DNS-leak protection

What is a DNS leak?

Generally speaking, the domain name server, or DNS for short, is responsible for requesting the IP address as soon as you call up a domain (example: google.de – 173.194.112.47). It thus makes all of the necessary preparations for the subsequent establishment of a connection to the server, in order to call up a page. If you are behind a router, then the DNS server of your Internet Service Provider (ISP) is placed in the router. As a result, your computer issues the DNS requests to your router. As soon as you have consequently been connected to one of our VPN servers, we place our DNS server on your computer. This way, all requests are directed via this server. A DNS leak can, however, occur in spite of there being a secure connection, e.g. a VPN. In this case the name server sends its requests to the server via an unsecure network. This happens if the operating system uses a predefined name server from the router, from the local network. In so doing you are exposing yourself to an unnecessary risk. Should a page record your DNS server request, then there is the chance that your real IP address may be discovered, if the DNS server also records logs.

Generally speaking, it is a good idea to look after your anonymity when on the internet. No-one other than yourself should know what websites you visit. For protection purposes, you should secure all data traffic by means of an encryption and the traffic should be tunnelled using a secure connection such as IPSec, SSH or OpenVPN. As a consequence, all DNS requests must also be sent through the tunnel. If this does not happen, it is possible to trace the IP addresses to which connections have been established and thus, which websites you visit. However, the problem can be easily corrected manually.

How do you determine whether or not you are affected?

First connect to a VPN server from another country. Then call up the page dnsleaktest.com. There you can perform a test and determine whether or not you are affected by a DNS leak. Should the result show an IP address from your country or your Internet Service Provider, then a DNS leak has occurred.

What can you do in the event of a DNS leak?

You can correct this problem manually really easily. Simply assign another DNS server to your network adapter. However, SpyOFF automatically protects you following the successful establishment of a connection to the client prior to a DNS leak occurring. As soon as the connection to one of our VPN servers has been established, the application sets the two DNS servers to 192.18.0.1 and 192.18.0.2. However, the two DNS servers can only be accessed by our customers via one VPN connection. As a result a DNS leak is prevented in any event! But take note: Under certain circumstances, in a select few cases the client may no longer cancel these DNS settings following a connection failure. The result of this is that you can no longer browse as desired, as the name resolution no longer functions. In this case you must check your DNS settings and, if necessary, reset to default so that the DNS server address is automatically obtained. Here is a short guide as to how to do this without any problems.