What is a DNS Leak? How do You Prevent it?

There are different ways of preventing a DNS leak

In an internet user’s world, it’s just about memorizing the name of the website to get to a webpage. You just have to type-in the address on the address bar and you’ll be able to access it. But what happens behind the scenes? How does it work? Well, it works quite complex and we’re here just to talk about that.

Our computers only understand numbers – which they translate into words. So in order for us to access websites, our computers need Internet Protocols (IP addresses). And a DNS or a Domain Name Server lends a big hand in that.

What is a DNS?

One can think of a DNS to be the phonebook of IP Addresses. The main use of the DNS is translation; it translates domain names into IP addresses so that our computers would know what to look for and where.

A DNS is the key on what makes the internet work. It allows you to associate names of websites to IP addresses, and vice versa. A DNS is the reason why we just need to memorize names of the websites, not IP addresses.

How does DNS work? Where does it come from?

In order for you to be able to use the internet, you need to have an internet connection. Your internet connection is provided by your Internet Service Provider (ISP), right? Your ISP has its own assigned DNS resolvers.

For every time you need to browse or access a site, your computer sends a query to the ISP DNS resolvers. What these resolvers do is that they’ll identify the correct IP address of the website you want to access. Then, your ISP returns that information and loads the webpage for you to be able to use it.

There are times that our ISPs filter traffic to benefit some of the users. They either make everything slower or they analyze data from those who use regularly use their DNS servers. Yes your ISPs keep track of whatever you’re doing over the internet. It’s for them to regulate internet usage.

To give you a concrete example, here’s how it works:

  • You open your browser and you search for Google.com
  • Before the webpage loads, your ISP’s DNS servers will have this activity recorded in their servers. This basically means that they know what you’ve visited.

This leads us to the fact that a DNS leak is possible. Because we are using an ISP-based, public DNS server, there’s a chance that when a leak occurs, our privacy is at stake.

What is a DNS leak?

Do you remember how it works? Well, since your ISP is the one who owns their DNS servers, they have the information you don’t want them to have. We’re talking about the IP addresses that made original requests to hostnames on the web.

A DNS leak is the sheer act of observing, gathering, and filtering DNS traffic by your ISP. They do this by checking the public DNS servers you utilize to arrive at websites you want to visit. 

To put it simply, a DNS leak is a problem that is between your local server (computer) and your ISP’s DNS resolvers. This can affect your online privacy as all queries done in ISP-based DNS servers are unencrypted.

How do I prevent DNS leaks?

You might think that this is inevitable. But there are actual ways on how you can avoid a DNS leak from happening.

Use a VPN

A Virtual Private Network (VPN) can help you with this dilemma. A good VPN client has its own DNS servers, which saves you from connecting to the default ISP-based DNS servers. This way, you would be using your VPN’s DNS servers, which will be hidden from your ISPs.

However, even if you’re connected to VPN, a DNS leak can still happen. How? For three reasons: It could be because your VPN is not configured properly; if they do not have their own VPN servers; or if the web traffic accidentally leaks out of the secure connection.

Before making the decision on which VPN is best for you, it’s best if you check the features of the VPN first. Ensure that they won’t tolerate DNS leaks for the safety of your privacy.

Change the default DNS servers

If you’re not into using a VPN, then changing the default DNS servers might work for you. Not only would this promote a better and a safer connection; it can also provide faster and better connection speeds because you’re not using the same servers other people are using.

In selecting a DNS server, ensure that the one you choose is safe. Double check if they have the best security and that if they prevent DNS leaks.

One good example is Cloudflare’s DNS servers. Cloudflare does not permanently store information from you. They do, however, store data for 24 hours, only for debugging purposes. After that time frame, the information is gone.

If you’re interested in using Cloudflare’s DNS servers, you can click on this link for detailed instructions. You can also check how it can be set-up in that website.

How do I know if I’m at risk?

Your connection might be fine but your privacy might be in danger. If you want to know if you’re at risk of DNS leakage, you can run a DNS leak test. By running a DNS leak test, you can know what the status is of you connection.

You can try and check cryptoip.info and run the DNS leak test there. In that test, it will show whether you’re at risk of a DNS leak or if you’re safe.

Although a DNS leak is a minimal type of leakage, it’s still ruins the privacy that you’re looking for. Your ISPs know whatever you’re doing so it’s still unsecure. To be more secure, we suggest that you use a VPN service that is secure and safe. Use a VPN that has reliable DNS servers that won’t redirect you to connect to ISP-based local DNS servers.