Nowadays, bridge of data privacy is one of the hottest topics and while privacy is what we all has been promised we are aware that we are being watched if not by officials at least by our pets :)
Issue
Whenever you turn on your phone or computer or any other device which is connected to the internet you are exposing your personal data to the word which it consists of good and bad people among them therefore the issue is how to minimize the number of open doors to our lives.
Virtual private network - Wikipedia
A virtual private network ( VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across a VPN may therefore benefit from the functionality, security, and management of the private network.
The first solution is VPN which in a nutshell is something like this
As is has been mentioned this schema is in a nutshell, if we want to see one layer deeper it will be something like this
You can think of DNS as the phone-book or contact app which will translate the website name to its number which is called IP address.
Domain Name System - Wikipedia
The Internet maintains two principal namespaces, the domain name hierarchy and the Internet Protocol (IP) address spaces. The Domain Name System maintains the domain name hierarchy and provides translation services between it and the address spaces. Internet name servers and a communication protocol implement the Domain Name System.
As it can be seen whenever you want to visit a website your browser must ask a DNS server to gather the IP address of that website and only then it can try to connect to that website.
The issue is if you are not careful about setting the DNS address you can end up using a VPN connection while your internet provider is aware of all your activities which this phenomenon is called DNS Leak, in another word not even you are exposed but you are paying for nothing if your VPN service is premium.
Behind the scene most of the VPN providers are taking care of the DNS Overriding for you which is simply to set your DNS IP addresses to theirs.
Anyhow even if the VPN providers claim that they are taking care of the DNS Overriding or not the question is how can you tell ?
Solution
Linux & Mac
Prerequisite:
sudo apt-get install curl
#!/bin/sh
dns1=$(nslookup -q=A whoami.akamai.net | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")
dns2=$(nslookup -q=A resolver.dnscrypt.org | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")
dns3=$(nslookup -q=A whoami.ultradns.net | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")
curl http://ipinfo.io/$dns1/country
curl http://ipinfo.io/$dns2/country
curl http://ipinfo.io/$dns3/country
Windows
Apologizes for windows users, the solution below will work for you as well but if you are system administrator and you need a native solution for windows leave your request in comment section here
Prerequisite:
Install Windows Subsystem for Linux (WSL) on on Windows 10
Installation instructions for the Windows Subsystem for Linux on Windows 10.
then in the Ubuntu emulator
sudo apt-get install curl
#!/bin/sh
dns1=$(nslookup -q=A whoami.akamai.net | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")
dns2=$(nslookup -q=A resolver.dnscrypt.org | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")
dns3=$(nslookup -q=A whoami.ultradns.net | grep "Address" |grep -v "#" |grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}")
curl http://ipinfo.io/$dns1/country
curl http://ipinfo.io/$dns2/country
curl http://ipinfo.io/$dns3/country
In the result below you can see an instance of the DNS leak
My actual origin is TR(Turkey) so if there will be TR in the list you can be sure that your origin country is resolving your requests therefore you are not completely anonymous.
And below you can see a non-leaked DNS configuration
it means that your DNS requests are being resolved as you have configured them, so you can feel one more step closer to the anonymity on the internet which means 99 steps still to go :)