How to protect yourself against and DNS leaks

Must Read

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the protection flavours (always-on or on-demand)

How tech bolster security of online gaming platforms

The rise of online and is evident throughout the world’s financial capitals with the UK, US, and a few other European nations at the forefront

Explained: The evolving nature of cybersecurity threats

Concerns such as hacking and the presence of computer viruses have existed for decades in one form or another. As technology evolved over the years, so did the cybersecurity  threats themselves.

You didn’t want your web history to show, so you went ‘incognito’. You didn’t want your web activity to be monitored or recorded by your ISP, so you got a Virtual Private Network. But now you might have discovered that bypasses your and could leave you open to IP leaks. This article is here to tell you how to protect yourself against privacy leaks when you’re using a VPN, and for those of you who aren’t in the know, let’s start by clearing up what WebRTC and DNS are and why they can be a risk.

First, what is WebRTC?

Web real-time communication software or WebRTC is an element of some browsers and apps that aids things like video and audio playback – making them run more smoothly. Better Skype video and web calls, great. Before WebRTC came along, websites could only communicate in real-time through unreliable plugins.

However, while it helps to improve the functionality of Google Hangouts, Discord and other communication tools, WebRTC can also leave your online privacy at risk.

What are the risks?

For VPN users, privacy and anonymity are the name of the game. You use a virtual private network to add a layer of encryption to your data, and to hide your IP address so that you can browse without being tracked for targeted ads, or snooped on by other third parties. But what many VPN users aren’t aware of is that WebRTC can leak their IP address even when browsing via VPN.

Certain browsers ignore whether or not you have a VPN when transferring information using WebRTC, and will send domain name system (DNS) requests (including your IP address) outside of your VPN. This means that you think you’re browsing anonymously, but your own unique IP address is actually visible, putting your data at risk.

What’s the deal with DNS?

When you type the name of a website into your browser, your computer makes a series of requests using the domain name system, to translate the words you’ve typed into the numerical IP address associated with that site. As you browse the , the IP address you’re using to make those DNS queries is also logged.

Just as WebRTC can leak your IP address by sending requests outside of your VPN, DNS details can be leaked even with that extra protection in place. It usually happens because your VPN has been misconfigured, but also occurs if your internet service provider (ISP) has set up its service to force connected devices into using their own DNS servers to resolve queries. This means that instead of the DNS process happening via a VPN server, it goes through one that logs your IP.

Detecting a leak

It’s not always obvious if your computer is using its default settings and not routing data requests through your VPN’s servers. Use a WebRTC leak checker to see if you’re at risk using the following steps:

  1. Connect to your VPN
  2. Open the WebRTC Leak Checker
  3. If the IP address that appears is from your ISP, you have a leak

Google Chrome and Mozilla Firefox are both key culprits for causing WebRTC leaks because of their built-in real-time comms functions. If you’re concerned that a Chrome extension could also be causing a DNS leak, you can check it this way:

  1. Install VPN extension for your provider
  2. Connect to your VPN
  3. Type ‘chrome://net-internals/#dns’ into the browser
  4. Click Clear host cache
  5. Open a new tab and go to any website
  6. Check the DNS information in the previous tab.

Changing DNS Servers

If it turns out that your default DNS server is that of your ISP, you can always switch to another DNS server. An added bonus of this often includes faster internet speeds.

You could choose a server like Open DNS or Google Public DNS which shouldn’t override your VPN, but the simplest thing to do is to set your VPNs DNS server details as the default.

Once chosen, you will need to change your system settings. Windows 10 users:

  1. Go into settings/control panel
  2. Click on Network and Internet
  3. Click on Network and Sharing Center
  4. On the left pane, click on Change adapter settings

WebRTC bypasses VPN and could leave open IP leaks5. Right-click the network interface connected to the internet, and select Properties

WebRTC bypasses VPN and could leave open IP leaks f

6. Select Internet Protocol Version 4 (TCP/IPv4) from the list

7. Click the Properties button

WebRTC bypasses VPN and could leave open IP leaks e

8. Click the Use the following DNS server addresses option

9. Type your preferred and alternate DNS server addresses

10. Enter the DNS servers you want to use (for example: Google Public DNS addresses: 8.8.8.8 and 8.8.4.4)

11. Click OK

WebRTC bypasses VPN and could leave open IP leaks e

12. Click Close to apply the new DNS settings. Your task is complete: you are now using the new DNS settings.

Android users can change their DNS server, but it only when using WiFi – not data. Find the appropriate settings when you hit the Menu button and choose Advanced while you’re in the WiFi setup screen.

How to prevent WebRTC leaks

If you use:

  • Chrome
    • Desktop
      • Install the WebRTC Network Limiter extension. This official Google extension switches off WebRTC’s IP-leaking feature. Ensure you’re using the official Google extension or a reputable VPN as many fake extensions exist.
    • Mobile
      • In the mobile version of Chrome, paste chrome://flags/#disable-webrtc into the browser and change it to ‘disabled’.
    • Firefox
      • Navigate to about:config and search for the media.peerconnection.enabled setting. Once located, change it to ‘disabled’.

The best protection against WebRTC and DNS leaks

The best way to protect yourself is to ensure you’re using a good quality VPN that has built-in safeguards against WebRTC and DNS leaks. If your VPN is diverting traffic through their DNS servers instead of your ISP’s, then you’re protected.

Reputable VPN clients include a kill switch  which can be a serious privacy saver in the event of a leak, cutting your internet connection the moment a drop in your VPN connection is detected. This prevents your data being transmitted without encryption, as well as keeping your IP safely hidden under cover.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Sapience Analytics signs distribution agreement with Redington

Sapience Analytics and Redington said that they have entered into a distribution agreement where latter will resell the Sapience Vue solution through its network of over 30,000 channel partners, system integrators, and value-added resellers countrywide.
- Advertisement -SAP Hana

Related Articles