Disable WebRTC to prevent real IP leakage

Generally, when using the agent online, many times, do not want to expose their true IP address, but recently exposed a webRTC feature, exposing our true IP, for most browsers such as Chrome, Firefox, etc. Problem.

What is WebRTC

WebRTC (Web Real-Time Communication) is a technology that supports web browsers for real-time voice dialogue or video conversations, is a technology that Google acquires Global IP Solutions $ 68.2 million in 2010. In May 2011, Google opened the source code of WebRTC, which has been widely supported and applied in the industry.

Vulnerability

Through this vulnerability, the website administrator can easily see the user’s true IP address through WebRTC, even if the user uses VPN to hide their IP. The vulnerability affects web vulnerabilities, including common browsers such as Google Chrome and Firefox.

The network security researcher PAOLO Stagno tested 70 VPN providers, found that 16 of which leak users through WebRTC, and 23%). You can check if your VPN lesses your true IP.

Vulnerability principle

WebRTC penetrates the firewall or NAT in the VoIP network with Stun (Session Traversal Utilities for Nat), TURN, and ICE. The user sends a request to the server, and the Stun server returns the IP address and LAN address used by the user.

The request returned can be obtained by JavaScript, but since this process is performed outside the normal XML / HTTP request process, it is not seen in the developer console. This means that the only requirement of this vulnerability is that the browser should support WebRTC and JavaScript.

Solution

For the user, if you don’t want your own real IP address leak, you can prevent the real IP address from leaking by disabling WebRTC.

The Firefox browser disabled WebRTC is: Enter: about: config on your browser. After search: Media.peerconnection.enabled. After finding it, double click, change it to false.

The CHROME browser disabled WebRTC method is: In the Chrome App Store, install an extension called WebRTC Leak Prevent, then select Use My Porxy Server (if present).

Original link.

Uncategorized