Technology is constantly evolving and new threats to online privacy are no different. While many people already take precautions such as using VPNs (Virtual Private Networks) to keep their web browsing private, these are not universal solutions and it is still important to stay on top of new threats when they are discovered. One vulnerability which VPN users who wish to keep their web browsing private should be aware of is DNS leaking.
DNS leaking can potentially reveal your entire web browsing history to your ISP (Internet Service Provider) and compromise your privacy – even when you are using a VPN. While it is not a cause for concern to VPN users who simply wish to view streaming site content in other countries or take advantage of regional pricing on flight tickets, VPN users who wish to protect their privacy should take precautions to prevent DNS leaking. So what really are DNS leaks – and how do you prevent them?
What is a DNS leak?
When you type in a website URL (Uniform Resource Locator) such as Google.com into your address bar, your browser needs to know where it can find that web page. To do so, it sends over the URL request to a DNS (Domain Name Server), essentially a directory that relates domain names to IP (Internet Protocol) addresses. The DNS then checks its list and sends back details of the matching address, allowing your browser to contact the server, retrieve the web page and display it to you.
As the names of all the websites you visit are sent to your DNS, you might see where the security risk comes in. Unless you change the DNS you use, your browser will most likely default to your ISP’s (Internet Service Provider) DNS, providing a way for your ISP to see all of your activity.
Am I vulnerable to a DNS leak?
Unless you are using a VPN with built-in DNS leak prevention, your web traffic is likely vulnerable to leaking. While it is not immediately obvious whether you are suffering from a DNS leak or not, there are fortunately many tools online that you can use to check. HMA!’s free DNS leak test is one such tool that allows you to instantly see whether you are suffering from leaks.
How to stop a DNS leak?
If you are suffering from DNS leaks, don’t worry, fixing the problem is relatively easy. There are a few ways you can go about it, and we will go through each of them below.
- Change your DNS settings. Windows and Mac both allow you to select the DNS you wish to use in their internet settings. On Windows computers the setting is found in the Network and Internet section of the Control Panel, whereas on Macs it is found in the Advanced section of the Network page in System Preferences. Common options for DNS are OpenDNS and Google’s DNS, whose addresses are below.
OpenDNS – 22.214.171.124 / 126.96.36.199
Google DNS – 188.8.131.52 / 184.108.40.206
Using these DNS settings means that OpenDNS and Google respectively will be able to see which domains you visit. Whether you trust them more with your privacy than your ISP is something you will have to decide for yourself.
- Disable Teredo. Teredo is a technology present on Windows computers that allows communication between the IPv4 and IPv6 internet protocols. Essentially, it is a tool that helps the transition of websites from the older protocol to the newer one. While useful in some cases, it can also cause your DNS requests to leak by sending them to a different DNS than one you wanted them to. Luckily, Teredo is simple to disable – simply open the command line (by pressing Win + R and typing in cmd) and then entering the following command:
netsh interface teredo set state disabled
If you do start having problems after disabling Teredo and wish to enable it again, you can re-enable it by typing this into the command line:
netsh interface teredo set state type=default
- Use a VPN with DNS leak prevention. While changing your DNS settings and disabling Teredo will keep your DNS from leaking, the easiest and most comprehensive way to ensure you are protected from DNS leaks across all your devices is to use a VPN with DNS leak prevention. VPNs with DNS leak prevention ensure that all your DNS requests go through an anonymous and secure DNS, removing the possibility of leaking or allowing anyone to see your web traffic.
While VPNs are one of the best tools for online privacy, it is always important to remember to stay vigilant as there is no universal solution for keeping your web browsing private. VPNs are always useful for online streaming and making use of regional pricing, but if you want to use them for privacy it is essential you ensure that you are also protected from DNS leaks.