DNS leak explained

A DNS leak is a security flaw that allows DNS requests to be revealed to ISP DNS servers, despite the use of a VPN service to attempt to conceal them.[1] Although primarily of concern to VPN users, it is also possible to prevent it for proxy and direct internet users.

Process

The vulnerability allows an ISP, as well as any on-path eavesdroppers, to see what websites a user may be visiting. This is possible because the browser's DNS requests are sent to the ISP DNS server directly, and not sent through the VPN.

This only occurs with certain types of VPNs, e.g. "split-tunnel" VPNs, where traffic can still be sent over the local network interface even when the VPN is active.

Starting with Windows 8, Microsoft has introduced the "Smart Multi-Homed Named Resolution". This altered the way Windows 8 handled DNS requests, by ensuring that a DNS request could travel across all available network interfaces on the computer. While there is general consensus that this new method of domain name resolution accelerated the time required for a DNS look-up to be completed, it also exposed VPN users to DNS leaks when connected to a VPN endpoint, because the computer would no longer use only the DNS servers assigned by the VPN service. Instead, the DNS request would be sent through all available interfaces, thus the DNS traffic would travel out of the VPN tunnel and expose the user's default DNS servers.[2] [3]

Prevention

Websites exist to allow testing to determine whether a DNS leak is occurring. DNS leaks can be addressed in a number of ways:

Notes and References

  1. Web site: What is a DNS leak and why should I care?. 2017-05-29. dnsleaktest.com. en-US. 2016-09-03.
  2. Web site: Preventing Network and DNS Traffic Leaks - SparkLabs. www.sparklabs.com. en. 2018-11-29.
  3. Web site: Windows 8 and Windows 8.1 New Group Policy Settings . blogs.technet.microsoft.com. 10 November 2013 . en-US. 2018-11-29.
  4. News: VPN Tests and Checks - The Ultimate How-To Guide Restore Privacy. 2018-03-07. Restore Privacy. 2018-11-29. en-US.
  5. Web site: An Analysis of the Privacy and Security Risks of Android VPN Permission enabled Apps.