How to Prevent An Automatic Reconnection to Avoid IP Leaks?

NetizenMichaelNetizenMichael
in General Privacy Discussion
Hi there,

I have already submitted this question to the PIA helpdesk several days ago, but given the fact that it has not yet been answered, and in view of the interest it may harbor for other PIA users as well, I decide to ask it again in this forum so that they too could benefit from a public answer.

In a recent review of PIA, the author claims that its Windows client is suffering from serious security problems.  "I discovered both IPv4 and IPv6 leaks during my testing results," he asserts. 

https://restoreprivacy.com/private-internet-access-review/

Assuming that this reviewer is right, I would like to know how I can prevent the PIA Windows client from being automatically reconnected after a sudden VPN drop so that I have time to shut down all active applications and connections. After all, leaks during reconnection would make the protection provided by the killerswitch just seconds before completely useless... At least, that is what I, a computer illiterate, think...

Many thanks in advance for all your feedback!

Comments

  • NetizenMichaelNetizenMichael
    Correction: the author states the problem in a clearer way in a related review:

    " In testing out PIA, I discovered that their VPN apps would leak IPv4 addresses during reconnection."

    https://restoreprivacy.com/purevpn-vs-private-internet-access/
  • Omnibus_IVOmnibus_IV
    edited July 2017
    Honestly, I think this to be true for ALL VPNs. Once the link is broken, the local machine will seek other paths to reestablish that link. That is normal. I don't think that PIA is the only vendor that this happens to. Unless the VPN you are using has total control over the OS, there is no way possible to prevent leakage at lost of VPN link. IMHO

    Now, if you want the OS to basically shutdown your network link, then I would recommend a fire wall that will shut down the Network side upon lose of VPN. Comodo I believe has that ability. I use Comodo, but only for one application. If the VPN link is lost that application stops working, period. Again, all is IMHO.
  • NetizenMichaelNetizenMichael
    @ Omnibus_IV 

    Thanks for your response... However, if you are right, then it would mean that all the talk about the kill switch does not make any sense at all...

    From the webpage of Private Internet Access:

    "The internet kill switch activates VPN disconnect protection. If you disconnect from the VPN, your internet access will stop working. It will reactivate normal internet access when you deactivate the kill switch mode or exit the application. "

    Why does the PIA kill switch not work as described above so that a PIA user has the time and opportunity to manually shut down all active applications and connections himself? Is it not possible to disable the automatic reconnection after a VPN drop? As I said before, both the automatic reconnection and the leaks during the reconnection process seem to make the kill switch protection utterly useless...
    • Omnibus_IVOmnibus_IV
      Because I believe the PIA app is a service that starts automatically. When it detects the service has stopped, it will initiate a reconnect. I believe the proper course of action is to set the service as a manual start service. I could be wrong on this, but I think this is what happens.

      Because OpenVPN does not have a "kill switch" perse, I installed and use Comodo Fire Wall. If it detects the TAP adapter has been disconnected, all internet activity stops until the TAP adapter is reinstated.
    • piaabopiaabo
      For more than most people the killswitch works. If you delete the default route to your router/modem from your routing table your internet connection is gone, no leaks. PIA brings up a static route ito one ip address of the pia server you select, this is the only route your ip can take. Now, i've seen the default route come back if your wifi drops and reconnects, but the pia-app killswitch has always dealt with it. We would all like to know whats going wrong in these rare events. Having said that, if you prevent your wifi(assuming your using it) from connecting automatically, and activate the killswitch, i can't see how that route would come back even if the app crashed later.
    • ingberingber
      This may not be so rare?  On our 2 Thinkpad/Win10 x64 Pro PCs, we just started using the PIA app with the kill switch set on.  On each PC we have two adapters active, PIA and Wi-Fi.  After setting the kill switch I noted that the Wi-Fi adapter showed "No internet access" and the PIA adapter showed "Internet access" (with a numbered Network ID).  I assume this is expected since now all traffic goes through PIA.

      However, after a few hours, I saw that both adapters showed "Internet access" .  I disconnected and reconnected PIA to get the Wi-Fi to show "No internet access".

      I did nothing to the adapters.  How could this happen?
    • pyro12pyro12
      Someone wrote a bash script (it's on the forum somewhere) that I modified to work in Linux Mint.  Maybe someone could write something that works in Windows.  Basically it checks to see if the VPN is up every 2 seconds and if it isn't it shuts down your network connection.  It works, but I don't know how dangerous 2 seconds actually is...

      while true
      do
      # wait 2 seconds
      sleep 2
      #verify VPN
      UP=$(ifconfig tun0 | grep "UP")
      if [ -z "$UP" ]; then
      # disconnect ethernet connection
      nmcli dev disconnect iface "$mieth"
      #ifconfig "$mieth" down [this works but requires root priviledges]
      echo " The VPN was not up. Ethernet connection has been SHUT DOWN. .. reenable it  manually. Script exited at .. "  $(date)
      #" you can also re-connect with command -> nmcli con up id "name of connection"
      zenity --error --text "VPN Appears to be Down!"
      # exit the loop
      exit
      else
      echo " ok- vpn up .. "
      fi
      done
    • piaabopiaabo
      ingber, as i mentioned the default route comes back if your wifi drops and reconnects, thus it will then show internet access on that interface, but it still doesn't leak for me and this must occur for many people, and also that is not during the vpn reconnecting period the report above indicates.

      If you disconnect the vpn manually it will delete the default route again, blocking access. There could perhaps be cases where the app fails and your wifi reconnects, in which case i suggest don't let your wifi connect automatically, then if it drops it shouldn't come back up. Another option would be to use task scheduler to trigger on event(wifi connects) and delete the default route(route DELETE 0.0.0.0 'ip of your wifi gateway here'). Or set up some polling interval as in the script above.
    • ingberingber
      I really do not think that my WiFi drops.  For example, in my dd-wrt router:
      # uptime
       07:56:46 up 8 days,  5:08,  load average: 0.07, 0.01, 0.00

      However, 1-2 time a day I note that the PIA app in the Win10 tray has a different IP, suggesting it is PIA that is "dropping" to change IPs.  At these times, the connection often changes such that the WiFi adapter toggles between "No internet access" and "Internet access" -- which is what I am reporting.

      Each time (no matter the state of this "toggle") I look at ipleak.net, I see no drop in VPN protection.
    • piaabopiaabo
      Next time just check with 'event viewer' (click the start button and start typing event viewer). I've found these two events correlate with wifi reconnecting: 1) in applications folder: Microsoft-Windows-WLAN-AutoConfig/Operational event 8001 (connection up) 2) also applications folder: Microsoft-Windows-Dhcp-Client event=1003 (ip lease renewal issue) If it was '8 days' since both of those, there might be a problem. Like you i've not had any leaks to my knowledge, but as a redundancy, i now use these two events to trigger (task scheduler) a simple batch script to spam the delete default route command, i've not seen it come back since.
    Sign In or Register to comment.