Is your VPN leaking your DNS?

This tool is now integrated in Hidester VPN solution.

How do I know if my DNS is leaking?

Here’s the thing: Your VPN won’t automatically tell you that you have a DNS leak. You’ll have to find out yourself.

Make a note of your actual IP address (use Hidester’s “What’s My IP Address” tool to find out) Use your VPN, and run the Hidester DNS leak test to see if your real IP address is still being displayed. You get the result instantly, and the test will generate a unique URL if you want to keep a record of the results.

Understanding the DNS leak test results

Your requests to access websites are received by the servers you see listed. If you’re connected via a VPN, you should only see your VPN’s servers. If you see any other servers listed, you have a DNS leak.

How can I prevent my DNS leaking?

The fixes below relate mainly to Windows, where DNS leaks are more common. However, DNS leakage can also happen if you’re using Mac or Linux.

Get a static IP by disabling DHCP

Do this before you connect to your VPN. This prevents your router from changing your IP address every time you reboot, making your IP address static. The following example shows how to do it in Windows 7, but the procedure is similar for all Windows versions:

Go to Control Panel

Network and Internet

Network and Sharing

Change adapter settings

Right-click your main connection, and select Properties

Left-click on “Internet Protocol Version 4 (TCP/IPv4)

Click Properties (bottom-right of box)\

You’ll see your existing DNS server addresses

Change these to your preferred DNS (you can find these on Google Public DNS, OpenDNS, or Comodo)

Your DNS leak is now fixed! When you disconnect, you can re-enable DHCP by re-inputting your original DNS settings.

Disable Teredo

Windows’ IPv6 to IPv4 solution can send DNS request via a non-VPN tunnel, putting you at risk. Here’s how to stop this from happening:

Open a Command prompt (CMD) as an administrator

Enter netsh interface teredo set state disable d

d Reboot, and you’re ready to go!

To re-enable, open a CMD and enter netsh interface teredo set state type=default

Block traffic that isn’t via VPN

You can configure your firewall (you are using one, right?) to minimise leakage risks. Manually clear your DNS

For this to work, you’ll need to switch to a static IP address beforehand:

Open a Command prompt (CMD) as an administrator

Enter netsh interface show interface

Make a note of your connected interface

Connect to your VPN

Enter ipconfig /flushdns

Enter netsh interface IPv4 set dnsserver “Local Area Connection” static 0.0.0.0 both and replace “Local Area Connection” with the name of your connected interface

and replace “Local Area Connection” with the name of your connected interface Enter ipconfig /flushdns

That’s it! You’ve successfully flushed the DNS resolver cache

What is a DNS?

The internet relies on a Domain Name System (DNS) for connecting computers, devices, and “things” (eg smart fridges). Without this network, the internet simply wouldn’t work. Here’s why.

Let’s say you want to visit www.hidester.com. First, you have to connect to the internet. Every connection is assigned an Internet Protocol (IP), for location and identification purposes. This is why whenever you connect to the internet, you’re automatically assigned an IP address.

When you type in the URL and press Enter, your browser registers this request. It then sends a message to your Internet Service Provider (ISP) to say “this user wants to go to the Hidester website”. This is how an ISP identifies you and your online activity. To hide your activity, you need to reroute your requests via the servers of a Virtual Private Network (VPN), proxy, or public proxy. Usually, these tools work perfectly. These mask where your requests are coming from, and give you a different IP. Your ISP is unable to identify you, and you stay anonymous online. Unless your DNS is leaking…

What is a DNS leak?

A DNS leak means that not all of your traffic is being routed anonymously via your VPN. This may happen if the machine you’re using to connect to the internet is using its DNS default settings. Which means when you’re connected, your system may send out unencrypted queries. This is how your ISP could identify you, and monitor your online activity.

It’s not a fault of the tool you’re using – it’s usually down to the machine you’ve got. It could happen after a system reboot, upgrade or clean install. Any action which can reset the settings. If you’re using a Windows machine, DNS leaks are more common, particularly if you’re using Windows 10. Microsoft’s latest Operating System automatically attempts to make your web experience as fast as possible, by sending multiple DNS requests through your ISP as well as your VPN.

Alternatively, it may happen when a vulnerability is discovered in a browser. Last year WebRTC, a browser-based plugin used for audio and video calls and exchanging peer-to-peer data, was found to have . Various fixes were released, including patches and recommendations to route VPNs via routers. The problem is, not all VPN servers may have been updated to tackle this problem. And because these vulnerabilities can be discovered at any time, there may be other patches which need to be applied.

Hidester VPN has developed a dedicated VPN application that integrate a DNS leak test. Using our network of high speed VPN servers, and combines with the VPN kill switch integrated function, our Members reach an excellent level of protection.

One more thing

No solution can 100% guarantee your anonymity, so the important thing is to regularly check online for news of DNS leaks. And remember to keep running checks using tools like Hidester’s DNS leak test.