Что такое утечка DNS?

Опубликовано: 23 Декабря, 2021

Повышенная мобильность устройств, концепция удаленного доступа к сети и многие другие возможности, подобные этим, усложнили полную задачу предотвращения доступа хакеров к вашим личным данным.
В большинстве фатальных атак злоумышленник может полностью закрыть ваш веб-сайт, даже не получив доступа к вашей системе. Злоумышленник может воспользоваться Интернетом, чтобы отвлечь посетителей вашего веб-сайта и другие входящие данные до того, как они достигнут вашей сети. Здесь система DNS является ключом. Это первая линия защиты, которая играет важную роль в защите данных.

In this article, we will be discussing –

  • What is DNS?
  • What do you mean by DNS Leak?
  • Ways to check a DNS Leak?
  • What are the Major DNS Leak Issues?
  • How to Prevent DNS Leak?

What is DNS?

DNS- Domain Name System is a hierarchical naming system that is used for computers, services, or any other resource or device that is connected to the Internet. Or we can say that in simple language, DNS translates more readily memorized domain names to numerical IP Addresses needed for locating and identifying devices and services with the underlying network protocols.

A DNS server encompasses all the Domain Names and their corresponding IP Addresses. Whenever you enter a URL-

  • Your browser will send IP Request (domain name- For example www.geeksforgeeks.com) to the DNS Server.
  • DNS Server will match the corresponding IP address of this URL and directs your browser to the website.

DNS system is essential as the browser is unable to understand the alphabetic URL and can only process the numerical IP Address.

What do you mean by DNS Leak?

As we have discussed above, DNS acts as a correspondent between the Internet and your device. However, in the case of default DNS settings, the online activities of the user are visible to the ISP or anyone with legal or illegal access to the DNS Server.
To eradicate such situations, many individuals tend to use VPN-Virtual Private Network, which helps to create a safe and virtual connection over the Internet. Adding a VPN pushes all the DNS requests and data through a VPN tunnel.

Unfortunately with pros there comes the cons. VPN Servers are not 100% secure, they could leak DNS requests. This is known as DNS Leak. Thus we can say DNS Leak is a security flaw, that exposes DNS requests to ISP DNS Servers.

Ways to check DNS Leak –

Checking DNS Leak is a very simple task. There are so many one-click testing tools available in the market to test DNS vulnerabilities. Here are some excellent and authentic sites to test DNS Leak:

  • DNSleaktest.com
  • IPLEAK.NET

How a DNS Leak Test Work?
The answer is very simple if you are behind the VPN and perform a DNS Leak Test.

  • The result should be the same IP where you have connected through a VPN.
  • If you see your ISP on the list, it points to a DNS Leak.
  • The lists which are not directed under your VPN Service could signal a leak.

Try not to select a DNS Leak Test tool offered by any VPN Service. VPN Service these days are developing their tools and using it as a bait to scare users and sell their products.

What are the major DNS Leak Issues?

In this section, we will be discussing major issues contributing to DNS Leak.

  1. Irregular Network Configuration: When connecting to VPN, connect your device first to the local network. Ensure proper settings as DHCP settings can sometimes automatically assigns a DNS Server when you connect to a new network and this could be your ISP DNS Server.
  2. IPv6 Leak: Most VPNs have IPv4 support and they are unable to handle any request to or from an IPv6 device. The request sent from the machine using a dual-stack tunnel which converts IPv4 to IPv6 couldn’t be handled by these VPNs. Therefore, the DNS request eventually goes to the DNS Server and DNS leak causes real IP to expose.
  3. Transparent DNS Proxies: In cases where ISPs detect users changing their DNS Server setting to a third-party server, they enforce their own DNS Servers. This transparent server will interrupt the user web traffic and send it to the ISP DNS Server. Such types of servers can be detected through DNS Leak Test.
  4. Teredo Technology: Mircosoft has introduced Teredo Technology to resolve the issue of IPv6 and IPv4. However, in the case of VPN, it can still cause DNS Leak as it is a tunneling protocol and it is capable of bypassing VPNs encrypted tunnel too.
  5. Windows OS Versions 8, 8.1, and 10: Windows feature Smart Multi-Homed Name Resolution has been introduced in Windows 8 and later versions. This feature tends to send the request to all available DNS Servers. It makes sure that the response from the non-standard server is only acceptable in case favorites fail to respond. Most probably, that ISP DNS response is accepted which eventually results in DNS Leak.

How to Prevent DNS Leak?

  • Encrypt DNS requests using DNS over HTTPS or DNS over TLS.
  • Use VPN Client which sends DNS requests over the VPN.
  • Use Firewalls to disable DNS on the whole device or setting DNS servers to non-existing ones like 127.0.0.1 or 0.0.0.0
  • Use anonymous browsers like Tor Browser, which makes user anonymous and doesn’t require any DNS to be set up on the operating system.
  • Use your own DNS resolving server.
  • Use Cloudflare DNS Server.
  • Use proxy or VPN, system-wide, via third-party app helpers like Proxifier or in the form of a web browser extension.

References:

  • https://en.wikipedia.org/wiki/DNS_leak#Prevention
  • https://en.wikipedia.org/wiki/Domain_Name_System

Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.