Windows 10 DNS Leak

[RandomlyGenerated 0]

Hello users and staff of AirVPN.

 

I have been using AirVPN for months now and the entire time I have had a dns leak.

 

I currently use dnscrypt, but that did not affect my own openvpn connections or AirVPN connections when I was using Windows 7.

 

I have disabled dnscrypt and switched to normal google dns servers then connected to airvpn or my own servers, still I have dns leaks.

 

I have disabled IPv6, still I have dns leaks.

 

I have disabled multi-honed dns in windows 10, still I have dns leaks.

 

I have even used the option "setenv opt block-outside-dns" in my own openvpn configs.... STILL I HAVE DNS LEAKS.

 

How can I fix dns leaks in windows 10?

[SDBF 22]

Maybe try using Simple DNSCrypt if your using DNS Crypt 0.0.6.    Use both resolvers also.  I don't know if this will fix the leak but it will be more secure than 0.0.6.  And you a lot of ways to customize it to your satisfaction.

[Brainbleach 5]

I'm kinda curious if it's normal to see an IPv4 DNS server AND a IPv6 DNS server when connected to AirVPN and testing using ipleak.net ?  Both DNS servers state they are an AirVPN exit node but I thought IPv6 shouldn't be showing up at all?

[Staff 9971]

I'm kinda curious if it's normal to see an IPv4 DNS server AND a IPv6 DNS server when connected to AirVPN and testing using ipleak.net ?  Both DNS servers state they are an AirVPN exit node but I thought IPv6 shouldn't be showing up at all?

 

Hello!

 

We are working to provide full IPv6 support and IPv6 is already configured in various VPN servers, so in ipleak.net DNS fields you will see both VPN DNS server IPv4 and IPv6 addresses.

 

Kind regards

[Hyphenated 0]

Some ways to solve your DNS leak for Windows 10:

 

Create a firewall rule to block all DNS traffic on port 53 and only allow access to your preferred DNS servers when connected via AirVPN (private).

 

Check your network adapter settings and make sure DNS addresses list the correct addresses for DNSCrypt. If you're using a daemon then it usually points to localhost.

 

Post the leaked DNS details here for further help.

 

For all I know you might have a PAC rewriting rules or the horrible Windows registry bug that requires uninstalling your NIC device to clear the incorrect keys. Maybe a router intercepting DNS queries or a proxy. Could be an alien in your machine like Cortana or your organisation's group policy. Need more info: why do you think there's a DNS leak? What are you using to test? Did you restart your machine or clear cache yet? Have you checked running services like Windows DNS Cache and flushed it?

 

Et cetera

[JeffreyCor 0]

I noticed this as well just now. Connected using Windows 10 x64 with Eddie and Network lock enabled. Checking with ipleak.net under Your IP Addresses - WebRTC detection has my actual IPv6 address and an IANA private for IPv4. Is this a concern or is only the top Your IP addresses of issue?

[pseudotimestretch 2]

depending on your browser, you can disable WebRTC detection

[RandomlyGenerated 0]

Maybe try using Simple DNSCrypt if your using DNS Crypt 0.0.6.    Use both resolvers also.  I don't know if this will fix the leak but it will be more secure than 0.0.6.  And you a lot of ways to customize it to your satisfaction.

Yes I am using the latest SimpleDNSCrypt. I always use the absolute latest software that is available.

 

Some ways to solve your DNS leak for Windows 10: Create a firewall rule to block all DNS traffic on port 53 and only allow access to your preferred DNS servers when connected via AirVPN (private). Check your network adapter settings and make sure DNS addresses list the correct addresses for DNSCrypt. If you're using a daemon then it usually points to localhost. Post the leaked DNS details here for further help. For all I know you might have a PAC rewriting rules or the horrible Windows registry bug that requires uninstalling your NIC device to clear the incorrect keys. Maybe a router intercepting DNS queries or a proxy. Could be an alien in your machine like Cortana or your organisation's group policy. Need more info: why do you think there's a DNS leak? What are you using to test? Did you restart your machine or clear cache yet? Have you checked running services like Windows DNS Cache and flushed it? Et cetera

I am using Windows 10 Enterprise x64

I am using this at home, no organization involved.

I have not tried windows firewall.

My network adapter settings are exactly what they should be.

IPv6 is entirely disabled on my system.

I am not aware of a windows registry bug that requires me to uninstall my NIC's to clear any incorrect keys.

I am using Enterprise version stripped down so I have no Cortana or any such nonsense.  (Note: Using the version that I use or mentioning it being "stripped down" is not my issue, I have had openvpn running on this system without any dns leaks... It just randomly started leaking.)

I know there is a dns leak because every time I connect to openvpn I check my connection on ipleak.net.

Yes I have cleared my DNS cache many times.

 

Any ideas? Any help is appreciated.

[Hyphenated 0]

Have you tested with a different machine or router or using Tor browser? Post your netstat -an and ipleak results highlighting the DNS leak. You may also wish to submit a support ticket if you can't create the Firewall rule (outgoing UDP port 53 to Allowed Remote Computers only), Profile: Private

[RandomlyGenerated 0]

My netstat -an results...

Password: AIR

https://cryptobin.co/d6s3k2h7

 

IPleak.net results...

https://i.imgur.com/uJOg7VV.png

[Guest]

Found an article that explains the problem relating to DNS leaks.

 

https://medium.com/@ValdikSS/beware-of-windows-10-dns-resolver-and-dns-leaks-5bc5bfb4e3f1

 

The best way to protect against this would be to run a virtual firewall (such as pfSense) as a virtual machine, give the Virtual Machine exclusive access to the WiFi/Ethernet then create a virtual switch between Host and Virtual machine. So traffic would flow as follows

 

WiF/Ethernet <-> Virtual Firewall <-> Host Computer.

[Hyphenated 0]

The results indicate you have configured your DNS settings for DNSCrypt DNS Resolvers. In your OVPN file add an entry exactly named block-outside-dns and do an ipleak test. The message explains that you may have a DNS leak if the results show your ISP DNS but it seems your NIC is still pointing at DNSCrypt resolvers instead of AirVPN's DNS. You may need to uninstall the dnscrypt-proxy via CLI.