DEV Community

loading...
Cover image for Data privacy by DNS leak prevention

Data privacy by DNS leak prevention

Ali Alp
“Take it easy” is nonsense , take it as hard as you can and don’t let it go :)
Updated on ・4 min read

Nowadays, bridge of data privacy is one of the hottest topics and while privacy is what we all has been promised we are aware that we are being watched if not by officials at least by our pets :)

Issue

Whenever you turn on your phone or computer or any other device which is connected to the internet you are exposing your personal data to the word which it consists of good and bad people among them therefore the issue is how to minimize the number of open doors to our lives.

Virtual private network - Wikipedia

A virtual private network ( VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across a VPN may therefore benefit from the functionality, security, and management of the private network.

The first solution is VPN which in a nutshell is something like this

As is has been mentioned this schema is in a nutshell, if we want to see one layer deeper it will be something like this

You can think of DNS as the phone-book or contact app which will translate the website name to its number which is called IP address.

Domain Name System - Wikipedia

The Internet maintains two principal namespaces, the domain name hierarchy and the Internet Protocol (IP) address spaces. The Domain Name System maintains the domain name hierarchy and provides translation services between it and the address spaces. Internet name servers and a communication protocol implement the Domain Name System.

As it can be seen whenever you want to visit a website your browser must ask a DNS server to gather the IP address of that website and only then it can try to connect to that website.

The issue is if you are not careful about setting the DNS address you can end up using a VPN connection while your internet provider is aware of all your activities which this phenomenon is called DNS Leak, in another word not even you are exposed but you are paying for nothing if your VPN service is premium.

Behind the scene most of the VPN providers are taking care of the DNS Overriding for you which is simply to set your DNS IP addresses to theirs.

Anyhow even if the VPN providers claim that they are taking care of the DNS Overriding or not the question is how can you tell ?

Solution

Linux & Mac

Prerequisite:

sudo apt-get install curl
Enter fullscreen mode Exit fullscreen mode
#!/bin/sh                                                                                                                              
dns1=$(nslookup -q=A whoami.akamai.net | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")                         
dns2=$(nslookup -q=A resolver.dnscrypt.org | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")                    
dns3=$(nslookup -q=A whoami.ultradns.net | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")                     
curl http://ipinfo.io/$dns1/country                                                                                                
curl http://ipinfo.io/$dns2/country                                                                                               
curl http://ipinfo.io/$dns3/country 
Enter fullscreen mode Exit fullscreen mode

Windows

Apologizes for windows users, the solution below will work for you as well but if you are system administrator and you need a native solution for windows leave your request in comment section here

Prerequisite:

Install Windows Subsystem for Linux (WSL) on on Windows 10

Installation instructions for the Windows Subsystem for Linux on Windows 10.

then in the Ubuntu emulator

sudo apt-get install curl
Enter fullscreen mode Exit fullscreen mode
#!/bin/sh                                                                                                                   
dns1=$(nslookup -q=A whoami.akamai.net | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")              
dns2=$(nslookup -q=A resolver.dnscrypt.org | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")         
dns3=$(nslookup -q=A whoami.ultradns.net | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")          
curl http://ipinfo.io/$dns1/country                                                                                     
curl http://ipinfo.io/$dns2/country                                                                                    
curl http://ipinfo.io/$dns3/country 
Enter fullscreen mode Exit fullscreen mode

In the result below you can see an instance of the DNS leak

My actual origin is TR(Turkey) so if there will be TR in the list you can be sure that your origin country is resolving your requests therefore you are not completely anonymous.

And below you can see a non-leaked DNS configuration

it means that your DNS requests are being resolved as you have configured them, so you can feel one more step closer to the anonymity on the internet which means 99 steps still to go :)

Discussion (0)