With ever growing valuable personal data collection by even the biggest tech giants like Google, Facebook, Microsoft, etc., it is imperative to safeguard your internet privacy. ISPs also can record your internet usage details. Thankfully, VPN service costs have come down significantly and so subscribing to a decent service like NordVPN, ExpressVPN, CyberGhost, etc. has become reasonably affordable.

These top VPN companies are rock solid, trustworthy, and provide end-to-end encryption. Your privacy is really secured if you choose a good VPN service. Unfortunately, there is a bigger hidden problem even when you are using a good service. It’s the DNS leak.

No matter which VPN service you are using, if you are using OpenVPN to connect to your VPN service, chances are that your PC is already revealing your actual IP address due to improper network configuration.

What is DNS Leak?

A DNS leak indicates a security flaw that allows DNS requests to be revealed to internet service provider’s DNS servers, notwithstanding the VPN service to attempt to conceal them. In simple terms, it’s as good as not using a VPN service. This is a huge problem and must be addressed immediately if at all one is serious about hiding the identity.

Checking DNS Leak

There is a number of websites that offer free DNS leak check. One of the best-sophisticated ones I recommend is linked below:

DNS Leaktest

With the VPN service connected, go to their webpage. You may see that it says Hello IP address with location info. This is basic info which may give you an impression that everything is OK. In order to make an in-depth test, click on “Extended Test”.

READ  How to upgrade to Ubuntu 18.04 LTS now
Checking for DNS Leak
Checking for DNS Leak
Test Results
Test Results

In a few seconds, you should see a report of the test which shows IP, Hostname, ISP, and Country. If you see your internet service provider name in the ISP section along with Hostname having your IP address, then it’s confirmed that your PC is leaking DNS! For example in my test PC (above screenshot) without the DNS fix, it was completely revealing my ISP and location though it was connected to the NodVPN service via OpenVPN.

Fixing DNS Leak in Ubuntu, Linux Mint, and elementary OS

This guide is tested to be working 100% in Ubuntu 18.04 LTS but should work without any issues in Ubuntu 17.04, and derivatives like Linux Mint, and elementary OS too. Start with disconnecting the VPN and continue with the Part 1 and Part 2 instructions.

Part 1: Installing dnscrypt-proxy

DNS encrypt Proxy is a powerful networking tool that helps in DNS traffic encryption and authentication. It supports DNS-over-HTTPS (DoH) and DNSCrypt. It can force outgoing connections to use TCP. Additionally, it can block malware and other unwanted content. It is compatible with all DNS services.

Step 1) Launch ‘Terminal’. You can use Ctrl+Alt+T keyboard shortcut in Ubuntu.

Step 2) To make sure you don’t have an outdated version of dnscrypt-proxy, run this command:

sudo apt-get purge dnscrypt-proxy

Step 3) Copy and paste the following commands in the terminal and press enter.

sudo add-apt-repository ppa:shevchuk/dnscrypt-proxy && \
sudo apt update && \
sudo apt install dnscrypt-proxy

Step 4) Restart the services using the commands:

sudo systemctl restart NetworkManager
sudo systemctl restart dnscrypt-proxy

Part 2: Configuring resolv.conf

Step 1) Install resolv.conf by entering the command as follows:

sudo apt install resolvconf
sudo resolvconf -i

Step 2) Next step is to make the Network Manager use the default settings for managing the resolv.conf file by editing the conf file. Proceed to copy and paste the below commands into the Terminal to edit the conf file.

sudo nano /etc/NetworkManager/NetworkManager.conf

Step 3) You will see an editor in the Terminal. Carefully, use the arrow keys to navigate to the first line and then copy & paste the following line below the first line that says [main].

READ  How to reset Ubuntu, Linux Mint settings to default without need of reinstalling
Editing NetworkManager Conf
Editing NetworkManager Conf
dns=default

After editing the file it should look something like this:

[main]
dns=default
plugins=ifupdown,keyfile
[ifupdown]
managed=false
[device]
wifi.scan-rand-mac-address=no

Step 4) While in the editor, press CTRL X to exit the editor. Enter ‘Y’ to save and then press enter to overwrite the file.

Step 5) Finally restart the services:

sudo systemctl stop systemd-resolved
sudo systemctl disable systemd-resolved
sudo systemctl restart network-manager
sudo systemctl restart dnscrypt-proxy

Step 6) Close all browsers, connect to your VPN service, and then go DNSleaktest page. If everything went well, you should not see your ISP Name leaked in the new test. For example, my test PC connected to NordVPN server shows QuadraNet ISP which is different from my actual provider (Spectrum).

DNS Leak Test
DNS Leak Test

That’s it! How did the tutorial work for you? Do let us know your feedback in the comments below.

Previous articleHow to refresh the Wi-Fi Networks in Ubuntu
Next articleHow to install OpenVPN to connect to NordVPN in Ubuntu
Hi there! I'm Kiran Kumar, founder of FOSSLinux.com. I'm an avid Linux lover and enjoy hands-on with new promising distros. Currently, I'm using Ubuntu as a daily driver and run several other distros such as Fedora, Solus, Manjaro, Debian, and some new ones on my test PC and virtual machines. I have a day job as an Engineer, and this website is one of my favorite past time activities especially during Winter ;). When I'm not writing for FOSSLinux, I'm seen biking and hiking on scenic trails. Hope you enjoy using this website as much as I do writing for it. Feedback from readers is something that inspires me to do more, and spread Linux love!. If you find a time, drop me an email or feedback from the 'Contact' page. Or simply leave a comment below if you found this article useful. Have a good day!

4
Leave a Reply

avatar
2 Comment threads
2 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
4 Comment authors
IdumeaKiran KumarfilipPepeNotTheFrog Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
PepeNotTheFrog
Guest
PepeNotTheFrog

Nord user for about 2.5 years here. Constantly checking for DNS leaks but I didn’t experience any over the years. Anyone who cannot decide to get a vpn or not – go for it, totally worth the price you pay. This article with some very good providers reviewed might help: https://www.techadvisor.co.uk/test-centre/internet/best-vpn-2018-3657732/.

filip
Guest
filip

I am unable to use internet after this, What Can i do to fix it ?