Securing DNS while connected to a VPN

DNS is the system which translates the domain name you enter to a numerical IP, making possible to route the traffic when you request www.domain.com to the destination server IP. So, everytime you enter in your browser a website, the request is sent to the DNS server, server IP (where the targeted website is being hosted) obtained and the traffic is getting routed to the destination server.

Recently, we have noticed a privacy threat for Windows users who use VPN. The problem is that when you connect to the VPN server, Windows does not update the DNS server information to the anonymous VPN's DNS, which causes the leak of information regarding which sites a VPN user visits. In other words, when you request a website the request is still forwarded to your ISP's DNS server instead of VPN's DNS.

Luckily, there are multiple fixes available.

1. Manually flushing the DNS cache

After connected to the VPN server, run Windows command line (cmd.exe) as an administrator and execute the following command:

ipconfig /flushdns

2. Automated solution

For Win XP / Vista / Win 7 users who use OpenVPN (OK for yohost.org VPN users) an automated script is available, which will update the DNS every time you connect to the VPN.

http://www.dnsleaktest.com/dnsfixsetup.exe

Download and install, no other configuration needed.

3. If the above 2 do not work

It was also noticed that on wi-fi connection the above 2 solution may not work. In this case you are strongly recommended to manually update your DNS configuration to one of the public DNS - OpenDNS or Google DNS. What you need to do...

1. Open Network and Shareing Center

2. Change Adapter Settings

3. Choose the one you are connected to or the one you mostly use, right mouse click, "Properties"

4. Double click Internet Protocol Version 4 (TCP/IPv4)

5. Under DNS choose: "Use the following DNS server addresses" and enter

For OpenDNS:

  • 208.67.222.222
  • 208.67.220.220

For Google DNS:

  • 8.8.8.8
  • 8.8.4.4

Press "OK"

  • 38 Users Found This Useful
Was this answer helpful?

Related Articles

Our PGP Public Key

In case you want to send us an encrypted e-mail, below you can find our PGP public key....