How can I reliably prevent my local IP address leaking in the web browsers?












3















Any site that I visit can see my local IP (e.g. 192.168.1.102). Is there any reliable way to block this behavior? (browser setting, OS setting, router setting, etc.) I am particularity interested in Google Chrome and Mozilla Firefox, but any modern open source browser will do. If it is a browser plugin, it should be open source with a solid user base.



By reliable I mean, that I do not need to check the leakage again after every software update.



More info / what I have read so far:




  • There was a Chrome plugin that is not working anymore

  • Local IP is obtained using JavaScript / WebRTC



    • Live Demo here: Demo

    • Source code: https://github.com/diafygi/webrtc-ips



  • Firefox developers is not going to fix the leak (bug is open from 2014): Bug 959893


  • In Private / Incognito mode does not prevent this leak. If you use static IPs, and have non typical local IP (e.g. 10.66.77.88 or 192.168.212.121), then there is no need for Browser fingerprinting . Your external IP + internal IP is perfect fingerprint.


Update 1: It is not duplicate of How to Disable WebRTC in Google Chrome - I want to prevent private / local IP leak, not disable all WebRTC.



Update 2: No, it is not related to header X-Forwarded-For (HTTP_X_FORWARDED_FOR), that is added when user/administrator chooses to do so. In my provided demo it is not your choice... It is Google's and Mozilla's choice to leak your private IP even when using private browsing mode.



Update 3: Ability to determine my local IP allows malicious JavaScript to quickly identify my local subnet and print on my local network printers from any website in the world without me doing anything. Cross-site printing This CSP Demo finds my LAN printers using JavaScript.



Update 4: It is not a good idea to reveal private IP to every website. By seeing your private IP, for example 192.168.88.101, I can guess with very high probability that you are using MikroTik router. Also, I can track particular user event if user uses different browsers because local and remote IP stays the same for some time (hours or even days).










share|improve this question




















  • 1





    The demo you linked shows all addresses as nothing for me, using edge.

    – PulseJet
    Feb 1 '17 at 15:31













  • @Ramhound, why not, if the local network is keeping logs?

    – PulseJet
    Feb 1 '17 at 15:33






  • 1





    @MarisB. - The demo you link to me also shows me nothing. I am currently using Chrome.

    – Ramhound
    Feb 1 '17 at 15:36






  • 1





    You can link a better demo in your question (HTTP_X_FORWARDED_FOR) whatsmyip.org/more-info-about-you

    – PulseJet
    Feb 1 '17 at 15:36








  • 1





    Possible duplicate of How to Disable WebRTC in Google Chrome

    – Ƭᴇcʜιᴇ007
    Feb 1 '17 at 18:13
















3















Any site that I visit can see my local IP (e.g. 192.168.1.102). Is there any reliable way to block this behavior? (browser setting, OS setting, router setting, etc.) I am particularity interested in Google Chrome and Mozilla Firefox, but any modern open source browser will do. If it is a browser plugin, it should be open source with a solid user base.



By reliable I mean, that I do not need to check the leakage again after every software update.



More info / what I have read so far:




  • There was a Chrome plugin that is not working anymore

  • Local IP is obtained using JavaScript / WebRTC



    • Live Demo here: Demo

    • Source code: https://github.com/diafygi/webrtc-ips



  • Firefox developers is not going to fix the leak (bug is open from 2014): Bug 959893


  • In Private / Incognito mode does not prevent this leak. If you use static IPs, and have non typical local IP (e.g. 10.66.77.88 or 192.168.212.121), then there is no need for Browser fingerprinting . Your external IP + internal IP is perfect fingerprint.


Update 1: It is not duplicate of How to Disable WebRTC in Google Chrome - I want to prevent private / local IP leak, not disable all WebRTC.



Update 2: No, it is not related to header X-Forwarded-For (HTTP_X_FORWARDED_FOR), that is added when user/administrator chooses to do so. In my provided demo it is not your choice... It is Google's and Mozilla's choice to leak your private IP even when using private browsing mode.



Update 3: Ability to determine my local IP allows malicious JavaScript to quickly identify my local subnet and print on my local network printers from any website in the world without me doing anything. Cross-site printing This CSP Demo finds my LAN printers using JavaScript.



Update 4: It is not a good idea to reveal private IP to every website. By seeing your private IP, for example 192.168.88.101, I can guess with very high probability that you are using MikroTik router. Also, I can track particular user event if user uses different browsers because local and remote IP stays the same for some time (hours or even days).










share|improve this question




















  • 1





    The demo you linked shows all addresses as nothing for me, using edge.

    – PulseJet
    Feb 1 '17 at 15:31













  • @Ramhound, why not, if the local network is keeping logs?

    – PulseJet
    Feb 1 '17 at 15:33






  • 1





    @MarisB. - The demo you link to me also shows me nothing. I am currently using Chrome.

    – Ramhound
    Feb 1 '17 at 15:36






  • 1





    You can link a better demo in your question (HTTP_X_FORWARDED_FOR) whatsmyip.org/more-info-about-you

    – PulseJet
    Feb 1 '17 at 15:36








  • 1





    Possible duplicate of How to Disable WebRTC in Google Chrome

    – Ƭᴇcʜιᴇ007
    Feb 1 '17 at 18:13














3












3








3








Any site that I visit can see my local IP (e.g. 192.168.1.102). Is there any reliable way to block this behavior? (browser setting, OS setting, router setting, etc.) I am particularity interested in Google Chrome and Mozilla Firefox, but any modern open source browser will do. If it is a browser plugin, it should be open source with a solid user base.



By reliable I mean, that I do not need to check the leakage again after every software update.



More info / what I have read so far:




  • There was a Chrome plugin that is not working anymore

  • Local IP is obtained using JavaScript / WebRTC



    • Live Demo here: Demo

    • Source code: https://github.com/diafygi/webrtc-ips



  • Firefox developers is not going to fix the leak (bug is open from 2014): Bug 959893


  • In Private / Incognito mode does not prevent this leak. If you use static IPs, and have non typical local IP (e.g. 10.66.77.88 or 192.168.212.121), then there is no need for Browser fingerprinting . Your external IP + internal IP is perfect fingerprint.


Update 1: It is not duplicate of How to Disable WebRTC in Google Chrome - I want to prevent private / local IP leak, not disable all WebRTC.



Update 2: No, it is not related to header X-Forwarded-For (HTTP_X_FORWARDED_FOR), that is added when user/administrator chooses to do so. In my provided demo it is not your choice... It is Google's and Mozilla's choice to leak your private IP even when using private browsing mode.



Update 3: Ability to determine my local IP allows malicious JavaScript to quickly identify my local subnet and print on my local network printers from any website in the world without me doing anything. Cross-site printing This CSP Demo finds my LAN printers using JavaScript.



Update 4: It is not a good idea to reveal private IP to every website. By seeing your private IP, for example 192.168.88.101, I can guess with very high probability that you are using MikroTik router. Also, I can track particular user event if user uses different browsers because local and remote IP stays the same for some time (hours or even days).










share|improve this question
















Any site that I visit can see my local IP (e.g. 192.168.1.102). Is there any reliable way to block this behavior? (browser setting, OS setting, router setting, etc.) I am particularity interested in Google Chrome and Mozilla Firefox, but any modern open source browser will do. If it is a browser plugin, it should be open source with a solid user base.



By reliable I mean, that I do not need to check the leakage again after every software update.



More info / what I have read so far:




  • There was a Chrome plugin that is not working anymore

  • Local IP is obtained using JavaScript / WebRTC



    • Live Demo here: Demo

    • Source code: https://github.com/diafygi/webrtc-ips



  • Firefox developers is not going to fix the leak (bug is open from 2014): Bug 959893


  • In Private / Incognito mode does not prevent this leak. If you use static IPs, and have non typical local IP (e.g. 10.66.77.88 or 192.168.212.121), then there is no need for Browser fingerprinting . Your external IP + internal IP is perfect fingerprint.


Update 1: It is not duplicate of How to Disable WebRTC in Google Chrome - I want to prevent private / local IP leak, not disable all WebRTC.



Update 2: No, it is not related to header X-Forwarded-For (HTTP_X_FORWARDED_FOR), that is added when user/administrator chooses to do so. In my provided demo it is not your choice... It is Google's and Mozilla's choice to leak your private IP even when using private browsing mode.



Update 3: Ability to determine my local IP allows malicious JavaScript to quickly identify my local subnet and print on my local network printers from any website in the world without me doing anything. Cross-site printing This CSP Demo finds my LAN printers using JavaScript.



Update 4: It is not a good idea to reveal private IP to every website. By seeing your private IP, for example 192.168.88.101, I can guess with very high probability that you are using MikroTik router. Also, I can track particular user event if user uses different browsers because local and remote IP stays the same for some time (hours or even days).







google-chrome firefox browser ip webrtc






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Mar 20 '17 at 10:17









Community

1




1










asked Feb 1 '17 at 15:29









Maris B.Maris B.

2711416




2711416








  • 1





    The demo you linked shows all addresses as nothing for me, using edge.

    – PulseJet
    Feb 1 '17 at 15:31













  • @Ramhound, why not, if the local network is keeping logs?

    – PulseJet
    Feb 1 '17 at 15:33






  • 1





    @MarisB. - The demo you link to me also shows me nothing. I am currently using Chrome.

    – Ramhound
    Feb 1 '17 at 15:36






  • 1





    You can link a better demo in your question (HTTP_X_FORWARDED_FOR) whatsmyip.org/more-info-about-you

    – PulseJet
    Feb 1 '17 at 15:36








  • 1





    Possible duplicate of How to Disable WebRTC in Google Chrome

    – Ƭᴇcʜιᴇ007
    Feb 1 '17 at 18:13














  • 1





    The demo you linked shows all addresses as nothing for me, using edge.

    – PulseJet
    Feb 1 '17 at 15:31













  • @Ramhound, why not, if the local network is keeping logs?

    – PulseJet
    Feb 1 '17 at 15:33






  • 1





    @MarisB. - The demo you link to me also shows me nothing. I am currently using Chrome.

    – Ramhound
    Feb 1 '17 at 15:36






  • 1





    You can link a better demo in your question (HTTP_X_FORWARDED_FOR) whatsmyip.org/more-info-about-you

    – PulseJet
    Feb 1 '17 at 15:36








  • 1





    Possible duplicate of How to Disable WebRTC in Google Chrome

    – Ƭᴇcʜιᴇ007
    Feb 1 '17 at 18:13








1




1





The demo you linked shows all addresses as nothing for me, using edge.

– PulseJet
Feb 1 '17 at 15:31







The demo you linked shows all addresses as nothing for me, using edge.

– PulseJet
Feb 1 '17 at 15:31















@Ramhound, why not, if the local network is keeping logs?

– PulseJet
Feb 1 '17 at 15:33





@Ramhound, why not, if the local network is keeping logs?

– PulseJet
Feb 1 '17 at 15:33




1




1





@MarisB. - The demo you link to me also shows me nothing. I am currently using Chrome.

– Ramhound
Feb 1 '17 at 15:36





@MarisB. - The demo you link to me also shows me nothing. I am currently using Chrome.

– Ramhound
Feb 1 '17 at 15:36




1




1





You can link a better demo in your question (HTTP_X_FORWARDED_FOR) whatsmyip.org/more-info-about-you

– PulseJet
Feb 1 '17 at 15:36







You can link a better demo in your question (HTTP_X_FORWARDED_FOR) whatsmyip.org/more-info-about-you

– PulseJet
Feb 1 '17 at 15:36






1




1





Possible duplicate of How to Disable WebRTC in Google Chrome

– Ƭᴇcʜιᴇ007
Feb 1 '17 at 18:13





Possible duplicate of How to Disable WebRTC in Google Chrome

– Ƭᴇcʜιᴇ007
Feb 1 '17 at 18:13










2 Answers
2






active

oldest

votes


















6














Disable WebRTC with extensions:



In Firefox with addon Disable WebRTC or advanced users can use about:config to set media.peerconnection.enabled to false.



In Chrome with extension WebRTC Leak Prevent






share|improve this answer





















  • 1





    In firefox you don't even need a extension, tweak about:config is enough.

    – Sam
    Feb 1 '17 at 15:39






  • 2





    same to chrome, just tweaking chrome://flags/ But using extensions is easier for a person who couldn't find these settings by himself.

    – Ipor Sircer
    Feb 1 '17 at 15:42








  • 3





    @IporSircer - You should provide that information, within the body of your answer, for those not able to use extensions. Saying it's possible in a comment, and not explaining which flag, means people not familar with the name of the flag have to spend time to researching it.

    – Ramhound
    Feb 1 '17 at 15:51






  • 1





    @IporSircer, you can't use chrome://flags/, source: superuser.com/questions/1055741/…

    – PulseJet
    Feb 1 '17 at 16:32











  • uBlock Origin is also able to prevent WebRTC leaking, if you guys already have it installed

    – andromeda947
    Feb 5 '17 at 17:26



















0














On chrome, if I go into incognito browsing mode the WebRTC extensions meant to block your local IP address don't work. They only work if you are not in incognito mode. So you have to chose, logging to your browser history but no local IP leak or incognito mode with local IP leak.






share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "3"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1174019%2fhow-can-i-reliably-prevent-my-local-ip-address-leaking-in-the-web-browsers%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    6














    Disable WebRTC with extensions:



    In Firefox with addon Disable WebRTC or advanced users can use about:config to set media.peerconnection.enabled to false.



    In Chrome with extension WebRTC Leak Prevent






    share|improve this answer





















    • 1





      In firefox you don't even need a extension, tweak about:config is enough.

      – Sam
      Feb 1 '17 at 15:39






    • 2





      same to chrome, just tweaking chrome://flags/ But using extensions is easier for a person who couldn't find these settings by himself.

      – Ipor Sircer
      Feb 1 '17 at 15:42








    • 3





      @IporSircer - You should provide that information, within the body of your answer, for those not able to use extensions. Saying it's possible in a comment, and not explaining which flag, means people not familar with the name of the flag have to spend time to researching it.

      – Ramhound
      Feb 1 '17 at 15:51






    • 1





      @IporSircer, you can't use chrome://flags/, source: superuser.com/questions/1055741/…

      – PulseJet
      Feb 1 '17 at 16:32











    • uBlock Origin is also able to prevent WebRTC leaking, if you guys already have it installed

      – andromeda947
      Feb 5 '17 at 17:26
















    6














    Disable WebRTC with extensions:



    In Firefox with addon Disable WebRTC or advanced users can use about:config to set media.peerconnection.enabled to false.



    In Chrome with extension WebRTC Leak Prevent






    share|improve this answer





















    • 1





      In firefox you don't even need a extension, tweak about:config is enough.

      – Sam
      Feb 1 '17 at 15:39






    • 2





      same to chrome, just tweaking chrome://flags/ But using extensions is easier for a person who couldn't find these settings by himself.

      – Ipor Sircer
      Feb 1 '17 at 15:42








    • 3





      @IporSircer - You should provide that information, within the body of your answer, for those not able to use extensions. Saying it's possible in a comment, and not explaining which flag, means people not familar with the name of the flag have to spend time to researching it.

      – Ramhound
      Feb 1 '17 at 15:51






    • 1





      @IporSircer, you can't use chrome://flags/, source: superuser.com/questions/1055741/…

      – PulseJet
      Feb 1 '17 at 16:32











    • uBlock Origin is also able to prevent WebRTC leaking, if you guys already have it installed

      – andromeda947
      Feb 5 '17 at 17:26














    6












    6








    6







    Disable WebRTC with extensions:



    In Firefox with addon Disable WebRTC or advanced users can use about:config to set media.peerconnection.enabled to false.



    In Chrome with extension WebRTC Leak Prevent






    share|improve this answer















    Disable WebRTC with extensions:



    In Firefox with addon Disable WebRTC or advanced users can use about:config to set media.peerconnection.enabled to false.



    In Chrome with extension WebRTC Leak Prevent







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited Feb 1 '17 at 16:40









    PulseJet

    1,8442830




    1,8442830










    answered Feb 1 '17 at 15:37









    Ipor SircerIpor Sircer

    3,43411014




    3,43411014








    • 1





      In firefox you don't even need a extension, tweak about:config is enough.

      – Sam
      Feb 1 '17 at 15:39






    • 2





      same to chrome, just tweaking chrome://flags/ But using extensions is easier for a person who couldn't find these settings by himself.

      – Ipor Sircer
      Feb 1 '17 at 15:42








    • 3





      @IporSircer - You should provide that information, within the body of your answer, for those not able to use extensions. Saying it's possible in a comment, and not explaining which flag, means people not familar with the name of the flag have to spend time to researching it.

      – Ramhound
      Feb 1 '17 at 15:51






    • 1





      @IporSircer, you can't use chrome://flags/, source: superuser.com/questions/1055741/…

      – PulseJet
      Feb 1 '17 at 16:32











    • uBlock Origin is also able to prevent WebRTC leaking, if you guys already have it installed

      – andromeda947
      Feb 5 '17 at 17:26














    • 1





      In firefox you don't even need a extension, tweak about:config is enough.

      – Sam
      Feb 1 '17 at 15:39






    • 2





      same to chrome, just tweaking chrome://flags/ But using extensions is easier for a person who couldn't find these settings by himself.

      – Ipor Sircer
      Feb 1 '17 at 15:42








    • 3





      @IporSircer - You should provide that information, within the body of your answer, for those not able to use extensions. Saying it's possible in a comment, and not explaining which flag, means people not familar with the name of the flag have to spend time to researching it.

      – Ramhound
      Feb 1 '17 at 15:51






    • 1





      @IporSircer, you can't use chrome://flags/, source: superuser.com/questions/1055741/…

      – PulseJet
      Feb 1 '17 at 16:32











    • uBlock Origin is also able to prevent WebRTC leaking, if you guys already have it installed

      – andromeda947
      Feb 5 '17 at 17:26








    1




    1





    In firefox you don't even need a extension, tweak about:config is enough.

    – Sam
    Feb 1 '17 at 15:39





    In firefox you don't even need a extension, tweak about:config is enough.

    – Sam
    Feb 1 '17 at 15:39




    2




    2





    same to chrome, just tweaking chrome://flags/ But using extensions is easier for a person who couldn't find these settings by himself.

    – Ipor Sircer
    Feb 1 '17 at 15:42







    same to chrome, just tweaking chrome://flags/ But using extensions is easier for a person who couldn't find these settings by himself.

    – Ipor Sircer
    Feb 1 '17 at 15:42






    3




    3





    @IporSircer - You should provide that information, within the body of your answer, for those not able to use extensions. Saying it's possible in a comment, and not explaining which flag, means people not familar with the name of the flag have to spend time to researching it.

    – Ramhound
    Feb 1 '17 at 15:51





    @IporSircer - You should provide that information, within the body of your answer, for those not able to use extensions. Saying it's possible in a comment, and not explaining which flag, means people not familar with the name of the flag have to spend time to researching it.

    – Ramhound
    Feb 1 '17 at 15:51




    1




    1





    @IporSircer, you can't use chrome://flags/, source: superuser.com/questions/1055741/…

    – PulseJet
    Feb 1 '17 at 16:32





    @IporSircer, you can't use chrome://flags/, source: superuser.com/questions/1055741/…

    – PulseJet
    Feb 1 '17 at 16:32













    uBlock Origin is also able to prevent WebRTC leaking, if you guys already have it installed

    – andromeda947
    Feb 5 '17 at 17:26





    uBlock Origin is also able to prevent WebRTC leaking, if you guys already have it installed

    – andromeda947
    Feb 5 '17 at 17:26













    0














    On chrome, if I go into incognito browsing mode the WebRTC extensions meant to block your local IP address don't work. They only work if you are not in incognito mode. So you have to chose, logging to your browser history but no local IP leak or incognito mode with local IP leak.






    share|improve this answer




























      0














      On chrome, if I go into incognito browsing mode the WebRTC extensions meant to block your local IP address don't work. They only work if you are not in incognito mode. So you have to chose, logging to your browser history but no local IP leak or incognito mode with local IP leak.






      share|improve this answer


























        0












        0








        0







        On chrome, if I go into incognito browsing mode the WebRTC extensions meant to block your local IP address don't work. They only work if you are not in incognito mode. So you have to chose, logging to your browser history but no local IP leak or incognito mode with local IP leak.






        share|improve this answer













        On chrome, if I go into incognito browsing mode the WebRTC extensions meant to block your local IP address don't work. They only work if you are not in incognito mode. So you have to chose, logging to your browser history but no local IP leak or incognito mode with local IP leak.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Jan 13 at 15:49









        PrivatePrivate

        1




        1






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Super User!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1174019%2fhow-can-i-reliably-prevent-my-local-ip-address-leaking-in-the-web-browsers%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            flock() on closed filehandle LOCK_FILE at /usr/bin/apt-mirror

            Mangá

            Eduardo VII do Reino Unido