes a bit of simple coding for someone to figure out:
- Your true physical location
- Your ISP
- Your identity
Although it is currently only a problem for browser-based sites and services, anything that can pull up a web page, browser or app, can take advantage of this feature since WebRTC is accessible through virtually any browser. The loss of simple streaming services may not seem too serious, but note that government authorities can use this function, too, to find your identity and location.
How WebRTC Works
Two of the most popular web browsers, Firefox and Google Chrome, have already begun scaling up the usefulness of WebRTC to users. Through these browsers, the WebRTC allows users to request local and public IP addresses from STUN (Session Traversal Utilities for Nat, another type of network protocol) servers.
When the requested data is provided, it is made available in JavaScript. Because of how the STUN requests are made, they are not visible to the developer console and can, therefore, avoid being blocked by defensive plugins like AdBlockPlus.
1. Testing Your VPN with WebRTC
With these instructions, you’re specifically going to test the ability of WebRTC to access your real IP address behind a VPN. This is useful for troubleshooting your VPN’s ability to hide your true IP address and clue you in to whether it’s fulfilling its purpose or not.
- Visit any website that is freely available online to retrieve your ISP-generated IP address.
- Log in to the VPN and change the information as you desire (choose another location if you wish). Double-check that you are connected before moving onto the next step.
- Revisit the site that provided you your IP address for Step 1. This time, it should provide you with the IP address provided by your VPN.
- Visit the WebRTC test page to confirm whether it is showing your real IP address or not. If both show the new address provided by the VPN, then you’re all set! Your information is protected. If not, your information is being leaked.
Once you confirm that you’re IP address is leaking, you may want to know exactly where the weaknesses are to better protect yourself in the future. Trace the steps of uncovering your IP address behind a VPN to identify those weak spots. You can find your real IP address using JavaScript by copying and pasting the code written here, or using another method outlined below.
2. Using an Online Service
There are numerous services available online that promise to provide your real IP address, along with your location and other identifying information. To find your real IP address with these, follow these instructions to troubleshoot your VPN’s effectiveness:
- Log into your VPN and choose a specific location.
- Visit the online service of your choice.
- Review the information listed on the site. It will list your:
- IPv4 (Internet Protocol Version 4): This is written in the following format, “N” representing numbers: “N.N.N.N.” These numbers typically range between 0-255. This is a 32-bit address. Each computer is assigned a unique sequence of 1s and 0s. This is limited, as it can only connect about 4.2 billion devices. With smartphones, tablets, desktops, laptops, gaming consoles… that’s not enough space! This necessitates IPv6.
- IPv6 (Internet Protocol Version 6): This IP address is written in the form of eight consecutive hexidecimals. With this difference, far more devices can be connected to the internet all at once.
- Local IPs: These are addresses used only in your private network rather than shown in the outside world. This can change if different devices connect and disconnect to the same network (even the order in which they connect can influence your IP address). These are typically assigned in single-digit increments (i.e., 192.168.1.2 vs. 192.168.1.3).
- ISP
This is useful not just for uncovering the true address and other information behind a VPN, it may also become necessary when you are confirming the services of a VPN provider. Unfortunately, you won’t always be able to trust what a provider says about the locations they offer, but this way, you can figure the locations out yourself.
3. Accessing the VPN Log Files
This option is available to those individuals who need to access an IP address through a VPN for safety reasons. This is the most plausible if you have experienced a breach of cybersecurity. It is available only through a court order, however, so this should not be taken lightly. This is the most common, legal way to access the true IP address of someone using a VPN network.
Why? Because the accessing of a real IP address that is protected by a VPN can be seen as a violation of privacy, exposing a nonconsenting individual’s personal information. A VPN log file is a record of a computer’s web activity, tracking information of incoming and outgoing connections to a server.
The information kept in the files include:
- Your IP address
- The VPN-provided IP address
- Timestamps noting when the user connected and disconnected from the VPN
- Ability of the VPN to access all of the above information
Note that not all VPN providers keep the same data, some not keeping these records to the extent of other providers. These records depend on the privacy policy that the provider upholds and how they approach user security.
4. Use a DNS
A DNS, or domain name system, helps to provide IP addresses by translating them from domain names. This helps browsers load information resources to then send to the appropriate computers requesting them. When you control the DNS translating your domain, you can monitor all the incoming requests to your server.
Using the DNS in the following way will help you to uncover the real IP address of users accessing your network:
- Create a subdomain for each user requesting to access your server.
- Embed that subdomain in the HTML.
- You will now be able to check the user’s real IP address on the DNS server.
This technique will work as long as the user is not hiding their DNS along with their IP. (For example, a SOCKS proxy hides DNS requests along with a user’s personal information.)
What is Your Real IP?
Whenever you connect to a server, AKA another computer, no matter where in the world it is, your system is required to share information about your computer. This information may include the physical location of your computer, as well as identifying information that allows the server to remember your computer for future access. Such data is shared in part due to your Internet Protocol (IP) address.
Once you are allowed access to that server, your computer will need a way to connect to the appropriate network. A network is made up of a group of computers that are all connected. Most of the time, an internet service provider (ISP) will provide you the ability to connect to a given network, as they will complete all the necessary connections on your behalf.
An ISP will also provide you instructions on how to use the service once connected. They utilize several different types of techniques in the management of all computers in a given network. Different techniques are needed since each computer within the network is likely to be engaged in a different activity than the others, so all of these interactions must be kept separate.
For instance, if one computer in the network were to visit a website, that website must know which device to send the web page to. It cannot get mixed up between the others – this is where the IP address comes in. The IP address tells that web page the address of the computer that requested it and informs the website where to go.
How the Real IP Address Works
For these purposes, your ISP will provide you with a temporary IP address, rather than a permanent one. (Temporary can mean as short as a few days up to several months, but the bottom line is that it will always change eventually). With the use of the Dynamic Host Control Protocol (DHCP), the server can assign your computer a unique IP address.
The DHCP configures all necessary elements for your computer to connect with a network. For this reason, you may not be able to set up a server on your computer, since no one would be able to find it due to its constantly changing.
When your computer attempts to connect to a server, the server then records the network configuration. This information is gathered at the time of the connection. So, although you may not know which IP address has been assigned to you by the DHCP, the server will. This real-time address gathered is known as the “real IP address.”
It is the real IP address that allows your computer to receive web pages and emails all in real-time. To find your real IP address, you’ll need to ask a server directly. Sometimes, though, you don’t need to find your IP and may need to find someone else’s, if they are using a VPN, for example.
Your IP Address with a VPN
All of this is well and good, but what does it have to do with VPNs? A VPN, known officially as a virtual private network, is another factor in the process of connecting your computer to a network. A VPN will hide your IP address and physical location by essentially hiding behind another IP address. It is also possible to display the location of your choice when using a VPN.
This is a way to protect your personal information from being distributed to websites that you visit if for some reason you need to keep that information confidential. Instead of seeing your information, the server will instead receive the data of the computer providing the VPN for you. The ISP will then only see encrypted data from your computer as well, providing another layer of security.
A few benefits of using a VPN are:
- It is a reliable way to avoid marketers, due to the inability of servers to collect your personal information
- Your ISP will no longer be able to track your web history and activity
- Since the ISP can only gather encrypted data, they will not be able to limit your bandwidth
- You will experience enhanced security when online due to the additional layer of protection to your personal information. Hackers will face another obstacle when attempting to break through the VPN.
- This is why VPNs are especially useful when using your computer in public locations. Hackers will often steal information from public Wi-Fi hotspots such as those provided in airports and coffee shops. People who travel often or work remotely in public places will especially benefit from the use of a VPN.
- Accessing websites that may be restricted by a public institution such as a library, school, or employer. (This is usually enforced with a firewall. Using a VPN will allow you to go through such firewalls and access the information you need.)
Perhaps one of the greatest benefits of using a VPN lies in the fact that you can change your location. If you happen to be in a region that has restricted access to certain websites, and even entire portions of the internet, changing your location can significantly increase the amount of information available to you. You will no longer be subject to restrictions based on location.
Can a VPN Be Traced?
If your concern is whether your web activity is being traced or not, you will benefit, like most people, from Methods 1 and 2 listed above. These are the least costly and invasive methods of discovering your real IP behind a VPN. Still, even after confirming that your IP address is hidden, you may have questions as to whether your VPN can be traced.
VPNs function by establishing an encrypted “tunnel” of sorts through which your online data can be transported while remaining concealed. It takes the data being sent from your computer and a server under its management and then sends it through said tunnel to the servers of every web page you visit. You can think of this as the VPN digitally “sneaking” you into these sites.
They also protect incoming data by filtering it through their server before it reaches you. One of the most important things to note about using a VPN is that neither your ISP nor government authorities can see the details of your web activity (if you are using a reputable provider). They may be able to see that you are active on the web with a VPN, but they will not be able to detect the data being transferred between your computer and other servers.
The only time your data should be at risk is if your computer experiences a DNS leak. Unfortunately, only Windows users are at risk of a DNS leak (those who work on a Mac OS or Linux operating system do not have to worry about a potential leak of information, at least in this form). Additional ways you can be tracked even with a VPN include:
- Money trails: If you pay for your VPN with your credit card, it is possible to connect your e-commerce activity with your VPN account.
- Cookies: When you agree to a website’s cookie policy, many text files are downloaded onto the device you’re using to access the server. These cookies, often from third-party sources (i.e., advertisers), will track your web activity wherever you go online.
- Browser fingerprinting: This technique has relatively high accuracy when tracking your online activity. Your computer shares quite a bit of information about your OS and the device itself when visiting a website. Though the information is not identifying in and of itself, all of it combined can result in a pretty accurate method by which your IP can be revealed.
What is a DNS Leak?
A DNS leak, or IP leak, as it is also known, is what happens when your IP address is accidentally revealed even when you are protected by a VPN. The DNS is responsible for translating URL addresses in word form to the numerical IP addresses the computer can recognize. One can be referred to as “human-friendly” (a word-based URL) whereas the other is deemed “computer-friendly” (numerical URL).
When your computer communicates with a server to request access, those devices are communicating in numbers. To retrieve the website you are requesting, your DNS reveals your IP address, again, so the server will send the information to the right destination. Standard browsers show your DNS, while VPNs anonymize this data.
During this communication, one of the things that can go wrong is your DNS request being sent straight to your ISP instead of being routed first through your VPN. If this happens, your IP address will be revealed to the server, resulting in a “leak” of your information.
How to Prevent a DNS Leak
It is not enough to know how to troubleshoot your VPN’s effectiveness, you must also know how to prevent any leaks of information from happening. There are websites where you can freely check for DNS leaks, just like those mentioned above, where you can initiate your preventative measures. Follow the check-up with any (or all) of the following tips to ensure your DNS is safe behind the VPN:
- Set Up a Static IP Address: Using a static IP address, versus a dynamic one, can help to reduce the risk of a DNS leak. (There are two types of IP addresses: static and dynamic. Static addresses are typically needed only when a server, in this case, a VPN, must remember your computer’s IP address. Otherwise, most people only need dynamic IPs – these are the ones that change over time.)
- Use Third-Party Software: Not all VPNs offer DNS protection. If you have a VPN provider that does not offer DNS protection and you don’t want to change providers, you can instead download third-party software to enhance the protection of any potential leaks of either your IP or DNS.
- Carefully Vet VPN Providers: Of course, one of the most important elements in protecting your VPN is the quality and reliability of your VPN provider. No matter what precautions you take, if you end up with a sub-optimal provider, you might as well not have a VPN at all.
When you’re searching for a VPN provider, take note of what types of services they offer. Some providers will make available a sort of “kill switch” that you can use in case any web activity goes wrong. These will take you offline in an instant. Of course, reliable VPNs should also offer customization of DNS settings that reroute requests from servers through their servers rather than straight to your ISP or other routes.
The only other possibility that you should be aware of regarding potential data leaks is hackers. No matter how complex and efficient defensive technologies become, hackers are also constantly innovating their techniques. They may be able to find a way through your VPN using phishing emails loaded with malware or trojan. Antivirus software and careful online conduct will protect you from this, though.
Are VPNs Legal to Use?
The legality of VPNs is perhaps one of the most frequently questioned aspects of the technology. Like most software, especially those geared toward protecting or hiding identifying information in one form or another, there are legal and illegal applications of VPNs.
VPNs are completely legal to use in all countries except:
- China
- Russia
- Iraq
- North Korea
In these areas, the technology is either completely banned or severely restricted.
You must also understand that certain websites or online services have the authority to ban the use of VPNs with their servers. As mentioned above, sites such as Netflix explicitly prohibit the use of VPNs. This may be attributed to the fact that certain media and entire “regions,” per se, of the internet are prohibited in certain countries, and accessing that data is a violation of legal restrictions.
In such instances, yes, the use of a VPN is still legal in the context of the law, however, this is a clear and intentional breach of their Terms of Use. This can still have consequences of its own, such as you being unable to access those services in the future. Lastly, any activities that would be considered illegal apart from the use of a VPN are still considered illegal with one. The same laws apply whether your IP is hidden or made public (check out my review of the best VPN choices here).
Is It Legal to Access Someone’s IP Address Behind a VPN?
Whether it is legal or illegal to uncover someone’s IP address while it is protected by a VPN is unclear. Speculatively, accessing a user’s IP address behind a VPN, apart from the methods listed above, can be considered a breach of privacy, and therefore, illegal. The individual is intentionally using measures to protect themselves and their identity, and you are committing the decisive act of violating those efforts.
Most, if not all, VPN providers keep a log of your activity when using a VPN – even when they claim not to. They must do this since this is information that must be turned over if requested from law enforcement (such as in the case of a data breach). This method, of course, is legal.
Be familiar with laws such as the Computer Fraud & Abuse Act (CFAA), which prohibits anyone from knowingly accesses a computer (or another device) without authorization and obtaining the data listed below:
- Information stored in financial records
- Information concerning governmental agencies
- Information from a protected computer
Information obtained by violating or exceeding authorization, especially from a protected computer and/or to defraud a user, was obtained illegally – especially if the procurement of that data was used to cause damages or resulted in any kind of loss.
If you feel that it is necessary to access identifying information of an individual sharing your network, or if you suspect that your privacy has been breached, please retrieve the necessary information within the limits of the law.
