WIndows 10 VPN DNS leak

Discussion in 'Windows 10' started by Gharlane00, Dec 13, 2015.

  1. Gharlane00

    Gharlane00 MDL Addicted

    Aug 26, 2009
    836
    296
    30
  2. CHEF-KOCH

    CHEF-KOCH MDL Expert

    Jan 7, 2008
    1,192
    1,185
    60
    #22 CHEF-KOCH, Dec 17, 2015
    Last edited: Dec 17, 2015
    Ensure you cleared all cookies. It's not possible that it not works, since it's exactly the same patch so something is wrong on your site. To bypass dnsleaktest page which is mentioned on OP you don't even need a VPN, because random agent spoofer can generate random ip's via spoofing which works still well even in latest FF 43 release. If you talking about ipleak page then you must ensure you not allowed it with e.g. uBlock/uMatrix (in NoScript/FF javascript enabled). After it removed cache/cookies you can re-enable e.g. uBlock (noop rule) and it still shows the fake ip. I tested it and it work 100%.

    My friend no one care about internal IP we talked about external IP's which will be then visible to other pages if the data stream isn't protected. So yes this is an issue and a problem. Especially if he have the source and destination he or an attacker can act like a MITM which would allow to see everything or minimum capture it (and decrypt it later).

    This is not true, NSA did this, it took a lot of effort but it's possible. Attacks like APEX and others directly duplicated the stream and then it will be decrypted, if there are known holes or compromised certificates. There are also a lot of other possibilities to get the content.
     
  3. wmn

    wmn MDL Junior Member

    Feb 24, 2010
    64
    43
    0
    #24 wmn, Dec 17, 2015
    Last edited: Dec 17, 2015
    If you install your own DNS server, then there will be no DNS Leak.

    On Windows server, install the service.

    On Windows 7-8-10, then use one like BIND

    www . isc.org/downloads/bind/

    www . zytrax.com/books/dns/ch5/win2k.html
     
  4. cheekymonkey

    cheekymonkey MDL Novice

    Aug 4, 2015
    9
    0
    0
    This command is also effective against leaks as well

    netsh interface teredo set state disabled
     
  5. Gharlane00

    Gharlane00 MDL Addicted

    Aug 26, 2009
    836
    296
    30
    I got the fix from the dll link in that thread originally. The thread has not been updated in 8 weeks but the explanation of the implementation of the fix in 2.3.9 seems to say that it has to be called by the VPN server. If that is the case and my server has not upgraded their end yet, it would explain why it did not work for me. Running the plugin from my end works without issues so I will continue doing that until I read otherwise.
     
  6. Puremin0rez

    Puremin0rez MDL Senior Member

    Nov 24, 2010
    267
    161
    10
    Great plugin. Didn't realize I was leaking DNS requests for the past few months. Uh oh.

    I guess Google DNS now knows a little more about my private browsing. ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...