6

I'm planning on getting a VPN service (probably Privateinternetaccess) and read that it is imperative to plug DNS leaks. The only information I found on google describing what these are is here and I don't find it very detailed. What is a DNS leak? Why is it such a huge compramise if a regular one is used, that's only one more person who knows what your up to?

Celeritas
  • 10,039
  • 22
  • 77
  • 144
  • This is a common problem with TOR, which usually only tunnels traffic sent through a proxy - many applications don't sent their DNS queries through the proxy. – CodesInChaos Jan 02 '13 at 23:01

2 Answers2

8

If you connect through a VPN, but your queries are still being sent over the normal network, anyone that can sniff the network, will be able to see your DNS requests. When you are using a VPN you are trying to avoid this at all cost as you want to prevent people from eavesdropping on what you are doing (from a privacy point of view).

So let's say we have Bob that wants to visit site A in a normal situation with Trudy on the network. Trudy will first see Bob perform a DNS request and see where he wants to go. Furhtermore she might even to see the contents of where Bob is going if that site is not secured with, for instance, SSL.

Another risk is that when you use a VPN for privacy, and your DNS requests still pass the normal network, is that Trudy might try to replace the DNS server and send you a wrong IP for a certain site. She then redirects you to a proxysite or a phishing site to steal your data. Even when you are using a VPN, you would still be tricked in surfing to a malicious website or proxy, compromising the privacy part you want to use the VPN for.

Lucas Kauffman
  • 54,169
  • 17
  • 112
  • 196
0

A DNS leak occurs when you are on a VPN or other encrypted network and your real, public IP address is revealed when you make a DNS query. A DNS query occurs when you try to convert a URL (like google.com) to an IP address, such as when you type a URL into your web browser.

DNS queries typically happen over plain-text via the UDP protocol, so eavesdroppers on a network could listen in. The DNS server itself could be compromised, listing every website you accessed while on your VPN, which could trace requests back to you.

The solution is to replace your DNS servers with trusted servers. For instance, Private Internet Access runs their own servers for you to use. Read more details here ("DNS Leaks Explained")

seibelj
  • 101
  • 1