VPN Configuration: Understanding DNS Leaks & How to Prevent Them

Uploaded on 2022-09-07 in TECHNOLOGY--Resilience, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

If you have been using VPN for a while then you must have heard of DNS leaks. They can be caused by a number of factors. These include constant network switching, using a Transparent DNS Proxy, and setting the DNS server to a non-existing server.

If you suspect that you have a DNS leak, you should fix it immediately.

If you're not sure where to start, you can contact VPN support for help. Read on to identify common causes and possible fixes.

Use An Encrypted DNS Server

Transparent DNS Proxy is a service which intercepts DNS requests on port 53 and reroutes them to a different DNS server. This is a very sneaky practice which benefits the ISPs as they can legally sell their users' data. While most 'hardwired' ISPs do not use this technology, many telecom providers do. This practice is mostly done for security reasons, as ISPs in Asia and Africa usually enforce traffic logging and content filtering. Luckily, there are a few ways to avoid DNS hijacking. 

  •  One way is to use a VPN service to use an encrypted DNS server. This way, your DNS requests cannot be tracked by an outside DNS proxy. 
  • Alternatively, you can use OpenVPN and configure your VPN to block outside DNS servers.
  •  Another way to protect yourself is by using a DNS leak test. This will let you determine if your ISP has a DNS proxy installed. This is a very common practice that Internet Service Providers use to block websites and track traffic data. It's also a common practice used by some governments to censor content and prevent people from accessing certain websites. 

When DNS hijacking is done by hackers, they install Trojan malware on the victim's computer and alter the local DNS settings to redirect the user to malicious sites. Attackers can also take over routers with default passwords and overwrite DNS settings. This will affect all users connected to that router.

Keep DNS settings Secure

While VPNs provide a high level of privacy and protection, they are not immune to hacker attacks. These hackers can take advantage of DNS leaks by intercepting DNS requests and passing them through their own servers. The information they collect can be used by advertisers or other third parties. 

Another way in which cyber criminals can exploit DNS leaks is by hijacking DNS servers and redirecting your traffic to fake websites. In a recent report, the FBI warned of the risk of this attack.

One way to prevent DNS leaks is to keep your DNS settings secure. While you are using a VPN, you should not change your DNS settings, as this will force your DNS requests to go through your ISP's DNS servers. This will expose your browsing information to cybercriminals and may cause your IP address to be leaked.

Use A VPN With DNS Leak Protection

DNS leaks can also happen when people switch networks. In order to connect to a VPN, you must first connect to your local network. This will automatically assign your IP address and DNS server, but these servers may not be secure. Cybercriminals can take advantage of this situation to collect personal and financial data from you.
The best way to prevent DNS leaks is to use a VPN with DNS Leak protection. A VPN running on your router is more effective because it will protect all devices connected to it. 

Also, make sure that you disable WebRTC on your browser. WebRTC is an open standard protocol for video and audio chat. It uses an IP address to send data packets to the server, and a leak of this type can cause your internet connection to drop.

Changing your DNS settings can also help prevent your ISP from tracking your online activity. DNS settings contain IPv4 and IPv6 DNS servers. If these are not changed, you could still be vulnerable to DNS leaks. In addition to changing your DNS servers, you should use the correct VPN to secure your network.

Setting DNS Servers To Non-existing Servers

There are a few tips that can help you with DNS settings in your VPN. 

  • First, you should make sure that you use the correct DNS servers for your network interface. To make sure that you are using the correct DNS server, you can run tcpdump on the network interface.
  •  If you are using DNS to access internal resources, you should ensure that your primary and secondary DNS are set to internal DNS servers. This will prevent external DNS servers from resolving internal hostnames, which can cause connectivity issues and prevent users from accessing internal resources.
  • You should also check the DNS server settings on your mobile device. Usually, you can find them under the Wi-Fi settings. However, each device is different and may require additional steps to properly configure DNS. If you are unsure, you can refer to your mobile provider's documentation for additional instructions.’
  • You can also disable the content delivery network (CDN) on your router if you don't want it to distribute web content. This feature helps to deliver web content more quickly. It also allows cached content to be delivered. The only downside to this method is that it can cause your Internet connection to experience a lot of trouble.

Using An Anonymous Browser

One of the most effective ways to prevent DNS leaks is to use an anonymous web browser. These browsers use a different type of DNS that does not require any configuration of the operating system. A popular example is Tor, which gives complete anonymity while browsing the web. Another method is to use a system firewall, which disables the DNS process.

A VPN will send your DNS request through the VPN, which prevents your ISP from monitoring you. However, sometimes the browser will ignore the VPN and send your DNS request directly to your ISP, which is known as a DNS leak. This type of leak can lead hackers and law enforcement to access your browsing history.

Using a VPN is an excellent way to protect your privacy. While the DNS service of your internet provider does not track you directly, it can store your data in their logs and be used against you by law enforcement. Furthermore, your data can be sold to third parties without your consent.

VPNs are a great way to keep your browsing activity private, but you need to make sure you choose one that offers privacy protection. 

Idrees Shafiq  is a Marketing Analyst at  AstrillVPN

You Might Also Read:

Why You Should Never Use A Free Proxy:

 

« CIO & CISO Visions Leadership Summit - 9th to 11th October
The Quantum Internet Could Be Immune To Cyber Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Huawei

Huawei

Huawei is a leading global ICT solutions provider. with end-to-end capabilities across the carrier networks, enterprise, consumer, and cloud computing fields.

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab

NUS-Singtel Cyber Security R&D Lab conducts research into predictive security analytics.

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity

Rohde & Schwarz Cybersecurity provide solutions for Secure Networks, Secure Communications, Network Analysis, and Endpoint Security.

Innotec Security

Innotec Security

Innotec Security is a Spanish company specializing in cybersecurity-as-a-service, cyber resilience and cyber risk management.

Sungard Availability Services (Sungard AS)

Sungard Availability Services (Sungard AS)

Sungard AS partners with customers around the globe to understand their unique business needs and provide production and recovery services tailored to their requirements.

Evidence Talks (ETL)

Evidence Talks (ETL)

A leading forensic computing authority developing unique digital forensic technologies. Tools that detect potential terrorists & criminals & used by the military, enforcement & intelligence commmunity

InPhySec

InPhySec

InPhySec is a leading New Zealand information, physical and cyber security company.

Entel CyberSecure

Entel CyberSecure

Entel CyberSecure is a portfolio of Cybersecurity solutions and services for the protection, defense, risk management and regulatory compliance of ICT Systems for corporations and Government.

Squalio

Squalio

Squalio is an information technology group that delivers solutions and services for secure and effective IT management.

Fortanix

Fortanix

Fortanix Runtime Encryption keeps keys, data, and applications completely protected from external and internal threats.

Slovenska Akreditacija (SA)

Slovenska Akreditacija (SA)

Slovenska Akreditacija (Slovenia Accreditation) is the national standards accreditation body for Slovenia.

Unciphered

Unciphered

Unciphered was created as the first company providing services for opening locked hardware cryptocurrency wallets.

ThreatDefence

ThreatDefence

ThreatDefence provides innovative SIEM, SOC-as-a-Service, and proactive cyber defence solutions to MSP’s and Enterprises.

BugProve

BugProve

BugProve offers a firmware analysis tool that speeds up security testing processes and supports compliance needs by automating repetitive tasks and detecting 0-day vulnerabilities.

Securin

Securin

Securin offers a comprehensive portfolio of solutions including Attack Surface Management, Vulnerability Intelligence, Penetration Testing, and Vulnerability Management.

Lithuanian Cyber Command (LTCYBERCOM)

Lithuanian Cyber Command (LTCYBERCOM)

The Lithuanian Cyber Command is responsible for planning and execution of operations in cyberspace and installation of strategic and operational communications and information systems.