Just a warning for anyone curious about its…functionality in that realm. A…cough, friend got it to prevent future infractions. With the VPN on and functional, IP changed and confirmed to be working as intended, a DMCA still got issued. Tread carefully, friends.
Update: After looking into the excessive DNS leaks I had when my VPN was on, I enabled “Turn off smart Multi-homed name resolution” and suddenly found no further leaks. Unsure if this is an actual solution, or just one with the appearance of such, but it’s not something I can exactly test easily. Time will hopefully have little to tell, but the precautionary tale remains that this VPN does not cover your tracks right out the box, or even with the initial recommended steps.
Binding and Killswitch? Not enough. DNS still leaks by default.
Bitdefender is excellent but I’m a little suspect of their VPN and Password Manager. It may be because they focus more on their enterprise customers, but those two products don’t seem to live up to the competition.
Something doesn’t sound right because a VPN is supposed to tunnel all of the traffic. There’s various leak test tools you can use, one being https://dnsleaktest.com. Try that with the vpn connected. If it says your ISP name then you have a leak.
Do you mean disabled multi-home name resolution? Otherwise what are you saying has no sense: basically when enabled windows os send dns request to all network interfaces and use the resolved IP from the faster one in response. To prevent dns leaks vpn apps usually set firewall rules to block other interfaces except the vpn interface.
Yes and yes. Neither seemed to do much of anything, sadly. This is also on a fresh Windows 11 install. Hardly any programs and only Bitdefender to do anything to my security settings.
Oh, their password manager is horrendous. I tried it once and it outright lost my passwords. It forced integration into my browser and then didn’t save the things I put into it. Had to reset ALL my passwords. Last time I ever used THAT service.
At least it’s included normally, though. I’m paying a lot extra for the VPN, and that’s clearly not a worthwhile endeavor.
With the VPN on, https://whatismyipaddress.com says my ISP is…well, not my ISP. It changes almost every time I turn it on, as it should. However, using dnsleak shows almost exclusively Comcast as my VPN. It only sometimes reports a different ISP at all. It’s also reporting the final 3 digits of my IP differently. Whatismyipaddress says it ends with .142 where DNS says .143. Unsure if relevant, there.
When I change locations to another state, I get fewer servers found, but the same issue occurs. Out of 3 results, 2 were my real ISP.
This is the very definition of a “misconfiguration” if you allow traffic over all interfaces then this is working exactly as intended. To the point of the software how is it supposed to know which interface is the bridge for your VPN?
Any time you’re working with a VPN software needs to know the correct route and interface to push traffic thru, if you allow traffic from your seed box/ torrent client to exit via all interfaces the torrent client is working exactly as intended.
Pretty much all VPN software redirect traffic through their own tunnel by default. Unless qBT does something special I don’t see why you would have to configure it manually. Seeing that other BT clients don’t do the same, it makes total sense to avoid qBT if you don’t want your IP leaked.
Absolutely not. Unless the VPN is on your gateway not all traffic is being redirected thru it. Only the traffic that is being generated via the client device is being pushed through the VPN. And in this case the interface that is using the VPN needs to have it binded, otherwise you’ll run the risk of broadcasting your I.P.
This is a conversation of should the VPN run on the gateway, or if it should run on a local client.
Hence why this is a misconfiguration due to not understanding how networking functions.
Source: I am a Network and security administrator.
I have never seen any VPN client (in the sense of commercial services, not “raw” VPN clients like WireGuard/OpenVPN) that doesn’t set itself as default gateway. The problem with qBT is that by default, it ignores the default gateway and blasts its announcements on all available interfaces, which may be useful for some niche scenarios, but is not at all useful for VPN users.