DNS leaks are one way that identifying information (like your IP address) be accidentally exposed, even while you’re connected to a VPN. We’ll teach you what DNS lookups are, why you need them, and how to prevent DNS Leaks.
What does ‘DNS’ Mean?
DNS stands for ‘Domain Name Service’. Every time you type a domain name (like google.com) into your web browser, a request is sent to a DNS server. The DNS server’s job is to translate the domain name into a numerical address (IP address) so your computer can find the location where that website is hosted.
What DNS Server am I using?
If you’ve never changed your DNS settings on your computer or router, you are almost certainly using the DNS server assigned to you by your internet provider. It’s worth noting that if you’re based in the United States (and many other developed nations) your internet service provider (ISP) likely keeps records of your DNS lookups for 6 months or more.
Many ISP’s also use a technology called a ‘Transparent DNS Proxy’
Transparent DNS proxy technology actually allows your ISP to intercept any DNS lookups that are made through a 3rd party DNS service and run the lookups on your ISP’s own servers. Many users try to manually change the DNS server assigned to their computer or router (this guide will show you how to do this) only to find that their ISP’s DNS servers are still appearing if they run a DNS leaktest.
This is due to the Transparent DNS Proxy technology.
What is a DNS Leak?
Generally speaking, a DNS leak occurs any time your DNS lookup requests are routed to a different DNS server than expect. This can happen in two ways. The first, as we discussed, is due to your ISP’s transparent DNS proxy. This usually occurs without being connected to a VPN, though it certain cases could also happen while connected to a VPN
The second type of DNS leak is much more dangerous.
While connected to a VPN, your computer can be manipulated into routing its DNS requests through your default DNS servers instead of the ones provided by your VPN provider. The danger of this is twofold:
First, if the attack was deliberate, your DNS lookups could be routed to a hacked DNS server, which could route your computer to a fake website designed to steal data or install malware on your system. Second, even if accidental, the DNS leak could cause your web history (and possibly true IP address) to be visible to the DNS server.
How Dangerous are DNS leaks?
The truth is, DNS leaks aren’t that dangerous to the average user, but when you’re paying a VPN service to provide anonymity, you expect to get your money’s worth. If you truly depend on a VPN to remain anonymous for example reasons of censorship or oppression, DNS leaks can be truly dangerous if someone is actively trying to track your location.
How do I Find and Fix DNS Leaks?
Find the leaks…
This easiest way to test if your VPN leaks DNS information is to go to DNSLeakTest.com and take their free leak test. It takes about 10 seconds (we recommend the extended test not the quick test).
Fix the leaks
If you find any leaks, you can fix them with either the automatic or manual setup option found here.
Get a VPN with Built-in DNS Leak Protection
We highly recommend that when choosing a VPN provider you pick one that builds DNS leak protection into their VPN software client. Here are a couple excellent choices:
I certainly hope this article has helped you out. Please share using our social sidebar links if you think your friends might benefit as well!