Using a VPN (virtual private network) will, to a large extent, protect your data and privacy on the Internet – but not if it suffers a VPN leak. What’s a VPN leak, you say, and what causes it? I’ll answer those questions in this post and also tell you how to check if your VPN is leaking, and how to protect yourself.

What Are VPN Leaks?

It’s when your IP address or traffic leak out of the encrypted VPN tunnel. It doesn’t take a rocket scientist to realize why that is a problem. Not only will your ISP see what you do online, but advertisers and websites will be able to track your digital footprints with your real IP address. Also, you won’t be able to bypass geo-restrictions anymore, because if a website knows your real IP address, they’ll know what country you are from.

So What Exactly Makes Your VPN Leak?

It’s not just one leak. There are actually quite a lot of VPN leaks that can ruin your fun. Here’s a quick but in-depth overview of all of them:

1. IP Leaks

IP leaks occur when your IP leaks out of the VPN tunnel. They come in two types:

  • IPv4 leaks – This happens if there are miscommunication errors between your device and the VPN server, the VPN server is poorly configured, or your ISP or operating system have trouble communicating with the VPN server.

  • IPv6 leaks – This kind of leak happens if the VPN doesn’t support IPv6 traffic. Not a lot of VPN providers do, and your IPv6 address will leak outside the VPN tunnel because of that.

2. DNS Leaks

These leaks happen when your VPN doesn’t route your DNS queries (website connection requests) through their own DNS server. Instead, they go through your ISP’s DNS server, meaning they can see what websites you browse. Here’s why DNS leaks usually occur:

  • Your network has configuration issues (basically, it uses the wrong DNS addresses).

  • Your VPN doesn’t have a DNS server (huge red flag).

  • Someone hacked into your router.

  • Your ISP uses a transparent DNS proxy.

  • The VPN suffers an IPv6 leak (which, in turn, causes a DNS leak).

  • Operating system features get in the way on Windows (specifically Teredo and smart multi-homed name resolution).

Related Post:  How to layout and design an infographic in R

3. WebRTC Leaks

WebRTC is an open-source project that allows web browsers to support video calling, voice calling, and P2P sharing features. WebRTC is also a huge issue for VPNs since it can cause IP leaks. Why? Because WebRTC functionality can actually bypass the VPN tunnel. Since most web browsers enable WebRTC by default, this VPN leak happens a lot.

4. Traffic Leaks

This is when your entire Internet traffic leaks out the VPN tunnel. A traffic leak takes place when your VPN connection goes down – even if it’s only for a few seconds. That can happen if you use a resource-intensive protocol, if the VPN server is very far from you, or if the VPN client crashes. While the connection is down, your traffic is no longer encrypted. And anyone can spy on it.

How Do You Know If Your VPN Is Leaking?

It’s not exactly possible to tell when you’re dealing with a VPN leak. There are no signs or alerts that notify you about it. How to check if your VPN is leaking then? Simple – just follow that link. It’ll take you to ProPrivacy’s VPN leak test tool. It’s very easy to use, takes a few seconds or minutes at most to check your connection, and will let you know if your VPN has any:

  • IPv4 leaks;

  • IPv6 leaks;

  • DNS leaks;

  • WebRTC leaks.

It can’t check for traffic leaks, yes, but it doesn’t need to. If your VPN doesn’t have a Kill Switch, you will experience a traffic leak when your connection goes down.

VPN leak test tool
VPN leak test tool

How to Fix VPN Leaks

Here are some quick tips that should help you prevent any kind of VPN leak:

IPv6 Leak Fixes

If your VPN doesn’t support or block IPv6 traffic, and you have an IPv6 address, you’ll need to disable it. Doing that is pretty simple, though. Use this guide to learn how to do it in Ubuntu.

DNS Leak Fixes

  • Disable IPv6 like we mentioned above.

  • If you’re a Windows user, you’ll need to disable the problematic features. Here’s how to get rid of Teredo, and here’s how to disable smart multi-homed name resolution. Also, consider using this patch for OpenVPN too.

  • Try changing your DNS settings to either Google Public DNS (8.8.8.8 and 8.8.4.4) or OpenDNS (208.67.222.222 and 208.67.220.220). Alternatively, see if your VPN provider can offer you the address of their DNS server.

  • Change your router’s default login credentials to make it harder for hackers to break into it.

  • If the VPN can’t bypass your ISP’s transparent proxy, use OpenVPN, find and edit the server’s .ovpn or .conf file with a text editor and add this line: block-outside-dns.

Related Post:  How to install Ubuntu 11.04 on a btrfs file system

WebRTC Leak Fixes

  • Disable WebRTC on your browser. Here’s a helpful guide.

  • Use your VPN provider’s extension if it blocks WebRTC, or use WebRTC Leak Prevent on Opera and Chrome.

  • Use uBlock Origin – an open-source script blocker that prevents WebRTC leaks.

Traffic Leak Fixes

The only way you can prevent a traffic leak is if you use a VPN that has a Kill Switch. That’s a feature that will shut off your web access if the VPN connection goes down. It will only turn it back on when the VPN tunnel is up and running.

The Bottom Line

VPN leaks can make using a VPN completely pointless since your data and IP address are no longer hidden on the web. That’s why you should use a VPN leak test tool regularly to make sure there are no problems. Also, it’s a good idea to use a secure VPN that offers WebRTC, DNS, and IP leak protection, and which also has a Kill Switch. NordVPN and ExpressVPN are excellent options.

Share:

Share on facebook
Facebook
Share on twitter
Twitter
Share on pinterest
Pinterest
Share on linkedin
LinkedIn

Hola! Did you notice that LinuxBSDos.com no longer runs network ads?  Yep, no more ads from the usual suspects that track you across the Internet.  But since  I still need to pay to keep the site running, feel free to make a small donation by PayPal.

Subscribe for updates. Trust me, no spam!

Mailchimp Signup Form

Sponsored links

1. Attend Algorithm Conference, a top AI and ML event for 2020.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.

5 Responses

  1. Jealous or complaining? Mint provides for both methods. If you don’t like the command line, don’t use it but don’t troll it…you just demonstrate your ignorance.

    1. I am very new to linux,Mint 17.1 Mate but I learned to read the whole post, article, page before I randomly just cut/paste.
      It was a very helpful tip i read in Linux forum or one of the manyLinux question forums. Being totally new to all Unix/Linux types of operating systems and desktops , I had typical anxiety over the terminal /command line process but also excited about being able to make so many changes there; I did not even look for the existing GUI in the Menu for a few months or with the package or software Manager gui.
      I am glad I did. Still do not know how to spontaneously generate folder moves or create directories- much of anything really, but I have gotten over my fear or resistance to this terminal method and learning more every time I use one of the few computers i own which i took off windows7 and made total linux, no more dual boot on them now.

  2. I find it funny that you gave directions on how to do everything from the terminal before you gave the super easy super quick directions through the update manager. Still super helpful though. Thanks!

    1. It is funny & I have noticed that the vast majority of long term Linux users tend to think that it is somehow more clever to type stupid unecessary commands just like back in the late 1970’s early 80’s

      1. You do realize that not all Linux distributions use Cinnamon or even a graphical interface at all. So learning to do it through the command line is usable on all Debian based Linux distros.

Leave a Reply

Your email address will not be published. Required fields are marked *

Get the latest

On social media
Via my newsletter
Mailchimp Signup Form

Partner links

1. Attend Algorithm Conference, a top AI and ML event for 2021.
2. Reasons to use control panel for your server.
3. DHgate Computers Electronics, Cell Phones & more.
Hacking, pentesting distributions

Linux Distributions for Hacking

Experts use these Linux distributions for hacking, digital forensics, and pentesting.

Categories
Archives

The authors of these books are confirmed to speak during

Algorithm Conference

T-minus AI

Author was the first chairperson of AI for the U.S. Air Force.

The case for killer robots

Author is the Director of the Center for Natural and Artificial Intelligence.

Why greatness cannot be planned

Author works on AI safety as a Senior Research Scientist at Uber AI Labs.

Anastasia Marchenkova

An invitation from Anastasia Marchenkova

Hya, after stints as a quantum researcher at Georgia Tech Quantum Optics & Quantum Telecom Lab, and the University of Maryland Joint Quantum Institute, I’m now working on superconducting qubit quantum processors at Bleximo. I’ll be speaking during Algorithm Conference in Austin, Texas, July 16 – 18, 2020. Meet me there and let’s chat about progress and hype in quantum computing.