VPN Leaks 101: What are they, how to find them, and how to fix them
So you did your research on Mr. VPN and decided to part with a few dollars a month in order to protect your private information and up your security. After signing up and downloading the software you dusted off your hands and sat back in relief knowing that your information is now secure.
Not so fast.
Just because you have a VPN doesn't mean you are fully protected. You've got to take extra steps to make sure it's doing its job. Having leaks in your VPN, whether it is an IP or DNS leak, can make your information just as unsecure as if you had no VPN at all.
Why IP and DNS leaks matter
An IP (Internet Protocol) address is given to all devices connected to the internet. Each home has a public IP address, and inside each home network specific devices are given their own private IP address. IP addresses come in either the older IPv4 format or the newer IPv6 format. These addresses are normally bought in bulk by internet service providers (ISP) and can easily reveal your service provider and city of residence. With additional snooping it's not difficult to determine your exact address.
Because computers prefer to use numbers over letters and words, whenever you type in a URL the address you type needs to get translated into something the computer can understand: a numerical IP address. In order to do this, your request is sent to a dynamic name system (DNS).
How leaks happen
Ideally, when you use a VPN, this translation is sent through an encrypted tunnel and handled by your VPN provider instead of your ISP. If a website, or the police, wants to determine which DNS handled the request they should get your VPN's DNS. And if your VPN doesn't log these translation requests (aka DNS queries) then your privacy is protected and no one can find out who or where you are.
If, however, you have a leak then your VPN may have mistakenly sent your translation request to your ISP's DNS. If this is the case then you're most likely out of luck. As mentioned before, IP addresses give up your exact location and you can be easily found by any third party: whether that's the police or someone up to no good.
Additionally, if you're trying to bypass geo-restricted content like Hulu, Netflix, and some videos on YouTube then a leak will betray your location and still leave you unable to access the content.
Finding the leak
Luckily, determining if you have a leak is easy enough. There are a slew of free websites that will check your IP address and DNS server information.
For IP addresses you can simply search in Google ‘what's my IP address', or go to any number of websites like WhatIsMyIP.com, IPLocation.net, and WhatIsMyAddress.com to check for free. These sites will show you your current public facing IP address, and the information associated with them. If you recognize the information it gives back, like your city or ISP, then you have a leak.
Finding a DNS leak works in the same manner; you can use DNSLeak.com or DNSLeakTest.com to find a leak. DNSLeak.com has the added feature of a color coded system to let you know if you have a leak by testing if they can track your IP through the DNS requests. Again, if these return results that lead back to your city or ISP then you've got a leak my friend.
Plugging the leak
After finding a leak you may be tempted to drop your current VPN altogether for a different one. But you do have other solutions before you resort to changing your VPN- which can be an issue if you still have several months left on your subscription.
First, you can choose to use separate software specifically aimed at preventing leaks. PCMag recommends Guavi's VPNCheck Pro which is $19.92 or you can set up a firewall to block non-VPN traffic (like AVG Internet security).
Another option is to change your router preferences. This is a little more complicated because you have access your router's settings, but step-by-step instructions for this can be easily found online. This would allow you to only use certain DNS servers like Google's or Norton ConnectSafe among others. There are many services available, some free and some not. Taking this step ensures that all traffic is routed through the DNS server of your choice- although at the expense of giving your browsing information to another company.
Finally, you can also change your browser or browser settings. Using Incognito mode in Chrome, or the equivalent in other browsers will do the trick, as well as using the famous Tor browser which bounces your traffic off of multiple locations around the world. The latter option makes for a slower but ultimately secure internet connection. There are also various browser extensions available to spoof your location.
Regardless of which VPN service you use, if you're concerned about privacy and security then take the time to check for leaks.
Sites like WhatIsMyIP.com, IPLocation.net, and DNSLeak.com are quick and easy to use and will reliably indicate if you have a leak. If you find there is a leak then you can change your VPN provider, buy a third party leak fixer, use extensions or settings in your browser of choice, or set up a firewall.
If you've taken the time- and given the money- to get a VPN then you owe it to yourself to ensure that it's actually encrypting your data properly.