Is real public IP Address hidden when using a system wide proxy in Windows 10?VPN client sees LAN computers but cannot connect to Internet via VPNIn windows 8, my proxy server settings get enabled automatically, how do I turn this off?web filter issue of my Telecom ISPWindows host file being ignored when using VPN or proxyDirecting VPN and RDP traffic through wireless connectionCreating log of when computer loses internet connectionCreate VPN server to tunnel traffic thru external proxy serverHow would I use HTTP proxies and virtual network interfaces with multiple VPN connections?Reset proxy settings by using a scriptOSX how to check if a specific app is leaking real ip when computer connected to VPN
Comma Code - Ch. 4 Automate the Boring Stuff
If a problem only occurs randomly once in every N times on average, how many tests do I have to perform to be certain that it's now fixed?
Does Peach's float negate shorthop knockback multipliers?
How to decline physical affection from a child whose parents are pressuring them?
Restoring order in a deck of playing cards (II)
PhD student with mental health issues and bad performance
What is a simple, physical situation where complex numbers emerge naturally?
Can a helicopter mask itself from radar?
I made a mistake ordering ground coffee - will Expresso ground coffee work for a French Press?
Have powerful mythological heroes ever run away or been deeply afraid?
How can I grammatically understand "Wir über uns"?
Is it a problem that pull requests are approved without any comments
Is there a term for this?
What if you don't bring your credit card or debit for incidentals?
Do I add my ability modifier to the damage of the bonus-action attack granted by the Crossbow Expert feat?
The term for the person/group a political party aligns themselves with to appear concerned about the general public
How to detach yourself from a character you're going to kill?
Relativistic resistance transformation
Was the 1959 Tibetan Uprising really an uprising?
What does War Machine's "Canopy! Canopy!" line mean in "Avengers: Endgame"?
Filling region bounded by multiple paths
Can those paralyzed by the Hold Person spell be forcibly moved?
Is there a way to save this session?
Can a magnetic field of a large body be stronger than its gravity?
Is real public IP Address hidden when using a system wide proxy in Windows 10?
VPN client sees LAN computers but cannot connect to Internet via VPNIn windows 8, my proxy server settings get enabled automatically, how do I turn this off?web filter issue of my Telecom ISPWindows host file being ignored when using VPN or proxyDirecting VPN and RDP traffic through wireless connectionCreating log of when computer loses internet connectionCreate VPN server to tunnel traffic thru external proxy serverHow would I use HTTP proxies and virtual network interfaces with multiple VPN connections?Reset proxy settings by using a scriptOSX how to check if a specific app is leaking real ip when computer connected to VPN
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
For example if I am using a free VPN(I know vpn and proxy not the same) and it looses the connection, for this short period of time my real IP is exposed, before connecting back to VPN again.
Does this occur if I am using proxy server setup in Windows 10 settings?
Settings -> Network & Internet -> Proxy
OR
Internetoptions -> “Connections” -> “LAN-Settings”->“Extended Options”
If yes, can I somehow prevent it from doing so.
networking windows-10 vpn proxy
edited May 24 at 18:27
Nikhil_CV
536315
asked May 24 at 17:05
OjavOjav
613
New contributor
Ojav is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
For example if I am using a free VPN(I know vpn and proxy not the same) and it looses the connection, for this short period of time my real IP is exposed, before connecting back to VPN again.
Does this occur if I am using proxy server setup in Windows 10 settings?
Settings -> Network & Internet -> Proxy
OR
Internetoptions -> “Connections” -> “LAN-Settings”->“Extended Options”
If yes, can I somehow prevent it from doing so.
networking windows-10 vpn proxy
edited May 24 at 18:27
Nikhil_CV
536315
asked May 24 at 17:05
OjavOjav
613
New contributor
Ojav is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
For example if I am using a free VPN(I know vpn and proxy not the same) and it looses the connection, for this short period of time my real IP is exposed, before connecting back to VPN again.
Does this occur if I am using proxy server setup in Windows 10 settings?
Settings -> Network & Internet -> Proxy
OR
Internetoptions -> “Connections” -> “LAN-Settings”->“Extended Options”
If yes, can I somehow prevent it from doing so.
networking windows-10 vpn proxy
edited May 24 at 18:27
Nikhil_CV
536315
asked May 24 at 17:05
OjavOjav
613
New contributor
Ojav is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
For example if I am using a free VPN(I know vpn and proxy not the same) and it looses the connection, for this short period of time my real IP is exposed, before connecting back to VPN again.
Does this occur if I am using proxy server setup in Windows 10 settings?
Settings -> Network & Internet -> Proxy
OR
Internetoptions -> “Connections” -> “LAN-Settings”->“Extended Options”
If yes, can I somehow prevent it from doing so.
networking windows-10 vpn proxy
networking windows-10 vpn proxy
edited May 24 at 18:27
Nikhil_CV
536315
asked May 24 at 17:05
OjavOjav
613
New contributor
Ojav is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited May 24 at 18:27
Nikhil_CV
536315
asked May 24 at 17:05
OjavOjav
613
New contributor
Ojav is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited May 24 at 18:27
Nikhil_CV
536315
edited May 24 at 18:27
Nikhil_CV
536315
edited May 24 at 18:27
Nikhil_CV
536315
536315
asked May 24 at 17:05
OjavOjav
613
New contributor
Ojav is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked May 24 at 17:05
OjavOjav
613
asked May 24 at 17:05
OjavOjav
613
613
New contributor
Ojav is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Ojav is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
4 Answers
4
active
oldest
votes
If you have the habit of using a VPN and are worried about being disconnected,
then there are VPN products that will start with Windows and that will
not allow any Internet connection that is not via the VPN.
Search in the VPN product you are using for such a setting, or change to another
product.
This gizmo article might help:
Best VPN Services for 2019.
answered May 24 at 18:41
harrymcharrymc
269k14279597
add a comment |
No. The proxy settings are 1) completely optional, 2) not applicable to most non-HTTP-based protocols. (For example, protocols built on top of UDP are outright incompatible with HTTP proxies.)
answered May 24 at 18:27
grawitygrawity
249k38526586
add a comment |
Other people have discussed the network side, so I will point out a different issue: Applications.
Even if you could set up an airtight network setup where your public IP is never exposed, that doesnt guarantee that an application you are running doesnt expose it. Even a program from a developer you trust can accidentally expose your information. An application might have a security flaw, a bug, the user misconfigured it, or even by design, which exposes the public IP of the user. Here is one example of this.
Unless you can sniff the unexcrypted packets being sent by an application, its really hard to tell what information they are sending.
answered May 24 at 19:07
KeltariKeltari
52.3k18120171
This is a little pessimistic. You could combine the VPN with some kind of NAT-like contraption, so that the only device aware of the "public IP" is the router(?) that is implementing the combined VPN/NAT functionality. The PC gets a private IP and has no idea it's even on a VPN. The private IP could be exposed, but since lots of IPv4 hosts are on NATs anyway, that's not terribly interesting to the average attacker.
– Kevin
May 25 at 4:55
@Kevin pessimistic or not, its true. It might not be in every case, but it is something to be mindful of.
– Keltari
May 26 at 16:58
@Kevin: It becomes quite interesting when the network also runs IPv6 (as the app might accidentally report your global IPv6 prefix).
– grawity
May 27 at 6:27
add a comment |
Does this occur if I am using proxy server setup in Windows 10 settings?
Yes.
If yes, can I somehow prevent it from doing so.
No.
There are several reasons for this:
The way a proxy works, is that instead of connecting to the server directly, you connect to the proxy and the proxy connects to the server. In order to do this, the proxy needs to understand the protocol you are using to connect to the server.
The particular settings you are talking about, are for web proxies, i.e. proxies that implement proxying for typical web protocols such as HTTP, HTTPS, FTP, FTPS, WS, WSS, and Gopher.
So, that should already tell you the first limitation: it only works for a limited set of protocols, i.e. for web protocols, IOW it only works for web browsing and related things, and not, for example, for Email, or Skype, or Teamspeak, or multiplayer games, or a myriad of other protocols.
Also, in order for the proxy to be used, an application has to actually, well, use the proxy. Internet Explorer and Edge, for example, they read those settings you talked about, but not every browser does. Some browsers have their own, browser-specific proxy settings.
Lastly, the protocol itself could contain the original IP address (or other identifying data) in encrypted form, and there is nothing the proxy can do about that. For example, the WhatsApp Messenger uses end-to-end encryption, so the proxy can not look inside the protocol. And the protocol is proprietary, so nobody knows what it actually sends. It is entirely possible that it might send the original IP address, or the telephone number.
So, in short:
- The use of the proxy is completely voluntary. Only applications which read those settings and want to use the proxy will use it.
- The proxy generally only works for web protocols.
- Applications may still send the IP address as part of the application protocol.
answered May 25 at 5:28
Jörg W MittagJörg W Mittag
3781713
1
There are two kinds of HTTPS proxies. The classic kind, which Windows InternetOptions +IE/Edge/etc is intended to support, creates a TCP-level relay with CONNECT, see RFC2817 sec5, then does HTTPS end-to-end over that relay, so server sees the (last) proxy IP but browser gets the real cert. You are talking about the newer kind of 'proxy' that is really an interceptor used by many organizations or people to 'inspect' traffic (for things like personal use, porn, malware, secret or restricted data) and those require browser trust the interceptor's (fake) CA cert. ...
– dave_thompson_085
May 25 at 7:36
1
... HTTP CONNECT could be used for other TCP-based protocols, but I don't know anything (at least on Windows) that does so.
– dave_thompson_085
May 25 at 7:37
@dave_thompson_085: Thanks. Removed. You're right, I completely forgot about that. The last time I set up a proxy was 20 years ago, and that was a filtering proxy, so it needed access to the content of both the request and the response.
– Jörg W Mittag
May 25 at 7:50
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "3"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Ojav is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1440863%2fis-real-public-ip-address-hidden-when-using-a-system-wide-proxy-in-windows-10%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
If you have the habit of using a VPN and are worried about being disconnected,
then there are VPN products that will start with Windows and that will
not allow any Internet connection that is not via the VPN.
Search in the VPN product you are using for such a setting, or change to another
product.
This gizmo article might help:
Best VPN Services for 2019.
answered May 24 at 18:41
harrymcharrymc
269k14279597
add a comment |
If you have the habit of using a VPN and are worried about being disconnected,
then there are VPN products that will start with Windows and that will
not allow any Internet connection that is not via the VPN.
Search in the VPN product you are using for such a setting, or change to another
product.
This gizmo article might help:
Best VPN Services for 2019.
answered May 24 at 18:41
harrymcharrymc
269k14279597
add a comment |
If you have the habit of using a VPN and are worried about being disconnected,
then there are VPN products that will start with Windows and that will
not allow any Internet connection that is not via the VPN.
Search in the VPN product you are using for such a setting, or change to another
product.
This gizmo article might help:
Best VPN Services for 2019.
answered May 24 at 18:41
harrymcharrymc
269k14279597
If you have the habit of using a VPN and are worried about being disconnected,
then there are VPN products that will start with Windows and that will
not allow any Internet connection that is not via the VPN.
Search in the VPN product you are using for such a setting, or change to another
product.
This gizmo article might help:
Best VPN Services for 2019.
answered May 24 at 18:41
harrymcharrymc
269k14279597
edited May 25 at 8:28
answered May 24 at 18:41
harrymcharrymc
269k14279597
answered May 24 at 18:41
harrymcharrymc
269k14279597
answered May 24 at 18:41
harrymcharrymc
269k14279597
269k14279597
add a comment |
add a comment |
No. The proxy settings are 1) completely optional, 2) not applicable to most non-HTTP-based protocols. (For example, protocols built on top of UDP are outright incompatible with HTTP proxies.)
answered May 24 at 18:27
grawitygrawity
249k38526586
add a comment |
No. The proxy settings are 1) completely optional, 2) not applicable to most non-HTTP-based protocols. (For example, protocols built on top of UDP are outright incompatible with HTTP proxies.)
answered May 24 at 18:27
grawitygrawity
249k38526586
add a comment |
No. The proxy settings are 1) completely optional, 2) not applicable to most non-HTTP-based protocols. (For example, protocols built on top of UDP are outright incompatible with HTTP proxies.)
answered May 24 at 18:27
grawitygrawity
249k38526586
No. The proxy settings are 1) completely optional, 2) not applicable to most non-HTTP-based protocols. (For example, protocols built on top of UDP are outright incompatible with HTTP proxies.)
answered May 24 at 18:27
grawitygrawity
249k38526586
answered May 24 at 18:27
grawitygrawity
249k38526586
answered May 24 at 18:27
grawitygrawity
249k38526586
answered May 24 at 18:27
grawitygrawity
249k38526586
249k38526586
add a comment |
add a comment |
Other people have discussed the network side, so I will point out a different issue: Applications.
Even if you could set up an airtight network setup where your public IP is never exposed, that doesnt guarantee that an application you are running doesnt expose it. Even a program from a developer you trust can accidentally expose your information. An application might have a security flaw, a bug, the user misconfigured it, or even by design, which exposes the public IP of the user. Here is one example of this.
Unless you can sniff the unexcrypted packets being sent by an application, its really hard to tell what information they are sending.
answered May 24 at 19:07
KeltariKeltari
52.3k18120171
This is a little pessimistic. You could combine the VPN with some kind of NAT-like contraption, so that the only device aware of the "public IP" is the router(?) that is implementing the combined VPN/NAT functionality. The PC gets a private IP and has no idea it's even on a VPN. The private IP could be exposed, but since lots of IPv4 hosts are on NATs anyway, that's not terribly interesting to the average attacker.
– Kevin
May 25 at 4:55
@Kevin pessimistic or not, its true. It might not be in every case, but it is something to be mindful of.
– Keltari
May 26 at 16:58
@Kevin: It becomes quite interesting when the network also runs IPv6 (as the app might accidentally report your global IPv6 prefix).
– grawity
May 27 at 6:27
add a comment |
Other people have discussed the network side, so I will point out a different issue: Applications.
Even if you could set up an airtight network setup where your public IP is never exposed, that doesnt guarantee that an application you are running doesnt expose it. Even a program from a developer you trust can accidentally expose your information. An application might have a security flaw, a bug, the user misconfigured it, or even by design, which exposes the public IP of the user. Here is one example of this.
Unless you can sniff the unexcrypted packets being sent by an application, its really hard to tell what information they are sending.
answered May 24 at 19:07
KeltariKeltari
52.3k18120171
This is a little pessimistic. You could combine the VPN with some kind of NAT-like contraption, so that the only device aware of the "public IP" is the router(?) that is implementing the combined VPN/NAT functionality. The PC gets a private IP and has no idea it's even on a VPN. The private IP could be exposed, but since lots of IPv4 hosts are on NATs anyway, that's not terribly interesting to the average attacker.
– Kevin
May 25 at 4:55
@Kevin pessimistic or not, its true. It might not be in every case, but it is something to be mindful of.
– Keltari
May 26 at 16:58
@Kevin: It becomes quite interesting when the network also runs IPv6 (as the app might accidentally report your global IPv6 prefix).
– grawity
May 27 at 6:27
add a comment |
Other people have discussed the network side, so I will point out a different issue: Applications.
Even if you could set up an airtight network setup where your public IP is never exposed, that doesnt guarantee that an application you are running doesnt expose it. Even a program from a developer you trust can accidentally expose your information. An application might have a security flaw, a bug, the user misconfigured it, or even by design, which exposes the public IP of the user. Here is one example of this.
Unless you can sniff the unexcrypted packets being sent by an application, its really hard to tell what information they are sending.
answered May 24 at 19:07
KeltariKeltari
52.3k18120171
Other people have discussed the network side, so I will point out a different issue: Applications.
Even if you could set up an airtight network setup where your public IP is never exposed, that doesnt guarantee that an application you are running doesnt expose it. Even a program from a developer you trust can accidentally expose your information. An application might have a security flaw, a bug, the user misconfigured it, or even by design, which exposes the public IP of the user. Here is one example of this.
Unless you can sniff the unexcrypted packets being sent by an application, its really hard to tell what information they are sending.
answered May 24 at 19:07
KeltariKeltari
52.3k18120171
answered May 24 at 19:07
KeltariKeltari
52.3k18120171
answered May 24 at 19:07
KeltariKeltari
52.3k18120171
answered May 24 at 19:07
KeltariKeltari
52.3k18120171
52.3k18120171
This is a little pessimistic. You could combine the VPN with some kind of NAT-like contraption, so that the only device aware of the "public IP" is the router(?) that is implementing the combined VPN/NAT functionality. The PC gets a private IP and has no idea it's even on a VPN. The private IP could be exposed, but since lots of IPv4 hosts are on NATs anyway, that's not terribly interesting to the average attacker.
– Kevin
May 25 at 4:55
@Kevin pessimistic or not, its true. It might not be in every case, but it is something to be mindful of.
– Keltari
May 26 at 16:58
@Kevin: It becomes quite interesting when the network also runs IPv6 (as the app might accidentally report your global IPv6 prefix).
– grawity
May 27 at 6:27
add a comment |
This is a little pessimistic. You could combine the VPN with some kind of NAT-like contraption, so that the only device aware of the "public IP" is the router(?) that is implementing the combined VPN/NAT functionality. The PC gets a private IP and has no idea it's even on a VPN. The private IP could be exposed, but since lots of IPv4 hosts are on NATs anyway, that's not terribly interesting to the average attacker.
– Kevin
May 25 at 4:55
@Kevin pessimistic or not, its true. It might not be in every case, but it is something to be mindful of.
– Keltari
May 26 at 16:58
@Kevin: It becomes quite interesting when the network also runs IPv6 (as the app might accidentally report your global IPv6 prefix).
– grawity
May 27 at 6:27
This is a little pessimistic. You could combine the VPN with some kind of NAT-like contraption, so that the only device aware of the "public IP" is the router(?) that is implementing the combined VPN/NAT functionality. The PC gets a private IP and has no idea it's even on a VPN. The private IP could be exposed, but since lots of IPv4 hosts are on NATs anyway, that's not terribly interesting to the average attacker.
– Kevin
May 25 at 4:55
This is a little pessimistic. You could combine the VPN with some kind of NAT-like contraption, so that the only device aware of the "public IP" is the router(?) that is implementing the combined VPN/NAT functionality. The PC gets a private IP and has no idea it's even on a VPN. The private IP could be exposed, but since lots of IPv4 hosts are on NATs anyway, that's not terribly interesting to the average attacker.
– Kevin
May 25 at 4:55
@Kevin pessimistic or not, its true. It might not be in every case, but it is something to be mindful of.
– Keltari
May 26 at 16:58
@Kevin pessimistic or not, its true. It might not be in every case, but it is something to be mindful of.
– Keltari
May 26 at 16:58
@Kevin: It becomes quite interesting when the network also runs IPv6 (as the app might accidentally report your global IPv6 prefix).
– grawity
May 27 at 6:27
@Kevin: It becomes quite interesting when the network also runs IPv6 (as the app might accidentally report your global IPv6 prefix).
– grawity
May 27 at 6:27
add a comment |
Does this occur if I am using proxy server setup in Windows 10 settings?
Yes.
If yes, can I somehow prevent it from doing so.
No.
There are several reasons for this:
The way a proxy works, is that instead of connecting to the server directly, you connect to the proxy and the proxy connects to the server. In order to do this, the proxy needs to understand the protocol you are using to connect to the server.
The particular settings you are talking about, are for web proxies, i.e. proxies that implement proxying for typical web protocols such as HTTP, HTTPS, FTP, FTPS, WS, WSS, and Gopher.
So, that should already tell you the first limitation: it only works for a limited set of protocols, i.e. for web protocols, IOW it only works for web browsing and related things, and not, for example, for Email, or Skype, or Teamspeak, or multiplayer games, or a myriad of other protocols.
Also, in order for the proxy to be used, an application has to actually, well, use the proxy. Internet Explorer and Edge, for example, they read those settings you talked about, but not every browser does. Some browsers have their own, browser-specific proxy settings.
Lastly, the protocol itself could contain the original IP address (or other identifying data) in encrypted form, and there is nothing the proxy can do about that. For example, the WhatsApp Messenger uses end-to-end encryption, so the proxy can not look inside the protocol. And the protocol is proprietary, so nobody knows what it actually sends. It is entirely possible that it might send the original IP address, or the telephone number.
So, in short:
- The use of the proxy is completely voluntary. Only applications which read those settings and want to use the proxy will use it.
- The proxy generally only works for web protocols.
- Applications may still send the IP address as part of the application protocol.
answered May 25 at 5:28
Jörg W MittagJörg W Mittag
3781713
1
There are two kinds of HTTPS proxies. The classic kind, which Windows InternetOptions +IE/Edge/etc is intended to support, creates a TCP-level relay with CONNECT, see RFC2817 sec5, then does HTTPS end-to-end over that relay, so server sees the (last) proxy IP but browser gets the real cert. You are talking about the newer kind of 'proxy' that is really an interceptor used by many organizations or people to 'inspect' traffic (for things like personal use, porn, malware, secret or restricted data) and those require browser trust the interceptor's (fake) CA cert. ...
– dave_thompson_085
May 25 at 7:36
1
... HTTP CONNECT could be used for other TCP-based protocols, but I don't know anything (at least on Windows) that does so.
– dave_thompson_085
May 25 at 7:37
@dave_thompson_085: Thanks. Removed. You're right, I completely forgot about that. The last time I set up a proxy was 20 years ago, and that was a filtering proxy, so it needed access to the content of both the request and the response.
– Jörg W Mittag
May 25 at 7:50
add a comment |
Does this occur if I am using proxy server setup in Windows 10 settings?
Yes.
If yes, can I somehow prevent it from doing so.
No.
There are several reasons for this:
The way a proxy works, is that instead of connecting to the server directly, you connect to the proxy and the proxy connects to the server. In order to do this, the proxy needs to understand the protocol you are using to connect to the server.
The particular settings you are talking about, are for web proxies, i.e. proxies that implement proxying for typical web protocols such as HTTP, HTTPS, FTP, FTPS, WS, WSS, and Gopher.
So, that should already tell you the first limitation: it only works for a limited set of protocols, i.e. for web protocols, IOW it only works for web browsing and related things, and not, for example, for Email, or Skype, or Teamspeak, or multiplayer games, or a myriad of other protocols.
Also, in order for the proxy to be used, an application has to actually, well, use the proxy. Internet Explorer and Edge, for example, they read those settings you talked about, but not every browser does. Some browsers have their own, browser-specific proxy settings.
Lastly, the protocol itself could contain the original IP address (or other identifying data) in encrypted form, and there is nothing the proxy can do about that. For example, the WhatsApp Messenger uses end-to-end encryption, so the proxy can not look inside the protocol. And the protocol is proprietary, so nobody knows what it actually sends. It is entirely possible that it might send the original IP address, or the telephone number.
So, in short:
- The use of the proxy is completely voluntary. Only applications which read those settings and want to use the proxy will use it.
- The proxy generally only works for web protocols.
- Applications may still send the IP address as part of the application protocol.
answered May 25 at 5:28
Jörg W MittagJörg W Mittag
3781713
1
There are two kinds of HTTPS proxies. The classic kind, which Windows InternetOptions +IE/Edge/etc is intended to support, creates a TCP-level relay with CONNECT, see RFC2817 sec5, then does HTTPS end-to-end over that relay, so server sees the (last) proxy IP but browser gets the real cert. You are talking about the newer kind of 'proxy' that is really an interceptor used by many organizations or people to 'inspect' traffic (for things like personal use, porn, malware, secret or restricted data) and those require browser trust the interceptor's (fake) CA cert. ...
– dave_thompson_085
May 25 at 7:36
1
... HTTP CONNECT could be used for other TCP-based protocols, but I don't know anything (at least on Windows) that does so.
– dave_thompson_085
May 25 at 7:37
@dave_thompson_085: Thanks. Removed. You're right, I completely forgot about that. The last time I set up a proxy was 20 years ago, and that was a filtering proxy, so it needed access to the content of both the request and the response.
– Jörg W Mittag
May 25 at 7:50
add a comment |
Does this occur if I am using proxy server setup in Windows 10 settings?
Yes.
If yes, can I somehow prevent it from doing so.
No.
There are several reasons for this:
The way a proxy works, is that instead of connecting to the server directly, you connect to the proxy and the proxy connects to the server. In order to do this, the proxy needs to understand the protocol you are using to connect to the server.
The particular settings you are talking about, are for web proxies, i.e. proxies that implement proxying for typical web protocols such as HTTP, HTTPS, FTP, FTPS, WS, WSS, and Gopher.
So, that should already tell you the first limitation: it only works for a limited set of protocols, i.e. for web protocols, IOW it only works for web browsing and related things, and not, for example, for Email, or Skype, or Teamspeak, or multiplayer games, or a myriad of other protocols.
Also, in order for the proxy to be used, an application has to actually, well, use the proxy. Internet Explorer and Edge, for example, they read those settings you talked about, but not every browser does. Some browsers have their own, browser-specific proxy settings.
Lastly, the protocol itself could contain the original IP address (or other identifying data) in encrypted form, and there is nothing the proxy can do about that. For example, the WhatsApp Messenger uses end-to-end encryption, so the proxy can not look inside the protocol. And the protocol is proprietary, so nobody knows what it actually sends. It is entirely possible that it might send the original IP address, or the telephone number.
So, in short:
- The use of the proxy is completely voluntary. Only applications which read those settings and want to use the proxy will use it.
- The proxy generally only works for web protocols.
- Applications may still send the IP address as part of the application protocol.
answered May 25 at 5:28
Jörg W MittagJörg W Mittag
3781713
Does this occur if I am using proxy server setup in Windows 10 settings?
Yes.
If yes, can I somehow prevent it from doing so.
No.
There are several reasons for this:
The way a proxy works, is that instead of connecting to the server directly, you connect to the proxy and the proxy connects to the server. In order to do this, the proxy needs to understand the protocol you are using to connect to the server.
The particular settings you are talking about, are for web proxies, i.e. proxies that implement proxying for typical web protocols such as HTTP, HTTPS, FTP, FTPS, WS, WSS, and Gopher.
So, that should already tell you the first limitation: it only works for a limited set of protocols, i.e. for web protocols, IOW it only works for web browsing and related things, and not, for example, for Email, or Skype, or Teamspeak, or multiplayer games, or a myriad of other protocols.
Also, in order for the proxy to be used, an application has to actually, well, use the proxy. Internet Explorer and Edge, for example, they read those settings you talked about, but not every browser does. Some browsers have their own, browser-specific proxy settings.
Lastly, the protocol itself could contain the original IP address (or other identifying data) in encrypted form, and there is nothing the proxy can do about that. For example, the WhatsApp Messenger uses end-to-end encryption, so the proxy can not look inside the protocol. And the protocol is proprietary, so nobody knows what it actually sends. It is entirely possible that it might send the original IP address, or the telephone number.
So, in short:
- The use of the proxy is completely voluntary. Only applications which read those settings and want to use the proxy will use it.
- The proxy generally only works for web protocols.
- Applications may still send the IP address as part of the application protocol.
answered May 25 at 5:28
Jörg W MittagJörg W Mittag
3781713
edited May 25 at 7:49
answered May 25 at 5:28
Jörg W MittagJörg W Mittag
3781713
answered May 25 at 5:28
Jörg W MittagJörg W Mittag
3781713
answered May 25 at 5:28
Jörg W MittagJörg W Mittag
3781713
3781713
1
There are two kinds of HTTPS proxies. The classic kind, which Windows InternetOptions +IE/Edge/etc is intended to support, creates a TCP-level relay with CONNECT, see RFC2817 sec5, then does HTTPS end-to-end over that relay, so server sees the (last) proxy IP but browser gets the real cert. You are talking about the newer kind of 'proxy' that is really an interceptor used by many organizations or people to 'inspect' traffic (for things like personal use, porn, malware, secret or restricted data) and those require browser trust the interceptor's (fake) CA cert. ...
– dave_thompson_085
May 25 at 7:36
1
... HTTP CONNECT could be used for other TCP-based protocols, but I don't know anything (at least on Windows) that does so.
– dave_thompson_085
May 25 at 7:37
@dave_thompson_085: Thanks. Removed. You're right, I completely forgot about that. The last time I set up a proxy was 20 years ago, and that was a filtering proxy, so it needed access to the content of both the request and the response.
– Jörg W Mittag
May 25 at 7:50
add a comment |
1
There are two kinds of HTTPS proxies. The classic kind, which Windows InternetOptions +IE/Edge/etc is intended to support, creates a TCP-level relay with CONNECT, see RFC2817 sec5, then does HTTPS end-to-end over that relay, so server sees the (last) proxy IP but browser gets the real cert. You are talking about the newer kind of 'proxy' that is really an interceptor used by many organizations or people to 'inspect' traffic (for things like personal use, porn, malware, secret or restricted data) and those require browser trust the interceptor's (fake) CA cert. ...
– dave_thompson_085
May 25 at 7:36
1
... HTTP CONNECT could be used for other TCP-based protocols, but I don't know anything (at least on Windows) that does so.
– dave_thompson_085
May 25 at 7:37
@dave_thompson_085: Thanks. Removed. You're right, I completely forgot about that. The last time I set up a proxy was 20 years ago, and that was a filtering proxy, so it needed access to the content of both the request and the response.
– Jörg W Mittag
May 25 at 7:50
1
1
There are two kinds of HTTPS proxies. The classic kind, which Windows InternetOptions +IE/Edge/etc is intended to support, creates a TCP-level relay with CONNECT, see RFC2817 sec5, then does HTTPS end-to-end over that relay, so server sees the (last) proxy IP but browser gets the real cert. You are talking about the newer kind of 'proxy' that is really an interceptor used by many organizations or people to 'inspect' traffic (for things like personal use, porn, malware, secret or restricted data) and those require browser trust the interceptor's (fake) CA cert. ...
– dave_thompson_085
May 25 at 7:36
There are two kinds of HTTPS proxies. The classic kind, which Windows InternetOptions +IE/Edge/etc is intended to support, creates a TCP-level relay with CONNECT, see RFC2817 sec5, then does HTTPS end-to-end over that relay, so server sees the (last) proxy IP but browser gets the real cert. You are talking about the newer kind of 'proxy' that is really an interceptor used by many organizations or people to 'inspect' traffic (for things like personal use, porn, malware, secret or restricted data) and those require browser trust the interceptor's (fake) CA cert. ...
– dave_thompson_085
May 25 at 7:36
1
1
... HTTP CONNECT could be used for other TCP-based protocols, but I don't know anything (at least on Windows) that does so.
– dave_thompson_085
May 25 at 7:37
... HTTP CONNECT could be used for other TCP-based protocols, but I don't know anything (at least on Windows) that does so.
– dave_thompson_085
May 25 at 7:37
@dave_thompson_085: Thanks. Removed. You're right, I completely forgot about that. The last time I set up a proxy was 20 years ago, and that was a filtering proxy, so it needed access to the content of both the request and the response.
– Jörg W Mittag
May 25 at 7:50
@dave_thompson_085: Thanks. Removed. You're right, I completely forgot about that. The last time I set up a proxy was 20 years ago, and that was a filtering proxy, so it needed access to the content of both the request and the response.
– Jörg W Mittag
May 25 at 7:50
add a comment |
Ojav is a new contributor. Be nice, and check out our Code of Conduct.
Ojav is a new contributor. Be nice, and check out our Code of Conduct.
Ojav is a new contributor. Be nice, and check out our Code of Conduct.
Ojav is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1440863%2fis-real-public-ip-address-hidden-when-using-a-system-wide-proxy-in-windows-10%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown