The dangers of public DNS servers

Many users now know the benefits of making use of a Virtual Private Network but fail to understand the dangers of public DNS servers. In fact if you’ve heard of a VPN then you are likely someone who understands that from a privacy point of view either at home or when using public wi-fi systems the benefits outweigh any negatives.

In recent years due to the public knowledge of government activities and the heightened awareness of what unscrupulous hackers are capable plus the added concern about what kind of information companies and your ISP are storing the uptake of VPN usage has exploded. Now we see even the average everyday Joe making use of one. As time progresses the signs are that VPN use will increase not only in countries with repressive internet regimes but also within countries that are considered high on freedom of speech.

One area many don’t consider is DNS Servers. For those of you who have never heard of these or do not understand what exactly they are then understanding the dangers to your privacy they could bring can be a difficult task. A DNS server or Domain Name Server is in a nutshell what allows you to type an easy to remember website address such as Facebook.com in to your browser and it have the ability to find it. Computers work by numbers and each website is accessible directly by an IP address. For example Facebook can be accessed directly by typing the address Facebook.com in to your web browser but can also be accessed by typing the IP address directly in to your browser, ie; 173.252.110.27. Try it, you may be surprised.

Remembering a handful of website addresses you use regularly is rather easy, especially if they use common words or brand names. Trying to remember the IP addresses of each website would be a nightmare for a human but is actually what is easier for a computer and how they work in most regards. It would be practically impossible to remember many IP addresses of websites you regularly visit, let alone new ones you’ve never been to before. How fun would it be to sail past a billboard advertisement of something that interested you only to have to remember a string of numbers to access their website?

This is where DNS Servers come in to play, they basically look up the IP address of the website that you typed. You type Facebook.com and the DNS server looks up where that is located to find 173.252.110.27.

In most cases when you connect to your home internet connection your ISP will have their own DNS servers which do this work for you, unless you’ve manually changed them which is unlikely if you’re reading this article. The problem with using your ISP DNS servers when you’re concerned about your privacy and security is that by making use of your ISP DNS servers they can and will in a lot of cases log the websites that you visit. So regardless of if you are connected to a VPN or not if you are still accessing via the DNS servers of your ISP or other public networks such as Google you have a good chance of having your website history logged.

As you can tell this is counter-intuitive and in a way goes against the purpose of using a VPN in the first place. Why protect your privacy via VPN if you expose yourself via the DNS servers?

Recently a move by a handful of VPN service providers has lead to the introduction of private DNS servers run by the VPN provider themselves. One of the first was Proxy.sh who introduced their own private DNS servers back in September 2013.

Other providers have recently taken similar steps with VyprVPN & VPN.ac both introducing their own. How this benefits you as a customer is not only is it more secure but you are no longer relying on your ISP, Google or another third party to offer you DNS services thus removing the increased chances of your website visiting history being surreptitiously recorded. LiquidVPN is one of the latest providers to follow suit and is rolling out their own private DNS servers across the network. While providers such as VyprVPN and Proxy.sh offer the ability to set custom DNS servers within their custom desktop applications others such as LiquidVPN and VPN.ac run a system where you are automatically making use of their DNS services when connected unless manually edited via your desktop network settings.

VyprVPN DNS Settings

VyprVPN DNS Settings

When making use of a VPN service but your ISP or Google DNS servers this is known as DNS Leaking because even though you’re accessing through a secure connection such as your VPN service, your DNS server can be leaking your website visiting activity. If you’re concerned about checking what DNS servers are currently being used while you’re connected you can do a DNS Leak Test.

An interesting infographic recently released by VyprVPN at the same time as their own private DNS servers explains in an easy to understand manner the dangers of DNS leaks.

VyprVPN DNS Infographic

Leave a Reply

Your email address will not be published. Required fields are marked *