DNS leak test

Your IP: start test
Dns leak test generates 10 nslookup requests to the bash.ws DNS server

What is a DNS leak?

To answer this question you should understand what happens when you open any website in your Internet browser.

There is only digits in the machines world. And the website addresses are not an exception from this rule. The browser can connect to website only using IP address (consist of 4 digits). But we usually know websites by names (domain names), not by IPs. Yes, we can enter IP in the address bar of the Internet Browser, but we don't do so. It's inconvenient. IP of the website can be changed at any time and the website can have multiple IPs at once. The DNS (Domain Name System) is used to get rid of all this hell and to answer the question: what IP address has the website. We should know only one IP (DNS server IP). And DNS server is able to answer the question what IP has the website.

The operating system (Windows, Linux, MacOs, iOS, ...) usually knows several DNS servers. These servers are preinstalled by ISP in general. Here might be a problem.

When your PC (or other device) is connected to VPN then the DNS servers are changed to VPN DNS (if it is a serious VPN). Some VPNs can leave your DNS servers without changes at all, so you will use ISP DNS servers. Or VPN could change DNS servers but not the whole DNS servers (some servers can stay unchanged). Why ISP DNS servers are dangerouse? Because ISP can watch you even if you are connected to VPN. ISP will know what websites you visit.

How does DNS leak test work?

When you click on start test button the bash.ws generates faked subdomain names like lala.blabla.bash.ws (to avoid DNS caching mechanism). Your browser will try to load nonexistent images from these subdomains (lala.blabla.bash.ws/some-image.png). And as a result the browser will try to detect IPs of faked subdomains. The DNS servers from your system will be used to do this work. bash.ws can catch all these DNS requests and is able to detect what IP has sent the DNS request. The bash.ws will show you all the IPs which has been sending the DNS requests. If the IP is not trusted (it owns by ISP or another untrusted company) you may be in trouble and the test will warn you.

Does DNS leak test support OpenVPN?

Yes. This test supports any kind of VPN connection (IKEv1, IKEv2, L2TP, IPsec, PPTP). This is a system test. It doesn't depend on VPN at all.

Does DNS leak test support Windows?

Yes. You can use it on all versions of Windows, MacOS, iOS, Android or Linux. This test doesn't depend on operating system. All you need is the Internet browser.

How can I check DNS leak in terminal (Linux)?

You should use the script available here https://github.com/macvk/dnsleaktest

How can I integrate the DNS leak test to my WordPress website?

Please use the plugin available here https://github.com/macvk/vpn-leaks-test

Share URL