DNS Leak

A DNS leak is a security issue that occurs when Internet service providers inadvertently receive domain name system requests that should have been concealed by a virtual private network. Typically, VPNs create a path for Internet users to send domain name requests privately. But occasionally, some DNS requests will not use the VPN and instead route directly to the Internet service provider’s DNS resolver (which processes all DNS requests). “Split tunnel” VPNs in particular are vulnerable to DNS leaks.

A DNS leak can open users to potential Internet traffic surveillance, not only from their Internet service provider but also potentially from the government or hackers. It can also reveal a user’s IP address that they’ve specifically tried to keep hidden for security. VPNs create private network pathways for this very reason: avoiding domain name system surveillance. Although some VPN providers are very reliable, a few types of VPNs are susceptible to DNS leaks. There are ways to test for DNS leaks; many websites offer simple tests to users. Another way to do this is to search your IP address; it’s geographically tracked, but it shouldn’t show up if your VPN is protecting it. If your VPN is active but your IP address is public knowledge on a simple Google search, then your VPN has failed to secure it.

Preventing DNS leaks

There are a few ways to protect against DNS leaks, and using a highly reputable VPN is one of them. Using DNS over HTTPS can also help: this encrypts HTTPS traffic between domain name systems. Using a totally anonymous browser like Tor can also hide some Internet traffic from nosy public Internet service providers. Also, finding a DNS resolver that isn’t provided by a public internet service provider might be an investment worth making if you are concerned about regular DNS monitoring.






Jenna Phipps
Jenna Phipps
Jenna Phipps is a writer for Webopedia.com, Enterprise Storage Forum, and CIO Insight. She covers data storage systems and data management, information technology security, and enterprise software solutions.

Related Articles

@ Sign

Pronounced at sign or simply as at, this symbol is used in e-mail addressing to separate the user' name from the user's domain name,...

Munging

(MUHN-jing) Munging (address munging), is the act of altering an email address posted on a Web page to make it unreadable to bots and...

How to Create an RSS Feed

In the second installment of RSS how-to, we look at some of the nonrequired (optional) channel and item tags, discuss RSS specifications in-depth and...

Dictionary Attack

(n.) (1) A method used to break security systems, specifically password-based security systems, in which the attacker systematically tests all possible passwords beginning with...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...