TrackDestinationIp should not be redacted

[SSgumS]

Hello

What is the point of tracking the destination IP when it is redacted?

In the case we want to monitor the destinations our clients connect, this option should do its job correctly and not track them in a redacted way.

Thanks

[trudyhood]

Hi, that's a good question. I created this page for you: https://github.com/vpnhood/VpnHood/wiki/Why-does-VpnHood-redact-Destination-IPs

[SSgumS]

Thanks for the explanation. I see your point, but I don’t quite agree.

In spite of the article's claim, I think VPNHood's method of redacting IPs is unlikely to be useful for analysis. How about hashing the destination IPs with a fast algorithm? Analysis could be more effective with hashing and users' privacy can still be protected.

[trudyhood]

What's the point of hashing the IPs? for example, we use this redacted IP in the following cases:

• The infringement report. the Digital Millennium Copyright Act (DMCA) report us some IPs and we can followup with redacted IPs
• We can detect NetScan or attack to a range of ips like x.x.x.1 x.x.x.2 x.x.x.3

These are not possible with hash

[trudyhood]

My mistake. The infringement can follow up by hashes.

[SSgumS]

Both can be done with hashes. You should only create a dictionary of your desired IPs and their hashes. Then you can search them through the log. But with the current approach, lots of overlapping (first-part)+(last-part) redacted IPs could exist.

[trudyhood]

Also, a hash can be recoverable for IPv4 because the IP range is just 32 and all destinations can be recovered by brute force.

[SSgumS]

Also, a hash can be recoverable for IPv4 because the IP range is just 32 and all destinations can be recovered by brute force.

You're right, but a person who wants raw IPs would not use brute force or similar attacks. They would simply change the source code and recompile it for themselves. However, it may be problematic if the logs are breached.

[SSgumS]

Logging the destination IP is disabled by default and you can even not mention the option of enabling it in the wiki to narrow down the scope of people knowing about it. By the way, you are the boss. Just tried to brainstorm with you for a better balance between privacy and usefulness.

[trudyhood]

Yup, The one who was looking for that can achieve in many different ways, and it is our control. However, we can save many people by ordinary server runners from breaching their servers and so on. You are alwasy welcome to share any ideas you have.