DNS leak

A DNS leak refers to a security flaw that allows the true IP address of a connection to be revealed to websites, despite the use of a VPN service to conceal it.[1] The flaw was first documented by Daniel Roesler,[2] a developer based in San Fransisco.

Process

The vulnerability allows remote websites to determine the user's true IP address using WebRTC, which is built into most web browsers. According to Roesler, determining the true IP is possible since WebRTC allows requests to ISPs' STUN servers to return the user's public and local IP addresses, noting that it is possible to do so using JavaScript.[2]

Furthermore, the STUN requests aren't made using the regular XMLHttpRequest procedure, so can't be viewed in browsers' developer consoles or be blocked by popular privacy plugins (such as Ghostery or AdBlockPlus).[2]

Determining the true IP address also allows the website to determine the approximate location of the connection, allowing for geo-blocking of content.

Prevention

Several websites exist to allow testing to determine whether a DNS leak is occurring, including Roesler's demo tool.[3][4] DNS leaking can be prevented in a number of ways:

References

  1. "Huge Security Flaw Leaks VPN Users' Real IP-Addresses - TorrentFreak". 2015-01-30. Retrieved 2016-09-03.
  2. 1 2 3 Henry, Alan. "How to See If Your VPN Is Leaking Your IP Address (and How to Stop It)". Retrieved 2016-09-03.
  3. "DNS leak test". www.dnsleaktest.com. Retrieved 2016-09-03.
  4. "IP/DNS Detect". ipleak.net. Retrieved 2016-09-03.
  5. Raymond Hill (26 Mar 2016). "Prevent WebRTC from leaking local IP address". uBlock Origin documentation. Retrieved 1 Sep 2016.
  6. "How to Encrypt Your DNS for More Secure Browsing". Retrieved 2016-09-03.
  7. "4 ways to prevent a DNS leak when using VPN - BestVPN.com". 2013-04-18. Retrieved 2016-09-03.


This article is issued from Wikipedia - version of the 9/14/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.