What is DNS leak and how to prevent it?

02/25/2017
What is DNS leak and how to prevent it?

DNS leak is one of the major vulnerabilities discovered for people using VPNs. By using it, our real IP address can be obtained through the Internet, and the network provider can know the sites that we visit. Everything by sending without our knowledge of queries to DNS servers without VPN mediation.

What is DNS leak?

Even the best VPN will not always be able to guarantee 100% protection if the user's system or software used will cause security vulnerabilities.

DNS (Domain Name System) is used to "translate" Internet domains into the physical IP addresses of the servers hosting the content of the web pages. Whenever we connect to a service and provide a domain name, the computer communicates with the DNS server to obtain the correct IP address. For example, for domain "dobryvpn.pl" the IP address of the server can be "104.28.20.235".

Most ISPs provide users with their own DNS server, which is controlled by them and based on which they can log connections and user activity.

The security vulnerability that can cause DNS leak , and consequently, the real IP address of the user lies in WebRTC , which is built into most modern browsers (Chrome and Firefox are vulnerable to it).

WebRTC is a collection of protocols and programming solutions that allow real-time communication between two units. With it, browsers can communicate seamlessly with servers and other users in real time. Based on this, all web based applications that allow video, voice chat, chat or file transfer work without the need for additional software.

The mechanism of leakage of IP addresses in the case of DNS leak from the technical looks like that through WebRTC send queries to the ISP's STUN servers, which then return the public and local user's address. Just the right code on the website so that the owner can know the real IP address of the visitor who uses the VPN. On the other hand, in the logs of the network provider will be our activity related to the sent query. This is because this communication is done bypassing the tunnel created by the VPN and therefore is not protected and protected.

On the network you can also find information that some of the features in Windows 10 may also cause DNS leakage when using a VPN.

Whether our computer configuration and VPN connection application protects us against DNS leak can be found at https://dnsleaktest.com or https://ipleak.net/ .

Check DNS leak

If after the test we find that we are able to see the IP address that the ISP gave us, then we have fallen victim to DNS leak and our VPN connection is not secure.

DNS leak protection associated with WebRTC

If it turns out that our IP address leaks during a VPN connection, that does not mean we can not secure it. There are several ways to protect yourself against DNS leak.

  1. Use an application to connect to a VPN that has a built - in DNS leak protection mechanism . Providing this kind of security in an application often goes hand in hand with the killswitch option, which allows you to disconnect from the network if you lose a VPN connection.
  2. Disable WebRTC in a web browser. Unfortunately, we will not be using it for web applications that use the camera and microphone.
  3. Disable WebRTC in browser with browser plugins such as uBlock Origin
  4. VPN configuration directly on the router through which we connect to the Internet, so that the entire connection from the computer or mobile device will immediately pass through a secure tunnel.
  5. Change DNS servers that we use on a public computer that have not been assigned by a network provider such as http://use.opendns.com/ or https://developers.google.com/speed/public-dns/

Share this article:

Excavation

Related articles

What is VPN?

What is VPN?

VPN is an abbreviation of the English word Virtual Private Network. It is an encrypted tunnel through which all traffic goes ...

Cheap VPN or what? Overview of the cheapest VPNs

Cheap VPN or what? Overview of the cheapest VPNs

For many people, the key criterion for choosing a VPN is the price. It is up to the amount you will need to spend on the service will be the ultimate dependency ...

100 best VPN 2017-2018