Even using VPN, my DNS was leaking. I fixed it, is that right?

Discussion in 'privacy problems' started by wild_wolf, Apr 26, 2013.

Thread Status:
Not open for further replies.
  1. wild_wolf

    wild_wolf Registered Member

    Joined:
    Apr 26, 2013
    Posts:
    8
    Location:
    US
    Hi guys, I am happy to find such a community. This is my first post but I've been browsing this forum for the last days.

    I have many questions about security, I hope to find the answer for most of them here. For now, I just got HMA VPN, but when I made the DNS leak test on www.dnsleaktest.com, my DNS was leaking (my ISP DNS was being showed and well as OpenDNS DNS, I believe OpenDNS cause the VPN connection uses its DNS, am I right?). So this is that I did:

    In the TCPIP4 options within the properties of my network adapters, I set OpenDNS DNS for all actived network adapters. They were set before to get DNS autommaly ( and I believe they were getting the DNS from the router, which was the ISP DNS). After doing this, I went to www.dnsleaktest.com and my DNS was not leaking anymore (only DNS showing now is OpenDNS ones)

    My question is, after setting the OpenDNS in the 2 active network adapters, can I still be sure my connect is Encryption? How can I test that? Using WireShark or is there anything easier to verify that?
     
  2. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Get a refund for HMA.

    The company does not respect privacy and will comply with all requests for information and logs user activity constantly. Its almost not even worth having a VPN if you use them. Get a refund if your in the time they allow refunds, if not complain you can't connect "lie" to try and force a refund.

    When you have done this look at these three services (AirVPN)(BolehVPN)(Mullvad). They are what you really want in a VPN service and will respect you and your privacy.

     
    Last edited: Apr 26, 2013
  3. Rowmon

    Rowmon Registered Member

    Joined:
    Oct 11, 2012
    Posts:
    10
    No disrespect, but I don't understand the certainty when people claim 'they will respect you and your privacy.' how can you be so sure?

    Also, the above is incorrect and outdated ;).

     
  4. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Some VPN company's respect privacy more then others. In this case, anything is better then HMA, and the three I'm recommending have good track records.
     
  5. Jessica19

    Jessica19 Registered Member

    Joined:
    Aug 24, 2012
    Posts:
    13
    Location:
    United States
    Can't believe after all those news about hidemyass, it is still being used by many security conscious people. If you have to use VPN, use non-logging VPN. You should also take a look at these open source alternatives: Tor, JAP, i2P. i2P is my favorite. It works by routing traffic through other peers making attacks more and more expensive to mount.
     
  6. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    You don't use a VPN Jessica? You find you can do everything you need to on Tor/Jap/I2p? I find these slow to be honest.
     
  7. Jessica19

    Jessica19 Registered Member

    Joined:
    Aug 24, 2012
    Posts:
    13
    Location:
    United States
    You are correct Taliscicero, they can be very slow at times. Because none of the Tor/Jap/I2p works on my iPhone, I do have to use a VPN sometime. But I only use VPN services that don't keep any logs. Both VPN4all and PIA are non-logging and fast.

    But like many non-logging vpn services, many of their IP addresses are being blacklisted on websites like:https://www.projecthoneypot.org, a common problem to all non-logging VPNs I guess; Since they don't keep any logs, it is hard to prevent people from abusing their services. I ordered a cloud hosting package using PIA, and my order was marked as "fraud" because I was using a 'spammy' IP.

    For downloading, or watching movies, i use VPN. For others, I mainly use Tor/JAP/I2P. :blink:

     
  8. wild_wolf

    wild_wolf Registered Member

    Joined:
    Apr 26, 2013
    Posts:
    8
    Location:
    US
    hi guys, thank you for posting.

    HMA works for me, I use VPN only for encrypted data (this way, I believe that sniffers (on the wireless networks I use) won't be able to know which sites I am visiting. This is the main reason I use VPN, so I guess HMA works for me.

    That's why I made those questions in first post, after seeing my DNS was leaking, I did what I said in first post. And this is my question: After doing that, can I be sure my data is being encrypted? How can I test it? If someone is sniffing the network I use, will they be able to know which sites I visit?

    thank you again
     
  9. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    One of my most annoying experiences is having to disconnect from my VPN to buy things with PayPal. I have been blocked out of PayPal so many times for forgetting or not caring to log out. PayPal is HTTPS, I should be able to use my VPN because there is no user risk to me. Because so many people are stupid enough to lose there passwords or get exploited PayPal blocks VPN IP's. I should not be penalized for other peoples stupid mistakes. What do you mean by PIA? I am not sure what that stands for, please enlighten me.
     
  10. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    If your on any VPN using the OpenVPN protocol, You are encrypted. Because OpenVPN does not allow connections with script security less then level 2. If you have a new IP, your encrypted. DNS does not really matter that much if someone is sniffing as it should go through your VPN anyway.

    1. To change the DNS addresses, click “Network and Sharing center” from the system tray and select your Internet connection (Local Area Connection or Wireless Wifi)

    2. Now click “Properties” and select the “Networking” tab. Select “Internet Protocol version 4 (TCP/IPv4) and hit the “Properties” button again. This will open the IP Address and DNS properties of your Internet connection.

    Select the radio button “Use the following DNS Server addresses” and enter the value of the preferred DNS server.


    I would say the best servers to go with are German Privacy Foundation servers.

    87.118.100.175
    94.75.228.29


    You can go to grc.com/dns/ , to check if it worked.
     
  11. wild_wolf

    wild_wolf Registered Member

    Joined:
    Apr 26, 2013
    Posts:
    8
    Location:
    US
    Thank you very much for your help. As I said, if my data is encrypted even with DNS leaking, I don't really care at all.

    Just something I was thinking earlier: I connect to internet using a "modem+wireless router" (which I don't have access to its admin). So the default DNS is set on this modem+wireless router (which is the DNS of my ISP). Let's say someone have access to its admin, is there any way of them change the DNS to a DNS that make possible find out what websites I am visiting? (is this what is called "DNS poisoning?")
     
  12. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Realistically if your using a VPN and they are not the "Operator" of the DNS server, then you are fine. OpenVPN encrypts 100% of everything related to your network on your computer and nothing leaves "un-encrypted". I myself would change my DNS on the local machine "as above" anyways, just because. It really won't make a difference to you if your just worried about the network admin seeing what you do.

    If your network admin is what your worried about, you may want to look into some online guides about how to turn off "Sharing" in windows, and also how to disable remote admin and "local LAN". VPN will solve all your networking issues, but you still need to disable these other things as they are vectors into your local computer for a well informed admin too.

    For the most part a VPN will protect all traffic leaving your computer. :thumb:
     
  13. Jessica19

    Jessica19 Registered Member

    Joined:
    Aug 24, 2012
    Posts:
    13
    Location:
    United States
    "What do you mean by PIA?"
    I meant Private Internet Access.
     
Loading...
Thread Status:
Not open for further replies.