How do I prevent DNS leak through VPN?

Forums » Up and Running » Virtual Private Networking » How do I prevent DNS leak through VPN?


Uniqs: 741	Share Topic:	RSS topic:	toggle: flat / full normal / watch	Posting:	Post a:	Post a:

Links: ·VPN Forum FAQ ·VPN Terms ·SSH Sentinel ·Real VNC ·TightVNC

VPN Tunnel »
« VPN - no ping

archer2 @ptm.ro	How do I prevent DNS leak through VPN? I'm using EAP-TTLS encryption VPN. The software is called SecureW2. I've found a guide on how to fix the DNS leak for OpenDNS, but how do I do it for SecureW2? Also, is leaking DNS a big security threat? (I'm assuming yes) Here's the link for the OpenDNS guide that I've found. »xerobank.com/support/articles/ho···s-leaks/
	permalink · 2009-04-21 17:59:23 ·

stefaanE
Premium
join:2002-07-10
Luxembourg

·Redwood Virtual

Re: How do I prevent DNS leak through VPN?

DNS information is meant to be public, so leaking it cannot be a big security threat.

If you're talking about leaking internal DNS information, it hardly constitutes a threat, especially if you're using the customary private address ranges (10.x.x.x and friends). These ranges aren't routed on the Internet, and hence cannot be used as attack vectors.

The real security risk would be to use public addresses for internal systems, and not providing proper protection to these systems (especially if they are Windows based). In this case, leaking DNS information through a VPN is the least of your worries.

Take care,

Stefaan
--
"Technically, Windows is an 'operating system,' which means that it supplies your computer with the basic commands that it needs to suddenly, with no warning whatsoever, stop operating." -Dave Barry

permalink · 2009-04-22 17:53:50 · Print ·

rjs1003

join:2002-12-04
united kingd

Re: How do I prevent DNS leak through VPN?

DNS leaks...
I assume you're talking about where the dns requests go out to the local ISP even though other traffic gets sent via the tunnel (happens with typical MS-PPTP setups for example).
If you're using a VPN to prevent people seeing what you're browsing (eg if you're in a country where you don't want the government to see what you're accessing or you're using the VPN to access sites which the government blocks) then this kind of DNS leak allows a good idea of where you're browsing to... and also allows for a censor to change the address that is returned, leading your PC to who-knows-what-site.
Otherwise, leaking of local addresses is as stefaanE said, much less of an issue. Not information I like to get outside my firewall but not a disaster by itself (though of potential use to hackers trying to exploit any weaknesses your firewall does have)

Bob

permalink · 2009-05-01 08:22:02 · Print ·

your comment..

Forums » Up and Running » Virtual Private Networking	VPN Tunnel » « VPN - no ping


Thursday, 26-Nov 01:54:21	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF