VPN leaks can undermine the main purpose of using a VPN – to keep users anonymous and safe from monitoring and digital snooping practices.
Some users have reported that their IP address is being leaked even with their VPN service is actively running. Such a security flaw involves the system you are using and it has nothing to do with NSA spying practices. In this article we’ll take a closer look at VPN leaks and how to prevent them.
How VPN leaks occur
The job of a VPN service is to keep your connections encrypted and as private as possible. But in some cases, even with the VPN actively running on your computer, leaks can still reveal your real IP address.
Web-based plugins can oftentimes leak IP addresses. Take for instance if you are browsing through a website that requires Java or Flash player, the website will see that you are using your VPN IP address. Unfortunately, the Flash or Java plugin can still leak your actual IP address.
We have also reported earlier this year that major VPN services were leaking users’ IP addresses through the WebRTC communication protocol. This browser vulnerability is easy to fix by using the appropriate browser extension like WebRTC Leak Prevent for Chrome.
Unfortunately, not all VPNs support the WebRTC browser extensions. Users have expressed disappointments with the Chrome extension plugin for not working as advertised. If you are using a VPN that does not recognize the browser extension then, sad to say, your system isn’t totally protected against WebRTC OpenVPN leaks.
Port fail leaks also made headlines late in 2015 for affecting various VPN service providers. The port fail vulnerability was exposed by Perfect Privacy explaining that VPNs that use port forwarding are allowing attackers to carry out a click bait scheme to be able to redirect traffic to a port that they can control.
The infamous Heartbleed vulnerability also was able to leak vital information both from the users and the service provider. The bug was found in the OpenSSL standard which allowed attackers to steal protected information under normal conditions.
The worst type of VPN leak is the one that you have no control over or access to. Regardless of whether you are using a VPN or not, you are still going to connect to a DNS provider. And when your DNS provider fails, then your real IP address can be read by the websites you are visiting and even your ISP.
VPN leaks could also occur due to technical issues being experienced by VPN providers. Recently, Juniper had just released new security patches to fix a buggy code that allowed hackers to spy on the company’s encrypted VPN traffic. And in 2015 it was also reported that Hola, the free VPN service, was intentionally reselling user information to a proxy network, Luminati.
We can’t stress enough the importance of scrutinizing a VPN service before subscribing to it. You’ll need to read everything about the VPN you are interested in and make sure that you are really using a stable, reliable and an honest VPN service.
How to check for DNS leaks
Most users are confident that their VPNs are running perfectly, which is why DNS leaks are often overlooked. But how do you know if your VPN is leaking your personal data? Here are useful tips to check whether your VPN is actually working and not leaking your IP address:
- Before you start your VPN, please go ahead and check your IP address using our tool. Take note of your current IP and then start running your VPN service.
- Clear your browser cache and then go back to the website or tool we provided to check your IP address again. Right now your IP address should be different already. Use another browser to make sure that your IP address has actually changed.
- Check what IP address is being displayed online via the WebRTC test page. The public IP should match your VPN IP address. Otherwise, your VPN may be leaking your actual IP address to websites, ISPs and other kinds of data sniffers.
How to stop DNS leaks
In order to prevent DNS leaks from occurring, you need to make use of a reliable DNS server that will protect your data from security vulnerabilities. Your default DNS servers are assigned by your ISP but you really don’t have to use these DNS servers.
Ideally, you should be using popular third-party DNS providers like OpenDNS, Comodo Secure DNS, Google Public DNS, Norton ConnectSafe DNS and Level3 DNS. Third-party DNS servers usually offer better speeds, phishing protection features and will even help you access geo-blocked websites without the use of a VPN service.
But of course using a VPN is highly recommended to make sure that your connections are secure and private. Not all VPN services offer a DNS leak protection feature though. If you want to keep your VPN connections DNS-leak free, make sure to only subscribe to a VPN service that offers a special feature to stop DNS leaks from ever occurring.
Users can get maximum security even when their VPN service fails if they are protected with a kill-switch security feature. Kill-switch works by automatically terminating processes or shutting down specific applications when your VPN disconnects. A VPN kill-switch technology is a critical part of a VPN service in defeating any types of leaks.
Not all VPN providers deploy an effective kill-switch technology on their networks though. We highly recommend that you subscribe to a VPN service with a reputation of offering a reliable automatic kill-switch feature to ensure that you stay secured online. To know more about the VPN kill-switch technology, please go ahead and read a previous article that runs down how it works.
Based off of our experience, we would recommend using HideMyAss, TorGuard or Private Internet Access as these VPNs go the extra mile and take all the necessary measures to ensure that users’ privacy and security are never compromised.
Get rid of VPN leaks by patching the necessary security flaws in your system. Use the right VPN service that comes with a DNS Leak Protection feature to ensure that your IP address and your personal data are secure, encrypted and leak-free.