DNS leak

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

A DNS leak refers to a security flaw that allows DNS requests to be revealed to ISP DNS servers, despite the use of a VPN service to attempt to conceal them.[1]

Process[edit]

The vulnerability allows an ISP, as well as any on-path eavesdroppers, to see what websites a user may be visiting. This is possible because the browser's DNS requests are sent to the ISP DNS server directly, and not sent through the VPN.

This only occurs with certain types of VPNs, e.g. "split-tunnel" VPNs, where traffic can still be sent over the local network interface even when the VPN is active.

Prevention[edit]

Websites exist to allow testing to determine whether a DNS leak is occurring, including www.dnsleaktest.com[2]. DNS leaks can be addressed in a number of ways:

  • Encrypting DNS requests, such as through the DNSCrypt protocol[3], which prevents the requests from being seen by on-path eavesdroppers
  • Using a VPN client which sends DNS requests over the VPN

References[edit]

  1. ^ "What is a DNS leak and why should I care?". dnsleaktest.com. 2017-05-29. Retrieved 2016-09-03. 
  2. ^ "DNS Leak Test". www.dnsleaktest.com. Retrieved 2016-09-03. 
  3. ^ "How to Encrypt Your DNS for More Secure Browsing". Retrieved 2016-09-03.