DNS Leaking and Prevention Paper
Thursday, January 09, 2014
By
Kumar
If u are using proxy or vpn for hacking, u think that u are 100% anonymous, right? But u might be wrong.
What is Dns leak?
Ans) When you visit a site even using proxy/vpn you may give info about your dns provided by your ISP to that site.
And they will be one step ahead to trace u.
*** You can check whether you are leaking your dns info or not at www.dnsleaktest.com
Now you may think that, this is no big deal. Because u can change dns address manually, so no one would be able to
see your activity.
Here comes another story of the "Transparent Dns Proxy".
What is transparent dns proxy?
Ans) This is also a kind of dns servers provided by your ISP(not all ISP). When u change your dns address manually your
dns requests goes to and resolved by your desired dns server, but these requests goes through those dns server set
by your ISP (which sits between your pc and your desired dns server), and keep all logs of yourrequests.
Please note: I dont know about other ISPs. but I am confirmed about BSNL.
*** To check whether your ISP has transparent dns proxy or not, at first check your dns server's ip @ www.dnsleaktest.com.
Then change ur dns address to some other like 8.8.8.8 or 8.8.4.4 (googles dns). After this change use 'tracert' or
'traceroute' command to trace node's ip between your pc and your desired site.
for example:
c:\>tracroute www.google.com
If you find address of your ISPs dns or the network part of that ip, your ISP is using transparent dns proxy, to log your request.
Solution:
1) if you are using proxy chains configure to use with tor.
Here is how https://www.youtube.com/watch?v=d91w9D1FPIk
Or configure it to resolve dns requests by your proxys.
Here is how http://proxychains.sourceforge.net/howto.html
2) Use dnscrypt (freely available) to make an encrypted channel (from your pc to Opendns or any other dnscrypt enabled dns)
so your all dns requests are encrypted and resolved only by opendns or that you have set to use.
*You can use it with proxy/vpn but if your vpn is not leaking info. You don't have to worry.
Here is how to install in ubuntu http://askubuntu.com/questions/330589/how-to-compile-and-install-dnscrypt
-Written by Chris Angel!
Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
What is Dns leak?
Ans) When you visit a site even using proxy/vpn you may give info about your dns provided by your ISP to that site.
And they will be one step ahead to trace u.
*** You can check whether you are leaking your dns info or not at www.dnsleaktest.com
Now you may think that, this is no big deal. Because u can change dns address manually, so no one would be able to
see your activity.
Here comes another story of the "Transparent Dns Proxy".
What is transparent dns proxy?
Ans) This is also a kind of dns servers provided by your ISP(not all ISP). When u change your dns address manually your
dns requests goes to and resolved by your desired dns server, but these requests goes through those dns server set
by your ISP (which sits between your pc and your desired dns server), and keep all logs of yourrequests.
Please note: I dont know about other ISPs. but I am confirmed about BSNL.
*** To check whether your ISP has transparent dns proxy or not, at first check your dns server's ip @ www.dnsleaktest.com.
Then change ur dns address to some other like 8.8.8.8 or 8.8.4.4 (googles dns). After this change use 'tracert' or
'traceroute' command to trace node's ip between your pc and your desired site.
for example:
c:\>tracroute www.google.com
If you find address of your ISPs dns or the network part of that ip, your ISP is using transparent dns proxy, to log your request.
Solution:
1) if you are using proxy chains configure to use with tor.
Here is how https://www.youtube.com/watch?v=d91w9D1FPIk
Or configure it to resolve dns requests by your proxys.
Here is how http://proxychains.sourceforge.net/howto.html
2) Use dnscrypt (freely available) to make an encrypted channel (from your pc to Opendns or any other dnscrypt enabled dns)
so your all dns requests are encrypted and resolved only by opendns or that you have set to use.
*You can use it with proxy/vpn but if your vpn is not leaking info. You don't have to worry.
Here is how to install in ubuntu http://askubuntu.com/questions/330589/how-to-compile-and-install-dnscrypt
-Written by Chris Angel!
Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!
Written by CK Admins
Computer Korner is an open knowledge sharing site, where the we try to share our experience with IT, Security, Networking, System Administration tasks faced in day to day life. Articles from visitors are highly appreciated. Contact Us at : Click Here
![Admin Login Page Finder [FIND HIM]](http://3.bp.blogspot.com/-GhtWWRl4-xU/UB0hynJzAQI/AAAAAAAAAlA/7awzEtAFL0w/s72-c/mysqladded.PNG){kind=small}
thanx for sharing
ReplyDeleteValuable info here, Thanks for the share. If you want to hide what you are doing online then you should be using a VPN. There are some good ones here http://thebestproxyserver.com
ReplyDelete