VPNs and DNS leakage - please check my results

Discussion in 'privacy technology' started by muckypup, Oct 22, 2010.

Thread Status:
Not open for further replies.
  1. muckypup

    muckypup Registered Member

    Joined:
    Jun 12, 2010
    Posts:
    5
    Hi,

    I have a few questions regarding VPNs and DNS leaks. I am using SwissVPN (which provides PPTP and OpenVPN) using Ubuntu.

    AIUI, one concern with VPNs is whether they are configured to use your ISPs DNS rather than their own.

    Here is my situation:

    My /etc/resolv.conf file shows:

    # Generated by NetworkManager
    domain my.real.nonvpn.domain.com
    search my.real.nonvpn.domain.com
    nameserver 80.254.79.157 # swissvpn dns
    nameserver 80.254.77.39 # swissvpn dns
    nameserver 128.xxx.xxx.xxx # isp's dns
    # NOTE: the libc resolver may not support more than 3 nameservers.
    # The nameservers listed below may not be recognized.
    nameserver 128.xxx.xxx.xxx # isp's dns

    Clearly, Network Manager has prioritised the SwissVPN DNS.

    Here is some information about DNS leaks: https://www.wilderssecurity.com/showthread.php?t=239932

    From what I have read there are two tests that can be done:

    https://www.dns-oarc.net/oarc/services/dnsentropy

    and

    https://www.grc.com/dns/dns.htm

    The only DNS resolver shown at oarc.net is: 80.254.79.157 (ns1.monzoon.net)

    Both DNS resolvers are shown at grc.com: ns1.monzoon.net and zrh1-ns02.monzoon.net

    AIUI, this means I do not have any DNS leaks. Can this please be confirmed?

    Thanks.
     
  2. hierophant

    hierophant Registered Member

    Joined:
    Dec 18, 2009
    Posts:
    854
    That seems fine. Have you configured iptables? There's a protocol for securing OpenVPN using Shorewall on XeroBank. The rules block all traffic except via the VPN. If needed, I'm sure that you can tweak it to work with SwissVPN.
     
  3. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,102
    Hi muckypup,

    If you have a hardware router, usually, the ISP's DNS servers (primary and secondary) are specified upon installation of the ISP's service. If you do have a hardware router, it behoves you to check out the router's OS and the ISP's documentation concerning that feature and how to change it to what you desire.

    Another variable may be the browser you use, and whether there are any configuration items that specify remote dns proxy servers vs your default (the hardware router settings probalby override anything you may specify in /etc/resolv.conf file. Worth checking out.

    -- Tom
     
  4. muckypup

    muckypup Registered Member

    Joined:
    Jun 12, 2010
    Posts:
    5
    I will check out the iptables settings, thanks.

    I am actually on my Universities network so I have no control over any hardware. I cannot actually change my DNS e.g. to OpenDNS since I then cannot connect to anything (although obviously I can use a VPN).

    I use Tor sometimes along with NoScript so I imagine Firefox's settings are decent:

    extensions.torbutton.saved.socks_remote_dns - true
    network.dns.disableIPv6 - false
    network.dns.ipv4OnlyDomains - [blank]
    network.proxy.socks_remote_dns - true
    noscript.logDNS - false
    noscript.proxiedDNS - 0

    Finally, as mentioned, I do not control the hardware router settings. However, my understanding is that the two tests linked above, enable users to see if there is VPN DNS leakage irrespective of whether they control their router or not?

    Thanks.
     
Loading...
Thread Status:
Not open for further replies.