Articles Tagged ‘Disable WebRTC’

DNS Leak Testing & Protection – How to Avoid Exposing Your Identity & Online Activity

DNS Leak - ISPs & Government spying on users online activitiesDespite innovations in security and technology, it’s difficult to remain anonymous online. Identifying information is seemingly everywhere – from malicious JavaScript tracking to the location services in web browsers. Even secure Linux operating systems like Tails have struggled to protect user’s privacy.

Windows 10 is no safe haven, either. By default, Microsoft collects information from users on an unprecedented level. Data that can be turned over to authorities or a third party. Increasingly, users must take extra steps to ensure privacy and be more knowledgeable about the services they’re using.

This applies even to users with anonymizing software. Virtual Private Networks (VPNs) are sometimes seen as blanket tools that guarantee identity protection. In truth, they have their own vulnerabilities and chief among them is the DNS Leak which only the best VPN service providers are able to resolve.

Check if you're vulnerable to DNS Leaks by using ExpressVPN's DNS Leak Tester

Understanding VPN DNS Leaks and How they Work

When you type a website URL into your browser, you’re essentially using a nickname. Typing in “firewall.cx” is more like asking a question. You send a request to a Domain Name System server, which then points you to the IP address of the site (208.86.155.203). This saves us typing long strings of numbers each time, and is better for pretty much everyone.

However, it also comes with its own problem. DNS servers are given by your internet service provider (ISP), which offers them a list of every website you visit. Naturally, this compromises anonymity, but VPNs are supposed to fix that. Instead of requesting from your ISP, your traffic is routed through the VPN, protecting you.

Unfortunately, it doesn’t always work. In some cases, the operating system uses its default DNS servers instead of switching things up. This is most common in Windows, but can also happen on OSX, Linux, and mobile devices. It’s aptly named a DNS leak.

In some cases, a VPN is worse than not using one at all. Why? When using anonymising software, users have a sense of security. They may perform activities they wouldn’t otherwise, such as torrenting software or visiting controversial websites. It’s not immediately clear that a leak has occurred, and the user goes on thinking they’re safe for months at a time. In reality, their IP address is open and visible.

DNS leaks aren’t just utilized by service providers either. Websites can discover your true IP address using WebRTC, a collection of communications protocols present in most browsers. WebRTC allows for a request to a service provider’s Session Traversal Utilities for NAT (STUN) servers, listing both the local (internal) and public IP address (router WAN IP) of the user via JavaScript.

This can give a general location of the user and be used to track them across the site or other sites by the same owner. In addition, law enforcement or hackers may be able to gain access to this data, leading to serious repercussions.

DNS Leaks Used By Govenrments and ISPs

For example, DNS leaks were utilized by the Canadian Government in 2015, helping to track users on popular file sharing websites. Revealed by Edward Snowden, the technique combines several tactics to find out the identity of downloaders. In this case, targeted files were primarily terrorism related, but this could easily be extended to other media.

Snowden Digital Surveillance Archive: Screenshot from Canada's Levitation Program

Snowden Digital Surveillance Archive: Screenshot from Canada's Levitation Program

In fact, the UK government recently passed a law that does just that. The Investigatory Powers Bill forces ISPs to store and hand over DNS records in bulk for almost every user. This is used to create a list of websites each person has visited, regardless of any wrongdoing. As a result, UK users should be especially cautious about VPN DNS leaks, and can be certain any slip ups will be recorded.

Articles To Read Next:

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup