How to Make Sure Your Connection Isn’t Leaking: WebRTC, DNS, IPv6 Leaks3 min read
When we want online anonymity and protection, we resort to VPNs, but most of them make your connection only somewhat secure, sometimes leaking critical data and giving you away. Is your connection really protected? Read on to learn how to check that and patch if necessary.
There are several ways your connection can be leaking and revealing your identity even when using a VPN. Below we’ll cover the key ones.
DNS is a system that translates domain names into IP addresses. The translation requests are usually processed on ISP’s DNS servers, but if you use a VPN, DNS requests are routed to respective VPN provider’s servers.
For most operational systems, there are no risks of any DNS leaks ever occurring, but a technique employed in newer Windows systems, although designed to improve network performance, makes VPN users prone to exposing their identities. This is because Windows sends DNS requests in parallel, using all available channels, including those outside the VPN tunnel, and chooses the fastest.
A good VPN service for Windows should have a build-in DNS leak prevention mechanism. To check whether or not it is effective, turn it on and go to https://ipleak.net
Read the DNS Address line. If your ISP’s location is not listed, it means your connection doesn’t leak your DNS requests. Generally, a DNS leak exposes your ISP’s IP address, not yours, but that can easily be traced back to you, and it can also be used by interested parties to collect your browsing history.
WebRTC is an open-source project that provides browsers with APIs that allow direct P2P communication inside a web-page, eliminating the need for installing additional plugins or programs. A useful tool, no doubt, as it is called to improve browser-to-browser communication, but there is a shortcoming. And it’s of no small importance.
The good news is that, one way or another, WebRTC can be disabled in all browsers. Some, like Chrome, require a third-party plugin, and some, like Firefox and Opera, have a respective toggle in a privacy settings menu (type “about:config” in the URL bar).
You can check if your connection exhibits WebRTC leak using the aforementioned https://ipleak.net. After you disable WebRTC support, there should be no server listed in the section shown in the picture.
IPv6 is the newer version of Internet Protocol called to mitigate IPv4 exhaustion problem. Since IPv6 is a future-proof standard, its present use is scarce, and sites that use it almost always allow IPv4 connections too. Leaks are possible if your ISP uses IPv6. To check if your connection leaks your IPv6 address, you can use https://ipleak.net. Check the IPv6 field. If it doesn’t show any numbers, then your connection is not leaking.
IPv4 offers 4,294,967,296 addresses. IPv6 offers 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. Click To Tweet
These leaks are not to be taken light-heartedly. Although not universal, they are rather dangerous. Each of them, with reasonably small determination, can be used to reveal your identity. Did you know about these? Comment below and share your experience!