back to top

DNS leaks: understanding the risks and how to prevent them

Follow Us
placeholder text

This is very important to know when it comes to privacy because DNS servers can be a threat to your privacy. Even professionals like SysAdmins, DevOps, and network administrators often forget. They mostly focus on popular services like database systems, SSH services, or web servers. More than 58% of the global population is active on the internet, with more than 4.4 billion people.

I can surely say that most people have never heard about the Domain Name Server (DNS). Today in this article, we will be sharing how you can check for DNS leaks and fix them without further ado. Let’s get into this.

What is the Domain Name System?

DNS is used to translate domain names into IP addresses, so users don’t need to remember long strings of numbers. It’s a decentralized naming system for computers and other services. For example, when you need to visit Facebook.com instead of typing 31.13.88.3512, DNS does it on your behalf to access that website or service while connected to the internet.

If you want to try visiting a website with an IP address, then you can try entering 185.159.159.140 in your web browser to visit protonvpn.com. It’s a phonebook of the internet, which has records of hostnames and IP addresses so that the public can visit secure public internet websites.

How does the domain name system work?

When you enter a website into your browser’s address bar, that domain is sent to a DNS server, which then checks the IP address for that domain name. Next, it sends it to your browser to display on your screen. This all happens very quickly and is also a great way to manage internet traffic, but sometimes it can be a concern when it comes to privacy.

DNS servers are used to store records of domains and IP addresses, which are used to remember websites by their names. They were originally developed to store tonnes of data about their users and information about which IP address requested a hostname. That’s why your DNS provider can monitor and store information on their servers.

How DNS (Domain Name Service) Servers Can Be Threats to Privacy

When you request any website from your browser, it simply goes to the DNS server, and then it returns the website’s IP. However, you can use different DNS servers as per your choice; if not, then it goes to your default DNS servers or those owned and operated by your Internet Service Provider (ISP).

All your internet traffic goes through your ISP’s DNS server, where your activity gets recorded in a log with IP addresses, dates and times, and other information. So there are many countries in which governments might ask for users’ logs and track their activities. Even more, ISPs can also sell these logs to advertisers without their users’ consent. This is a common security problem known as a DNS leak, but you can avoid it.

DNS Attacks

As we mentioned before, DNS security is not always taken seriously, which is why sometimes DNS servers lack important configurations for security. This can lead hackers to exploit the system, which includes transferring DNS zones and modifying DNS resolvers to report different IP addresses.

Courtesy: Bluecat

This means that all people trying to reach a website could be redirected to a different website, which could have malware or be dangerous for users. Not all users know to detect that their traffic has been redirected to another server that isn’t the original MX server from the attacked domain.

Why are DNS leaks dangerous, and what are the reasons for them?

DNS leaks give unauthorized third parties access to track your online activity, which means you are compromising your online privacy. DNS leaks can also be caused by manual configurations done by malicious third-party attackers or by untrusted VPN providers.

How to Prevent DNS Leaks

It’s quite easy to prevent your DNS from leaking. You can use a virtual private network (VPN), which will protect your online activities. However, your ISP will know that you are connected to a VPN when you enable it on your device.

If you don’t have any specific use-case scenario or reason to use a VPN, then it’s enough to hide your DNS, as it encrypts your data so that only your VPN can decrypt it and show you results. It’s better if you choose a VPN service that protects your activity and doesn’t store logs.

If you don’t want to invest in or use VPNs, you can use independent DNS providers. These are reliable third-party DNS servers like Cloudflare 1.1.1.1, Google Public DNS, OpenDNS, and others. A DNS leak is a security threat that occurs between your computer and the DNS resolver because all your queries are sent using unencrypted DNS requests from the network. It’s your right to browse and surf any website without concern about DNS leaks. There are different ways to prevent surveillance activity related to DNS.

DNS leak test

You can conduct a DNS leak test. There are multiple leak test services available. To conduct a DNS leak test, first check for DNS leaks without using a VPN and then with a VPN. If the IP and country change, that means your VPN is working. Without a VPN, your ISP can see all your DNS server requests. With a VPN, there should only be one server visible. If only one server is showing, that means there are no DNS leaks.

There is one more thing: DNS hijacking, also known as DNS poisoning or DNS redirection, which is bad. By doing so, attackers cannot gain full control over the DNS server, which could potentially be used to redirect traffic to the wrong website. Overriding the TCP/IP configuration when malware overrides it also causes DNS hijacking.