* Stella Ashburne <[email protected]>: > Hi > > Below is a partial log after my machine has connected successfully to my VPN > provider's server: > > 2021-11-20 09:18:08 us=74921 Outgoing Data Channel: Cipher 'AES-256-GCM' > initialized with 256 bit key > 2021-11-20 09:18:08 us=74956 Incoming Data Channel: Cipher 'AES-256-GCM' > initialized with 256 bit key > 2021-11-20 09:18:08 us=75010 net_route_v4_best_gw query: dst 0.0.0.0 > 2021-11-20 09:18:08 us=75225 net_route_v4_best_gw result: via 192.168.0.1 dev > enp850kd > 2021-11-20 09:18:08 us=75299 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 > IFACE=enp850kd HWADDR=25:d3:a1:0e:6c:13 > > Am I correct to say that my VPN provider can store personally identifiable > information such as IFACE and HWADDR to fingerprint me?
No. It's merely in your log. > To mitigate the fingerprinting, is it possible to prevent the details of > IFACE and HWADDR from being transmitted to my VPN provider? It's not transmitted. On my server's log: # egrep "(IFACE|HWADDR)" /var/log/syslog /var/log/daemon.log # BUT if you care about fingerprinting, check the IV_* variables, example: ip.add.re.ss:49786 peer info: IV_VER=3.git::58b92569 ip.add.re.ss:49786 peer info: IV_PLAT=ios ip.add.re.ss:49786 peer info: IV_NCP=2 ip.add.re.ss:49786 peer info: IV_TCPNL=1 ip.add.re.ss:49786 peer info: IV_PROTO=2 ip.add.re.ss:49786 peer info: IV_LZO_STUB=1 ip.add.re.ss:49786 peer info: IV_COMP_STUB=1 ip.add.re.ss:49786 peer info: IV_COMP_STUBv2=1 ip.add.re.ss:49786 peer info: IV_GUI_VER=net.openvpn.connect.ios_3.2.3-3760 ip.add.re.ss:49786 peer info: IV_SSO=openurl -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 [email protected] https://www.charite.de _______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
