DNS Leak Protection Guide

Have you ever wondered if your VPN provider is secure and safe to use? If you have, this is the right place to find out the truth. Every VPN service wants to keep your privacy protected and to provide their users with online anonymity. Unfortunately, if you have a DNS leak, your privacy and personal data will be endangered. So, if you have one, you must fix it as soon as you can.

If you think that you have a DNS leak, but you’re not completely certain, we’re here to help you to make sure you’re 100% certain that you have a DNS leak. Besides finding out that you have one, we will also tell you the causes of DNS leaks and how to fix them successfully. But, before learning all that, you have to be familiar with what DNS leak really means.

1. What is DNS?

DNS stands for Domain Name System. What DNS does, is that it transforms a domain name to an actual IP address. The main reason why you type Google.com instead of a very long and complex series of numbers is the Domain Name System. To be clear, the DNS will translate the numeric names of Internet servers into an understandable language for people.

How does DNS work? So, you want to visit some website, let's say Netflix.com, and you go and type it into the search bar of the browser you're using at the moment. Then, whatever device you're currently using is going to send a query to a DNS( Domain Name System) server. Basically, your device, whether it's a PC or smartphone, will try to communicate with the DNS server and also ask it for the real IP address of the website. When the server provides that IP address, the device that you're using will go to the website that you've typed in the search bar. 

Although the DNS servers are essential when it comes to your Internet connectivity, they could seriously damage your privacy, and we will explain why.

2. Why do DNS Servers endanger your privacy?

Usually, Internet connections that aren’t protected are using a Domain Name System (DNS) server, and they're owned by your ISP. Depending on the region and country where you live, your Internet Service Provider could be dependant on some pretty strict privacy laws. This means that your traffic, connection logs, and your IP address are all logged for a considerable amount of time, a couple of months, to a couple of years in some cases. 

So, your personal info and data and all the sites that you've visited can be accessed by anyone who can, and it doesn't matter if it's done legally or illegally. The government could do it, hackers, and your ISP as well. Your personal data could be shared with your local authorities if they demand it.

3. Will VPNs be able to protect you all the time?

More and more people are using the services of VPNs because they want to be safe while browsing the Internet. VPN providers route your connections through their very own servers, and they also encrypt your personal data. This way, your VPN provider is going to add an extra layer of protection, and your Internet Service Provider will not be able to log your connections, traffic, or your IP address.

The only thing that your ISP will be able to see when you use a VPN is that you're connected to the VPN, nothing else. VPNs will hide your online activities, provide you online anonymity, and hide the details of your Internet traffic so that hackers couldn't take advantage of you. Although VPNs do everything to keep you protected on the Internet, leaks can happen from time to time.

When DNS leaks occur, your VPN service will not succeed in hiding your DNS server, and your Internet Service Provider will be able to look at what you’ve been doing on the Internet. So, it would seem like you weren't using a VPN provider at all. Because of DNS leaks, your true location will be easily visible as well as all your sensitive info and data.

This could happen without you even knowing it, and when you find out, it might be too late. Your VPN provider won’t know if anything is not working properly, and you won’t be notified in case a DNS leak happens. That’s why you have to do anything that is in your power to prevent DNS leaks. Soon, you will get familiar with diagnosing and fixing DNS leaks.

4. How can you test for DNS leaks?

Checking if your VPN has DNS leaks is quite easy, but as we've said earlier, it might be too late before you know that you have DNS leaks. Today, there are quite a lot of browser tools that are able to detect if your VPN provider has DNS leaks, and there are some VPN services such as VPN.AC  that has created those tools. If you want to check if you have DNS leaks, a website like ipleak.net is where you can test for DNS leaks in a matter of seconds. At this website, DNS leaks will be shown automatically, if there are any.

Follow these steps, and you will successfully check if your VPN has leaking DNS requests:

• • First, you have to type in ipleak.net into the search bar of your browser ( Google Chrome, Mozilla Firefox, Opera, etc.)
  • As soon as the website loads, the test will immediately start, and you will see your IP address.
  • In a case that IP address is your true IP address and you're using the services of a VPN provider, you have a DNS leak, unfortunately. But, if you're seeing the VPN IP address, you're safe, and you don't have DNS leaks.

Besides this method of checking for DNS leaks, there is another method. That method is checking for DNS leaks with the help of your PC's command prompt. But, this is not an ideal solution for average users, so you must have some technical know-how.

Besides having to know how to use the command prompt of your operating system, it is required that you have to know your real IP address. Also, you must have a server on which you can rely so you can „ping“ directly, or you can use some free servers like whoami.akamai.net or whoami.ultradns.net.

Here are the steps that will help you to do this on Windows:

• • The first thing that you have is to open the command prompt. Just type „cmd" in the Windows Start menu, and then you have to press Enter.
  • After you’ve done that, type in ping example.com n-1. Example.com is the server that you’ll be using for the DNS leak test, and n-1 means you’ll be sending one data packet.
  • Then you’ll see your IP address. In a case where that IP address is our VPN’s IP address, you’re fine. But, if you see your true IP address, you have a DNS leak, which is unfortunate.

5. Causes and Fixes of DNS leaks

Now, we will present to you a couple of potential causes of DNS leaks and how to fix them, if they occur.

Poorly configured network

A network that is not properly configured is a very common reason for the DNS leaks to happen. This especially goes for mobile users that like to change networks. For example, you like to switch between your Wi-fi connection to the public W-fi hotspot of a diner, restaurant, or a coffee shop. Before you secure a safe and encrypted VPN connection, first, you have to make a local network connection. DHCP settings that are poorly configured might assign you a DNS server automatically, and that server could be the property of your Internet Service Provider.

Even if you make a VPN connection on this improperly configured network, DNS requests could get past the encrypted tunnel of the VPN, resulting in DNS leaks.

How can you fix this? You can easily fix this problem, and you only have to configure your VPN provider to its own DNS ( Domain Name System) servers.

VPN app settings could be different depending on the VPN service, but most of them are similar. We will use the Mac settings on the ExpressVPN as an example to fix this problem. To prevent DNS leaks, you have to go to Settings, then go to Advanced settings and Check the DNS box. After you’ve done this, you will not have problems with DNS leaks.

Transparent DNS proxies

This is one of the newest privacy threats to users. They are called Transparent DNS proxies. Some Internet Service Providers use these proxies. Those DNS proxies are going to grant access to the Internet Service Providers so they could intercept DNS requests. This means that you'll have the DNS service of that ISP for all queries. Even if you change your settings to use OpenDNS service, it could still happen.

If you want to prevent this, the easiest solution would be to use the services of a VPN.

Conclusion

We've covered many topics regarding DNS leaks and how to prevent them. We hope that you've learned everything you have to need about DNS leaks and how to fix them successfully. With the right VPN to help you, you'll be protected against these leaks.