DNS Leaks, how to test for leaks and fix them

Ask all your computer related questions here
Post Reply
Kanga
Jr. Member
Jr. Member
Posts: 3
Joined: Mon Nov 29, 2010 8:54 pm

DNS Leaks, how to test for leaks and fix them

Post by Kanga » Sat Jan 13, 2018 7:04 pm

DNS Leaks, how to test for leaks and fix them

So you have a VPN service and you are feeling secure about your anonymity while surfing the internet. Think again and read on.

DNS Overview: what is it about?

You might be wondering what a DNS is, yet you have been using the internet all this time. A DNS (Domain Name System) refers to a system that associates URLs with IP addresses. Usually, when you are visiting a website, your browser will send a request to a domain name system with the URL you have just typed in – then the URL will be directed to the desired IP address.

So, What is a DNS Leak and VPN DNS leak?

Normally, the internet service providers (ISPs) are the ones who assign DNS servers. This simply means that they have the power to monitor as well as record each and every activity you conduct online as long as a request is sent to a server. Connecting to the internet through a VPN means that the domain name service request is directed to an unspecified domain name system server via the VPN. This is what keeps you anonymous while connecting to different websites.
However, there are some unfortunate occasions when your operating system (specifically Windows) will ignore the VPN tunnel and send the request to a DNS server from your browser. This occurrence is what is referred to as a VPN DNS leak. Once a DNS leak occurs, you will no longer be anonymous and your ISP surveillance, hackers and all sorts of online criminals will be able to track your activities.

How to do a DNS leak test ?

The best way to test for a DNS leak is to do it through
Code:

Code: Select all

www.dnsleaktest.com
. When you visit the website, you will be presented with the following depending on your IP address:

Image

DNS leak test

There are two tests that you can perform: the Standard Test and the Extended Test.

The Standard Test carries out one round of six queries for a sum of six, which should be more than enough to pinpoint a DNS leak. This is the faster of the two tests.
The Extended Test carries out six rounds of six queries for a sum of thirty six queries. This test is highly effective for unveiling all possible DNS leaks.

If you find a DNS leak on your system, use the procedure below to clear your DNS to stop the leak.

Manually clearing the DNS

The solution below does not switch the adapter to static if you are using DHCP. If you do not switch to a static IP configuration and your computer renews its IP address whilst connected to the VPN, the DNS settings may be overwritten. It is highly recommended to switch to a static IP configuration.

1 Open the command prompt (cmd.exe) as an administrator.

2 Before connecting identify the name of the connected network interface. In the case below it is "Local Area Connection"

netsh interface show interface

Image


3 Connect to the VPN. Once connected proceed to the next step.

4 Flush the DNS resolver cache

ipconfig /flushdns

5 Disable the DNS configuration for the Interface identified in step 1

netsh interface IPv4 set dnsserver "Local Area Connection" static 0.0.0.0 both

6 Test for DNS leaks.
Code:

Code: Select all

https://dnsleaktest.com/index.html
7 After disconnecting, reconfigure the adapter to renew the previous DNS settings.

netsh interface IPv4 set dnsserver "Local Area Connection" dhcp

8 Once again, flush the DNS resolver cache.

ipconfig /flushdns

Done.

Note, windows 10 users should check for DNS leaks on a regular basis.

User avatar
Webscout
Administrator
Administrator
Posts: 32981
Joined: Thu Dec 28, 2006 8:43 am

DNS Leaks, how to test for leaks and fix them

Post by Webscout » Sun Jan 14, 2018 7:00 am

Thanks Kanga....always good to hear from you. Good stuff.
Image

Post Reply