Jump to content
Not connected, Your IP: 3.145.88.111
lambrinoul

DNS leak to Amazon Technologies

Recommended Posts

Although ipleak.net shows an AirVPN server, using DNS leak test today (www.dnsleaktest.com)i got this:

 

 

IP: xxx Hostname: ec2-xxx.compute-1.amazonaws.com ISP: Merck and Co. Country: United Statesus.png

I did a whois on the IP and it is   Amazon Technologies Inc.

http://whois.domaintools.com/xxx

 

 

Now, since this is obviously not  my ISP, how is that possible?

Which raises the issue which one of the above dns leak testing sites is accurate?

 

 

p.s. since dns leaking is a concern for many people I wonder why it cannot be dealt more easily/effectively with a client software like other vpn companies do?

 

p.s.2 I made this test several times; ipleak keeps showing AirVPN servers and dnsleaktest keeps showing Amazon Technologies.

Share this post


Link to post

I thought amazonaws.com was some sort of tracking widget. I remember a few months ago seeing it in my DNS Cache when I ran ipconfig /displaydns. But I forget which website I tracked down that used it (when I loaded their page). I suppose many sites use it anyway

 

However, when I go to amazonaws.com today, it resolves to Amazon Web Services and your whois query results are good ole Amazon.

 

The, "ISP: Merck and Co." is strange. That is a Pharmaceutical Company based in New Jersey, US.

 

 

I don't know anything about coding but the AirVPN site "ipleak.net" seems to be using javascript and third party tools from Google and Maxmind?

 

dnsleaktest.com seems to be using some php stuff. I have no idea what that s*** is anyway.

 

Looks like Maxmind has products to help vendors against IP Geolocation and Online Fraud Prevention.

They have a lot of products but here is one of them- http://www.maxmind.com/en/javascript

 

Curious, does dnsleaktest.com only show the Merck (Amazon Technologies) IP Address ?

Share this post


Link to post

Although ipleak.net shows an AirVPN server, using DNS leak test today (www.dnsleaktest.com)i got this:

 

 

IP: xxx Hostname: ec2-xxx.compute-1.amazonaws.com ISP: Merck and Co. Country: United Statesus.png

I did a whois on the IP and it is   Amazon Technologies Inc.

http://whois.domaintools.com/xxx

 

Now, since this is obviously not  my ISP, how is that possible?

Which raises the issue which one of the above dns leak testing sites is accurate?

 

 

p.s. since dns leaking is a concern for many people I wonder why it cannot be dealt more easily/effectively with a client software like other vpn companies do?

 

p.s.2 I made this test several times; ipleak keeps showing AirVPN servers and dnsleaktest keeps showing Amazon Technologies.

 

It may be AirVPN's backup DNS server. See:

 

https://airvpn.org/topic/9934-why-is-amazon-dns-creeping-in/?p=12130

Share this post


Link to post

Thanks NaDre. That's it.  It is great that there is a "failover" system but it makes me wonder (in these strange times we live in) how can one trust a server that is not owned by the company you decide to trust (in this case AirVPN) but rather owned by a giant connected in a strange way to a pharmaceutical company..

Share this post


Link to post

... not owned by the company you decide to trust (in this case AirVPN) but rather owned by a giant connected in a strange way to a pharmaceutical company..

 

Amazon Web Services is a cloud server/virtual private server vendor, owned by Amazon. It started as a way to make use of the technical expertise their staff had developed in operating their own servers, and to leverage their excess infrastructure. A lot of companies and individuals use their services, rather than maintain their own hardware infrastructure. I would guess that AirVPN is just renting a VPS there.  And probably using it just for DNS. And probably nobody has root access but AirVPN.

 

Perhaps Merck is also diversifying? Trying to leverage their existing infrastructure and expertise in a similar way? I had not heard of Merck being an ISP before seeing this thread. But if you google "ISP: Merck and Co." it does seem to be the case.

 

No matter where someone rents a server, real or virtual, or locates their own hardware, there is the possibility of having all traffic monitored. Or the hard disks copied, unless they have their own secure location for the server.

Share this post


Link to post

Hello!

 

One of our DNS servers run there, yes, as failover DNS. It's not a privacy risk, because DNS queries come from the VPN servers.

 

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...