Debugging DNS leaks: why your VPN isn't hiding what you think it is
The article discusses the issue of DNS leaks when using a VPN, highlighting that while traffic may be tunneled, DNS queries often are not. This can lead to a false sense of security as users' DNS requests may still be visible to their ISP. The author provides steps to diagnose and fix the problem to ensure all DNS queries are routed through the VPN tunnel.
- ▪DNS resolution occurs at the OS level and is not automatically included in the VPN tunnel.
- ▪Common culprits for DNS leaks include systemd-resolved, browsers with DNS-over-HTTPS, and applications using their own resolvers.
- ▪To confirm a DNS leak, users can monitor DNS traffic on their physical interface using tools like tcpdump.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3834047) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } Alan West Posted on May 18 Debugging DNS leaks: why your VPN isn't hiding what you think it is #networking #devops #security #linux Last month I was setting up a hardened dev environment for a client doing security research. They wanted all traffic from their workstation tunneled through a VPN, no exceptions. Simple, right? Install WireGuard, flip the toggle, done. Then I ran a leak test and watched their real ISP-assigned DNS server pop up on the report. The traffic was tunneled.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).
Discussion
0 commentsMore from DEV.to (Top)
