Does your ISP associate your IP Address with a Reverse DNS?

Topic

New Reply

I never really paid attention to this, but recently I have been using a VPN so I was paying closer attention to the details.  My current VPN does not display this info.

But it turns out that my ISP shows a reverse DNS name for my IP address.  I have a dynamic IP, but my ISP seems to keep renewing the same IP address, even if I perform a “release/renew” in my router.  Without a VPN I guess this makes me uniquely identifiable to any server I connect to, anonymous or otherwise.

You can go the the home page of “Shields Up” at Gibson Research to see what you are exposing on the net.  The first page shows the presence of your “Reverse DNS”, if it exists.

https://www.grc.com/x/ne.dll?bh0bkyd2

“Many Internet connection IP addresses are associated with a DNS machine name. The presence of “Reverse DNS”, which allows the machine name to be retrieved from the IP address, can represent a privacy and possible security concern for Internet consumers since it may uniquely and persistently identify your Internet account — and therefore you — and may disclose other information, such as your geographic location.”

 

Windows 10 Pro 22H2

4 users thanked author for this post.

Fred, Elly, MrBrian, Kirsty

Reply | Quote

Replies

If you use a router, you can perhaps change its MAC address to try to force an IP change.

Reply | Quote

Interesting thought, but probably not practical to do update your router every time you log onto your computer.

I prefer my VPN now anyway.  Different IP address every time I connect, and no reverse DNS.

Just thought this info should be shared, because it’s not that obvious.

This issue really presents another level of tracking. so no matter what ad blockers you run or how many cookies you delete in your browser, your internet account can be uniquely and persistently identified… it’s like a super cookie.

Windows 10 Pro 22H2

1 user thanked author for this post.

Fred

Reply | Quote

You might want to spend a few minutes reading this topic from a few days ago: https://forum.palemoon.org/viewtopic.php?f=26&t=16114

Assuming an xDSL connection, an IP change can usually be forced if you disconnect the modem for longer than 30 minutes.

2 users thanked author for this post.

HiFlyer, Kirsty

Reply | Quote

You all have completely missed the point!  I was not asking for help in forcing an IP change.

I am calling attention to the privacy leak provided by your ISP through reverse DNS.

I already have a solution, but just thought that others should be aware of this.

I was using the “sticky” IP change to illustrate how persistent YOUR IP may be and the possible consequences of the reverse DNS machine name assigned to your ISP account.  You can be tracked everywhere you go, even in incognito browsing mode, or whatever.

Windows 10 Pro 22H2

3 users thanked author for this post.

Elly, HiFlyer, MrJimPhelps

Reply | Quote

I am afraid I don’t understand your point if forcing an IP addy change wasn’t what you were talking about.  The reverse DNS simply tells who owns the DNS address, which is the ISP… so remote servers can track you back to that ISP and to the physical location of your point of presence, but if the IP associated changes, any profile that was assembled on your old IP addy (hopefully) becomes irrelevant.  The ability to track the IP back to the ISP and approximate location would be possible even if there is no reverse DNS resolution, as the IP block in question can usually be traced back to a given data center, which physically locates your internet point of presence anyway.

Along with other clues like your useragent string (which contains your browser choice, OS, etc.), your time zone offset from UTC, your screen resolution, color depth, fonts installed, and other assorted things that your browser will happily report (and these things have legitimate purposes), a fair guess can often be made by certain analytics scripts to link any IP representing “you” at a given time back to the profile data that has been gathered on you.

There are several dirty tricks that can establish a persistent ID even though you may clear cookies and take precautionary measures like making sure you do change your IP often, and while the browser makers have talked about blocking the ability to fingerprint the browser, they haven’t all been done yet.  Tracing the IP back to its owner is only one of a bunch of data points that can be used to track you in the absence of more pedestrian means (cookies, usually).

As I’ve read, Tor works pretty well to prevent browser fingerprinting (by design), but I’ve read that a lot of sites reject connections to Tor, whether it be because of its association with the dark web or just because they really, really don’t like users who are working to block the theft of their personal data (and yes, if you’ve made it clear that you do not wish to be tracked and you are anyway, I consider that to be data theft.  It has value, you’ve said NO, you may not have it, and they take it anyway).

I’ve never used Tor myself… I use Firefox (well, currently, I use Pale Moon and Waterfox; I am beginning to move away from Firefox proper since it will be cutting off most of the addons I won’t live without within the year).  I use NoScript, which can be a real pain sometimes, but it will (as far as I know, at least) block the analytics scripts that advertackers (is that a word?  If not, it should be) use to bypass our personal data security measures.

In the past, “AddThis” has been one of the names tossed around as a particular offender in terms of trying to penetrate people’s anti-tracking measures, first by using Flash LSOs (local storage objects, sometimes called “supercookies” because normal cookie deletion won’t clear them), then by using fingerprinting techniques to track a user back to his previously-assembled profile (and reissuing a tracking cookie to that effect, though it may just be deleted again).

So…. well, yeah.  Your IP can narrow you down to your ISP and approximate location, but it’s just one of many data points that collectively identify you as you.  That’s the world we live in… it’s illegal in the USA to even try to bypass protection of copyrighted material, even if you’re doing so for legitimately-obtained data and for purposes already established as fair use, but to try to bypass the protection of our personal data, our very lives… why, have at it, advertackers!  It’s yours for the plundering.  Ahoy, matey!

Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon 6.2
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, Kubuntu 24.04
Acer Swift Go 14, i5-1335U/16GB, Kubuntu 24.04 (and Win 11)

3 users thanked author for this post.

MrBrian, Kirsty, satrow

Reply | Quote

OK, forcing a public IP address change works by releasing the network from the router, and then changing the MAC address in the router.

Not something I want to do every day!

I had recently observed that I was still using the same public IP address since last year!  Not something you would think about normally, but worth considering how it works.

Windows 10 Pro 22H2

Reply | Quote

JohnW wrote:

OK, forcing a public IP address change works by releasing the network from the router, and then changing the MAC address in the router.

The method I suggested in #124913 disconnects your network from the ISP, no MAC change needed.

Reply | Quote

FYI, my VPN solves this issue for me.  No leaks whatsoever.

https://browserleaks.com/

https://ipleak.net/

https://www.grc.com/x/ne.dll?bh0bkyd2

Windows 10 Pro 22H2

2 users thanked author for this post.

Elly, HiFlyer

Reply | Quote

Your post may have been more helpful to others here had you named your VPN, or at least told us whether it was paid, free or one that you rolled yourself. Teasing us with “my VPN” isn’t really sharing the info

1 user thanked author for this post.

JohnW

Reply | Quote

satrow wrote:

Your post may have been more helpful to others here had you named your VPN, or at least told us whether it was paid, free or one that you rolled yourself. Teasing us with “my VPN” isn’t really sharing the info

I am using Windscribe, a Canadian based service.  https://windscribe.com/

It is a newcomer as of last year, but it seems very good so far.  They have the best free deal around.  10GB/month for free!!!  The Firewall works like a kill switch for your network in case the VPN connection drops, and this is also available in the free version.

I upgraded to the pro account for a one year special price (unlimited bandwidth, devices, and a lot more servers) so I could use the VPN on my Android.  They are working on a native app, but for now you must use OpenVPN for Android.  Windscribe will let you download your config file from your pro account and you can setup OpenVPN with this.  Not too painful, and seems to work well.

Passes all my privacy and leak test requirements.  Network speed scores and ping times are good, and usually no latency while surfing the web.

Windows 10 Pro 22H2

1 user thanked author for this post.

satrow

Reply | Quote

Thanks John, good info!

From their site, it looks like the DNS leak blocking isn’t restricted to the pay version, bonus

Reply | Quote

Yup! They supply their own DNS servers.

And their Windows client (free/paid) has a feature to allow LAN traffic while the Firewall is active and the VPN is connected.  Useful if at home, but probably wise to disable when using a public hotspot.  Firewall settings available are Manual, Automatic, and Always On.

Version comparison:

https://windscribe.com/upgrade

Windows 10 Pro 22H2

1 user thanked author for this post.

satrow

Reply | Quote

satrow wrote:

JohnW wrote:

OK, forcing a public IP address change works by releasing the network from the router, and then changing the MAC address in the router.

The method I suggested in #124913 disconnects your network from the ISP, no MAC change needed.

Yeah, well I’m on high speed cable internet, not xDSL.  Besides it doesn’t take 30 mins to change the MAC address in the router.

It sure ain’t like the good ol days of dial-up, where you got a new IP each time you dialed in, LOL! 

Windows 10 Pro 22H2

Reply | Quote