What is a DNS leak? And How Can I Fix It?

November 12, 2019 by Ali Zafar

Did you know a DNS server holds information that can identify you as a unique individual? Since all your requests are sent to the DNS server there’s a massive digital-footprint left behind. Through which ISPs and other organizations can pry on you.

Special software can grant you immunity from those spying. However, a DNS leak has the capability to sabotage the immunity provided by the software. This is why it is important for users’ to know about domain name servers and how it can be harmful to your online presence.

What is a Domain Name Server (DNS)?

The domain name server (DNS) is a system made specifically to link IP addresses (111.87.180.95) to domain names (privacyend.com) that humans can understand and remember easily.

When you request a website from the browser, It sends a request to the domain name server along with the URL entered. It is then forwarded to the correct IP address. This is a fundamental part of how the internet works.

What is a DNS leak?

The domain name servers are assigned by your internet service provider. This also means that they can monitor and keep track of all the activities that you indulge in online. However, when you use a VPN all the requests that are sent to the server through the browser are encrypted.

Unfortunately, sometimes the browser will just disregard the fact that you have a VPN set up and will send the DNS request straight to the ISP. This is referred to as a DNS leak. DNS leaks have a lot of consequences if not taken care of in the right way.

Issues caused by DNS leak

In a perfect-world scenario, there would be no concerns about DNS lookups being a problem. However, we are not living in the perfect world, nor we have the resources to make one right now. There are two major issues to be addressed relating to the internet.

  • Privacy
  • Security

Netizens use premium VPN services to tackle the problems aforementioned. However, a DNS leak can completely obliterate the privacy and security features that a VPN offers. It does that by sending a request straight to the DNS assigned by an ISP, leaving your privacy open at multiple ends.

In the world we live in privacy is a privilege that everyone pays for, especially online privacy. Organizations and individuals ruin the internet experience with their schemes. DNS leak also contributes to the schemes.

We’ve gone through this before, whenever a DNS leak occurs it completely disregards the VPN protocol and sends requests straight to the ISP. As a result, government agencies, snoopers, and ISPs can track your online activities.

Exposed IP address causes the following issues:

  • Throttling while streaming content in high resolution.
  • ISPs block certain websites.
  • Unwanted legal attention while surfing on restricted websites and downloading torrents.

Apart from that, the DNS records can easily be used to identify, punish and report an individual to the relevant authorities. Which can also be described as a complete invasion of privacy.

DNS records have the following data stored upon you:

  • Location.
  • Internet Service Provider.
  • Scripts that are enabled or disabled.
  • Privacy measures currently in place.
  • System size.
  • Operating System.
  • System time.

What causes a DNS leak?

The main culprit behind the leak is the improper manual configuration of a VPN on a device or an operating system. DNS leaks can occur on routers that have VPN set-up on them and different operating systems.

This is why it is important for users to choose a VPN that is compatible with all the major operating systems. There are other factors that also contribute to DNS leak and are stated below:

  • Operating system’s built-in features that interfere with your DNS requests and traffic.
  • Manual configuration of a VPN in a way that your settings only allow the VPN to use the ISP’s assigned DNS servers.
  • Maybe, you’re using IPv4 and IPv6 together with a VPN that does not support IPv6 connections.

The aforementioned causes are mostly harmless and are easy to fix. There’s one factor that is devastating. In this factor, the hacker takes over a router running a VPN service and forces the connection to be routed through the ISP’s DNS.

How to detect a DNS leak in your connection?

Unfortunately, there’s no way to detect a DNS leak just by looking at your connection speeds. In order to identify the problem, there’s a need for testing your VPN connection to make sure it’s DNS leak-free.

There are tools that are available online to test out DNS leaks. Most of the DNS-leak testing tools are available for free.

Important points to remember while testing:

  • First, run the test without a VPN.
  • Write down all the IP addresses after the test is completed.
  • Establish a VPN connection to a secure VPN server of your choice.
  • Re-run the DNS leak test.
  • If a VPN is working properly, the results won’t show the DNS servers assigned by the ISP. Instead, it will be displaying the VPN assigned DNS server in the location you selected.

Tools to test your DNS leak

There are DNS leak tools online. Choosing the right tool to test out DNS leak is very crucial. The reason being, that there are tools that mislead users’ into believing that they are secure online.

DNS tools with a high reputation for providing accurate results are hard to find. Which is why we’ve gone through the research extensive work and have listed them down below.

DNS Leak Tool By IPLeak.Net

Are you searching for a tool to test out if your VPN connection is leaking your DNS? This is the best option. The DNS leak tool by IPLeak.Net offers accurate results with no sugarcoating involved to provide you a false sense of security.

The tool wasn’t an affiliate of any VPN provider or showed biased results for a specific VPN service. If you want straight-up truth you should test your VPN connection through this tool.

DNS Leak Tool by DNSleaktest.com

Similarly, DNS Leak Tool by DNSleaktest.com offers the same kind of accuracy while maintaining the scheme of no-sugarcoated results. Moreover, the tool provides brief information about the tests that it ran so that the user can get some understanding of the situation he’s in.

This tool definitely won’t fail you by providing fake results. As we also use the tool to test out different VPNs.

There’s sort of a trend that’s clearly transparent. When selecting a tool for the purpose of testing DNS leaks. Make sure to find reputable tools that can provide you with accurate results without luring you into a false sense of security.

How to fix DNS leaks?

As you’re aware by now, that DNS leaks can land you in a lot of trouble if not properly resolved. There are quite a lot of ways to solve the DNS leak problem. It solely depends on what route you want to take.

We’ve compiled all the easy ways to solve the DNS leak problem for your ease.

Use a VPN

Even though, many people will argue that VPNs are the core reason of why DNS leaks occur in the first place. In my honest opinion, they are quite wrong.

Yes, if you’re going to subscribe to a VPN service that is not capable of providing top-notch security, then it is your fault. There are hundreds of VPNs to choose from but if you choose the right one you will never face such problems.

The real question is, what VPN to choose that gives you the best of both worlds. These VPNs provide you with top-notch security while keeping your online presence anonymous with blazing speeds.

Disable Built-in Operating System Features

DNS leak problem is a big issue for most Windows users. A feature namely Teredo is the culprit behind DNS leaks on the platform. It is a feature that converts IPv6 requests into IPv4 requests. Sometimes, it sends the requests through an insecure tunnel straight towards the ISP.

To prevent this problem here’s what you can do:

  • Search for command prompt on the task-bar and run it as an administrator.
  • Enter the following command: netsh interface teredo set state disabled.
  • Restart your computer.

To fix the problem on the Mac Operating System, go through the following steps:

  • Navigate to Applications > Utilities > Terminal.
  • Enter the following commands based on your macOS version.
  • Osemite and later:
    • v10.10.4 or later: sudo killall -HUP mDNSResponder
    • v10.10 through v10.10.3: sudo discoveryutil mdnsflushcache
  • Mavericks, Mountain Lion, and Lion
    • sudo killall -HUP mDNSResponder
  • Snow Leopard
    • sudo dscacheutil -flushcache

Change your DNS Servers

In order for this solution to work, you will have to manually change your DNS configuration. You can either use the public DNS servers made available to use by tech giants. You can also opt for the DNS servers that are provided by your VPN service.

OpenDNS:

  • preferred: 208.67.222.222
  • alternate: 208.67.222.220
  • preferred: (IPv6): 2620:0:ccc::2
  • alternate: (IPv6): 2620:0:ccd::2

Comodo Secure DNS:

  • preferred: 8.26.56.26
  • alternate: 8.20.247.20

Google Public DNS:

  • preferred: 8.8.8.8
  • alternate: 8.8.4.4
  • preferred (IPv6): 2001:4860:4860::8888
  • alternate (IPv6): 2001:4860:4860::8844

Delete your old DNS Cache

In some cases, Old DNS entries are corrupting your current DNS configurations. To fix the following problem on Windows.

  • Run command prompt as an administrator.
  • Enter the following command: ipconfig /flushdns

Conclusion

Since DNS leaks are a huge problem it is important for netizens to handle it in the right manner. Internet privacy was never given to netizens that easily which is why it’s important for us to use services that are capable of providing the right security.

My recommendation would be to opt for a VPN that comes packaged with DNS leak protection as it is the easy way out.

Leave a Comment