Home
Forums
New posts
Search forums
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Home
Forums
CARDING & HACKING
Beginners Questions
How to avoid DNS and webRCT leaks when working with Android phones.
Message
<blockquote data-quote="Vity" data-source="post: 217" data-attributes="member: 9"><p><h3>What is a DNS leak and how to fix it</h3><p></p><p><img src="https://telegra.ph/file/272bbe645c67460807fec.png" alt="272bbe645c67460807fec.png" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p></p><p>When connecting to a VPN server in some operating systems (for example, Windows), requests do not always pass through the DNS server of the VPN connection. In this case, some sites may find out that your IP address and DNS servers are located in different countries, and your anonymity may be compromised.</p><p></p><h4>What is a DNS server?</h4><p>The main purpose of DNS servers is to translate domain names of sites into IP addresses that these domains are assigned to. In simple words, by entering the domain in the browser Google.com, The DNS server looks at which IP address this domain is assigned to, and the site page loads via IP addresses.</p><p></p><p>Below is an example of defining DNS servers on a site Whoer.net.</p><p></p><p><img src="https://thesafety.us/images/setup/dns-leak-bug.png" alt="dns-leak-bug.png" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p></p><p>DNS leak - displays the real DNS server of the Internet Service Provider</p><p></p><p>The example shows that we connected to a VPN and hid our IP address (the IP belongs to the UK), but the DNS server gives us our real location (USA).</p><p>In this case, the problem lies in the principle of operation of the Windows DNS service. When connecting to a VPN, by default, the request is sent to the DNS of the VPN server. Then the Windows DNS service waits for 2 seconds, and if no response is received, it sends a request to the next DNS server in the Windows OS list. Just the following DNS servers belong to your Internet Service Provider, but they have a lower priority than the DNS of the VPN server.</p><p>The DNS of the VPN server may not be able to respond to the request in time due to the geographical distance of the VPN server from you, while the DNS server of your provider is located in your city. This may also be affected by the quality of signal transmission from your Internet Service Provider to the VPN server.</p><p>Solution: force using the DNS server we need. In this case, we will clearly indicate to the operating system that you need to use only the specified DNS servers, and then the DNS servers of your real provider will not appear in the Windows DNS service list.</p><p>How to hide your DNS in Windows</p><p>How to hide your DNS on Mac OS X</p><p>How to hide your DNS in Ubuntu (Linux)</p><p>How to hide your DNS in server Linux</p><p>Our Secure Kit VPN client is able to protect against DNS leak automatically. Learn more about the Secure Kit.</p><p></p><h4>How to hide your real DNS in Windows</h4><p>Follow these steps on any version of Windows.</p><p></p><p>Right-click on the Windows network connection and then select Properties.</p><p></p><p>Specify the Google or OpenDNS public DNS servers.</p><p>Google DNS:</p><p>- 8.8.8.8</p><p>- 8.8.4.4</p><p></p><p>OpenDNS:</p><p>- 208.67.222.222</p><p>- 208.67.220.220</p><p></p><p>These DNS servers are most often defined as the United States. In this case, no site will issue your real DNS.</p><p>For complete anonymity, we recommend using our DNS servers. The "My Account" section lists DNS servers for each VPN destination. And even in this case, your DNS server will always match your IP address (by country).</p><p></p><p>After completing these steps, your real DNS server in Windows will be hidden.</p><p></p><p><img src="https://thesafety.us/images/setup/dns-leak-bug-ok.png" alt="dns-leak-bug-ok.png" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p></p><p>Real DNS is hidden and DNS leak is eliminated</p><p></p><h4>How to hide your real DNS on Mac OS X</h4><p>To force DNS installation on any version of Mac OS X, follow these steps::</p><p></p><p>In the next window, click on the lock icon at the bottom to allow editing the settings. You will need to enter your Mac OS X account password.</p><p></p><p>Select the connection that you are using to get the Internet. This is usually either a Wi-Fi connection or an Ethernet connection. And then click on the "Advanced" button.</p><p></p><p>Enter the Google or OpenDNS public DNS servers.</p><p>Google DNS:</p><p>- 8.8.8.8</p><p>- 8.8.4.4</p><p></p><p>OpenDNS:</p><p>- 208.67.222.222</p><p>- 208.67.220.220</p><p></p><p>These DNS servers are most often defined as the United States. In this case, no site will issue your real DNS.</p><p>For complete anonymity, we recommend using our DNS servers. In your account, in the "Subscriptions" section - > "DNS" tab, DNS servers recommended for use with our VPN servers will appear. Each VPN destination will have its own DNS server specified. And even in this case, your DNS server will always match your IP address (by country).</p><p></p><p>After completing these steps, your real DNS server on Mac OS X will be hidden.</p><p></p><p><img src="https://thesafety.us/images/setup/dns-leak-bug-ok.png" alt="dns-leak-bug-ok.png" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p></p><p>Real DNS is hidden and DNS leak is eliminated</p><p></p><h4>How to hide your real DNS on Ubuntu</h4><p>To resolve a DNS leak in the Linux-based Ubuntu operating system, open the Connections section.</p><p></p><p>Select your Internet connection and click Edit.</p><p></p><p>Choose:</p><ol> <li data-xf-list-type="ol">The IPv4 Settings tab</li> <li data-xf-list-type="ol">Automatically (DHCP, address only)</li> <li data-xf-list-type="ol">Specify the DNS server. For example, you can use public DNS servers from Google or OpenDNS</li> </ol><p></p><p>Google DNS:</p><p>- 8.8.8.8</p><p>- 8.8.4.4</p><p></p><p>OpenDNS:</p><p>- 208.67.222.222</p><p>- 208.67.220.220</p><p></p><p>On Linux, you must restart your network settings for the changes to take effect.</p><p>Click on Network Management.</p><p></p><p>The Connection terminated message appears.</p><p></p><p>Then click on Network Management again to enable the connection.</p><p></p><p>After these actions, your real DNS server will be hidden.</p><p></p><p><img src="https://thesafety.us/images/setup/dns-leak-bug-ok.png" alt="dns-leak-bug-ok.png" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p></p><p>Real DNS is hidden and DNS leak is eliminated</p><p></p><h4>How to hide your real DNS on server Linux</h4><p>Follow these steps only if you consider yourself an <strong>experienced Linux user</strong>. We warn you that making changes manually is dangerous if you have little knowledge of Linux administration. Please note: We do not accept any responsibility for the consequences.</p><p>Log in to the server as root (or as a regular user, but you must have privileges to execute commands under sudo).</p><p>Enter the following command. You may need to enter your OS account password. For editing, use the nano text editor. If you don't have it installed, then make changes with another editor or install nano.</p><p>sudo nano /etc/resolv.conf</p><p></p><p>Edit the resolv. conf file to resolve the DNS leak on Linux</p><ol> <li data-xf-list-type="ol">If you have resolvconf installed, then this file will contain a message that after the OS is restarted, all changes in this file will be lost and the settings will return to default to 127.0.1.1.Since we are changing the DNS server temporarily, this is fine with us.</li> <li data-xf-list-type="ol">Write down the default DNS server specified in this file. Then change the DNS server. For example, you can take a DNS server from Google or OpenDNS.</li> </ol><p></p><p>Google DNS:</p><p>- 8.8.8.8</p><p>- 8.8.4.4</p><p></p><p>OpenDNS:</p><p>- 208.67.222.222</p><p>- 208.67.220.220</p><p></p><p><img src="https://thesafety.us/images/setup/dns-leak-linux-2.png" alt="dns-leak-linux-2.png" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p></p><p>Specify the DNS server to resolve the DNS leak on Linux</p><p></p><p>To save it in the nano editor, click:</p><ol> <li data-xf-list-type="ol">Ctrl+X to exit the editor</li> <li data-xf-list-type="ol">use the Y key to save changes to the file</li> <li data-xf-list-type="ol">press Enter to confirm saving to the same file</li> </ol><p></p><p>For the changes to take effect, you must restart the network interface.</p><ul> <li data-xf-list-type="ul">for Debian and Ubuntu, enter the command:</li> </ul><p>sudo /etc/init.d/networking restart</p><p></p><ul> <li data-xf-list-type="ul">for CentOS and Red Hat Linux, enter the command:</li> </ul><p>sudo /etc/init.d/network restart</p><p></p><p>The network interface will restart and the DNS leak will be resolved.</p><p>Restart your computer to restore the original DNS server.</p><p></p><p><img src="https://thesafety.us/images/setup/dns-leak-bug-ok.png" alt="dns-leak-bug-ok.png" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p></p><p>Real DNS is hidden and DNS leak is eliminated</p><p></p><h3>Checking and protecting against WebRTC leaks</h3><p></p><p>Let's give a brief overview of the automated service and perform WebRTC leak testing on it.</p><p></p><p><a href="http://ipleak.org/" target="_blank"><strong>ipleak.org</strong></a></p><p></p><p>Local IP 010.3.15.129</p><p></p><p>It attempts to determine the local IP address via the WebRTC STUN source header, which can be used to check for a local IP address leak by your browser and the VPN service.</p><p></p><p><img src="https://telegra.ph/file/d21c4cec3bcc6b228a7be.png" alt="d21c4cec3bcc6b228a7be.png" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p></p><h4>What is WebRTC?</h4><p>In a nutshell, Web Real-Time Communication or WebRTC is a protocol that allows real-time audio-visual and P2P communication between two or more browsers.</p><p></p><p>The main goal was to improve the functionality of VoIP and browser-based video conferencing.</p><p></p><p>Later, the project was opened on the initiative of Google, and then implemented by various other companies, including Mozilla in its Firefox browser.</p><p></p><p>Now WebRTC is used by Facebook, Youtube, Google Hangouts, OpenTok and many others.</p><p></p><p>You can read more even more, since there is plenty of information on the web.</p><p></p><h4>What is a WebRTC leak?</h4><p>A WebRTC leak is a type of vulnerability in web browsers that exposes your local IP address via the WebRTC stun source header.</p><p></p><p>The STUN protocol is necessary for smooth operation of WebRTC.</p><p></p><p>If you don't notice, it's pretty easy to add JavaScript code to a web page and get a local IP address, even if you're using a VPN.</p></blockquote><p></p>
[QUOTE="Vity, post: 217, member: 9"] [HEADING=2]What is a DNS leak and how to fix it[/HEADING] [IMG alt="272bbe645c67460807fec.png"]https://telegra.ph/file/272bbe645c67460807fec.png[/IMG] When connecting to a VPN server in some operating systems (for example, Windows), requests do not always pass through the DNS server of the VPN connection. In this case, some sites may find out that your IP address and DNS servers are located in different countries, and your anonymity may be compromised. [HEADING=3]What is a DNS server?[/HEADING] The main purpose of DNS servers is to translate domain names of sites into IP addresses that these domains are assigned to. In simple words, by entering the domain in the browser Google.com, The DNS server looks at which IP address this domain is assigned to, and the site page loads via IP addresses. Below is an example of defining DNS servers on a site Whoer.net. [IMG alt="dns-leak-bug.png"]https://thesafety.us/images/setup/dns-leak-bug.png[/IMG] DNS leak - displays the real DNS server of the Internet Service Provider The example shows that we connected to a VPN and hid our IP address (the IP belongs to the UK), but the DNS server gives us our real location (USA). In this case, the problem lies in the principle of operation of the Windows DNS service. When connecting to a VPN, by default, the request is sent to the DNS of the VPN server. Then the Windows DNS service waits for 2 seconds, and if no response is received, it sends a request to the next DNS server in the Windows OS list. Just the following DNS servers belong to your Internet Service Provider, but they have a lower priority than the DNS of the VPN server. The DNS of the VPN server may not be able to respond to the request in time due to the geographical distance of the VPN server from you, while the DNS server of your provider is located in your city. This may also be affected by the quality of signal transmission from your Internet Service Provider to the VPN server. Solution: force using the DNS server we need. In this case, we will clearly indicate to the operating system that you need to use only the specified DNS servers, and then the DNS servers of your real provider will not appear in the Windows DNS service list. How to hide your DNS in Windows How to hide your DNS on Mac OS X How to hide your DNS in Ubuntu (Linux) How to hide your DNS in server Linux Our Secure Kit VPN client is able to protect against DNS leak automatically. Learn more about the Secure Kit. [HEADING=3]How to hide your real DNS in Windows[/HEADING] Follow these steps on any version of Windows. Right-click on the Windows network connection and then select Properties. Specify the Google or OpenDNS public DNS servers. Google DNS: - 8.8.8.8 - 8.8.4.4 OpenDNS: - 208.67.222.222 - 208.67.220.220 These DNS servers are most often defined as the United States. In this case, no site will issue your real DNS. For complete anonymity, we recommend using our DNS servers. The "My Account" section lists DNS servers for each VPN destination. And even in this case, your DNS server will always match your IP address (by country). After completing these steps, your real DNS server in Windows will be hidden. [IMG alt="dns-leak-bug-ok.png"]https://thesafety.us/images/setup/dns-leak-bug-ok.png[/IMG] Real DNS is hidden and DNS leak is eliminated [HEADING=3]How to hide your real DNS on Mac OS X[/HEADING] To force DNS installation on any version of Mac OS X, follow these steps:: In the next window, click on the lock icon at the bottom to allow editing the settings. You will need to enter your Mac OS X account password. Select the connection that you are using to get the Internet. This is usually either a Wi-Fi connection or an Ethernet connection. And then click on the "Advanced" button. Enter the Google or OpenDNS public DNS servers. Google DNS: - 8.8.8.8 - 8.8.4.4 OpenDNS: - 208.67.222.222 - 208.67.220.220 These DNS servers are most often defined as the United States. In this case, no site will issue your real DNS. For complete anonymity, we recommend using our DNS servers. In your account, in the "Subscriptions" section - > "DNS" tab, DNS servers recommended for use with our VPN servers will appear. Each VPN destination will have its own DNS server specified. And even in this case, your DNS server will always match your IP address (by country). After completing these steps, your real DNS server on Mac OS X will be hidden. [IMG alt="dns-leak-bug-ok.png"]https://thesafety.us/images/setup/dns-leak-bug-ok.png[/IMG] Real DNS is hidden and DNS leak is eliminated [HEADING=3]How to hide your real DNS on Ubuntu[/HEADING] To resolve a DNS leak in the Linux-based Ubuntu operating system, open the Connections section. Select your Internet connection and click Edit. Choose: [LIST=1] [*]The IPv4 Settings tab [*]Automatically (DHCP, address only) [*]Specify the DNS server. For example, you can use public DNS servers from Google or OpenDNS [/LIST] Google DNS: - 8.8.8.8 - 8.8.4.4 OpenDNS: - 208.67.222.222 - 208.67.220.220 On Linux, you must restart your network settings for the changes to take effect. Click on Network Management. The Connection terminated message appears. Then click on Network Management again to enable the connection. After these actions, your real DNS server will be hidden. [IMG alt="dns-leak-bug-ok.png"]https://thesafety.us/images/setup/dns-leak-bug-ok.png[/IMG] Real DNS is hidden and DNS leak is eliminated [HEADING=3]How to hide your real DNS on server Linux[/HEADING] Follow these steps only if you consider yourself an [B]experienced Linux user[/B]. We warn you that making changes manually is dangerous if you have little knowledge of Linux administration. Please note: We do not accept any responsibility for the consequences. Log in to the server as root (or as a regular user, but you must have privileges to execute commands under sudo). Enter the following command. You may need to enter your OS account password. For editing, use the nano text editor. If you don't have it installed, then make changes with another editor or install nano. sudo nano /etc/resolv.conf Edit the resolv. conf file to resolve the DNS leak on Linux [LIST=1] [*]If you have resolvconf installed, then this file will contain a message that after the OS is restarted, all changes in this file will be lost and the settings will return to default to 127.0.1.1.Since we are changing the DNS server temporarily, this is fine with us. [*]Write down the default DNS server specified in this file. Then change the DNS server. For example, you can take a DNS server from Google or OpenDNS. [/LIST] Google DNS: - 8.8.8.8 - 8.8.4.4 OpenDNS: - 208.67.222.222 - 208.67.220.220 [IMG alt="dns-leak-linux-2.png"]https://thesafety.us/images/setup/dns-leak-linux-2.png[/IMG] Specify the DNS server to resolve the DNS leak on Linux To save it in the nano editor, click: [LIST=1] [*]Ctrl+X to exit the editor [*]use the Y key to save changes to the file [*]press Enter to confirm saving to the same file [/LIST] For the changes to take effect, you must restart the network interface. [LIST] [*]for Debian and Ubuntu, enter the command: [/LIST] sudo /etc/init.d/networking restart [LIST] [*]for CentOS and Red Hat Linux, enter the command: [/LIST] sudo /etc/init.d/network restart The network interface will restart and the DNS leak will be resolved. Restart your computer to restore the original DNS server. [IMG alt="dns-leak-bug-ok.png"]https://thesafety.us/images/setup/dns-leak-bug-ok.png[/IMG] Real DNS is hidden and DNS leak is eliminated [HEADING=2]Checking and protecting against WebRTC leaks[/HEADING] Let's give a brief overview of the automated service and perform WebRTC leak testing on it. [URL='http://ipleak.org/'][B]ipleak.org[/B][/URL] Local IP 010.3.15.129 It attempts to determine the local IP address via the WebRTC STUN source header, which can be used to check for a local IP address leak by your browser and the VPN service. [IMG alt="d21c4cec3bcc6b228a7be.png"]https://telegra.ph/file/d21c4cec3bcc6b228a7be.png[/IMG] [HEADING=3]What is WebRTC?[/HEADING] In a nutshell, Web Real-Time Communication or WebRTC is a protocol that allows real-time audio-visual and P2P communication between two or more browsers. The main goal was to improve the functionality of VoIP and browser-based video conferencing. Later, the project was opened on the initiative of Google, and then implemented by various other companies, including Mozilla in its Firefox browser. Now WebRTC is used by Facebook, Youtube, Google Hangouts, OpenTok and many others. You can read more even more, since there is plenty of information on the web. [HEADING=3]What is a WebRTC leak?[/HEADING] A WebRTC leak is a type of vulnerability in web browsers that exposes your local IP address via the WebRTC stun source header. The STUN protocol is necessary for smooth operation of WebRTC. If you don't notice, it's pretty easy to add JavaScript code to a web page and get a local IP address, even if you're using a VPN. [/QUOTE]
Name
Verification
Post reply
Home
Forums
CARDING & HACKING
Beginners Questions
How to avoid DNS and webRCT leaks when working with Android phones.
Top