Is this a possible security issue with ISP / Captive Portal setting?
I noticed when running netstat that my machine was connecting to a server inside my ISP. Following the process ID back to task manager I traced it to Firefox and decided to run wireshark as I wasn't visiting any sites hosted by my ISP. The capture contained a HTTP packet to the same ISP server address with the response 'success'. I did some googling and found this was related to the captive portal function. I disabled the function in about:config and I no longer see any hits on the IP address at my ISP.
Is my ISP caching the page at http://detectportal.firefox.com/success.txt? And if so, would connecting to a VPN / Tor server without clearing the DNS cache mean they could match you up to your exit IP?
All Replies (4)
If they can see you they see your IP you can't hide it. Also we don't provide support or reply to VPN or Torr questions that is best directed to those providers.
To be honest I know the answers to the questions. My point is you've got a browser phoning home every 60 seconds and ISPs setup as a man in the middle caching the phone home page. Doesn't seem ideal to me from a security standpoint regardless of whether or not you answer VPN or Tor questions.
And you think your O/S isn't phoning home or your smart phone is phoning home. So your stint here is just that a stint and missing the bigger picture every smart device you have is phoning home-you just don't know it. If you want VPN or tor help you go to those site and ask for their support.
I don't need VPN or Tor help my friend. The thing is we do know about those devices / operating systems phoning home, it is common knowledge but maybe not so much with Firefox which is trusted by many as a safer alternative. I just thought it was interesting that the phone home page is being intercepted by a major national ISP and some people's browsers won't be phoning Mozilla every 60 seconds but someone they probably didn't expect. Forget Tor and VPN, it is just perhaps useful information to know.