DNS Queries and Their Anonymity

Most people understand how important it is to be anonymous online. If you use VPN — good for you, but your DNS data is leaked anyway. In other words, VPN services are useless when it comes to third parties tracking your DNS related information.

For those who aren’t very tech-savvy, DNS is a system that allows figuring out an IP address by domain name. Roughly speaking, it is intended to make web surfing more user-friendly. It is so much easier to memorize the google.com domain name than a string of numbers it corresponds to. In fact, though, there are two fundamental caveats here:

The connection isn’t encrypted. It means that anyone can replace an IP address with a rogue one by simply intercepting your traffic. Almost all DNS servers maintain logs and don’t even conceal this fact. To comply with the laws, they are obliged to hand over those logs to law enforcement agencies upon official inquiries.

Here is what you need to do to prevent an Internet service provider (ISP) from obtaining your DNS query data:

· Download Simple DNSCrypt app here: https://simplednscrypt.org.

· Install and launch the tool. When its GUI opens up, configure it as appropriate and select the connections that should be encrypted.

· Open the “Resolvers” tab and enable automatic mode. If you are a security professional and need a specific resolver, go ahead and choose it manually.

· Voila — you have taken your security level up a notch. You can now go to whoer.net and see the resolver’s IP address in the DNS field there rather than your actual IP. The Internet service provider doesn’t see anything, doesn’t record any logs, and life is beautiful, supposedly.

Just a small remark — in my experience, the above-mentioned app doesn’t get along with NordVPN for some reason, so you’d better test it with any other VPN tool.

Now I’ll dwell further on the techniques that help you stay anonymous online. Let’s start with Tor.

Tor

It’s a browser based on Mozilla Firefox that delivers a higher level of anonymity. Tor has a domain of its own, .onion, that’s only accessible via the browser itself. All Tor traffic is tunneled through a network of proprietary transit servers.

The pros:

· Open source code

· Reliable encryption

· Unique pseudo domain .onion.

The cons:

· Occasionally high ping resulting in slow page loading

· Traffic may be intercepted if the destination server doesn’t support SSL or TLS encryption.

SOCKS5

This is a network protocol that allows for sending packets from user to server securely via a proxy. In plain words, SOCKS5 is an intermediary between you and the destination server being queried. For instance, it can make your IP address and DNS look as if they were from the U.S., while you are actually surfing the web in, say, Hungary.

The pros:

· It’s cheap

The cons:

· It simply reroutes traffic without encrypting it.

VPN

This is a generic term denoting technologies that allow for establishing one or several network connections (logical network) on top of another network.

When you use this type of a service, you connect to a VPN server and work under this server’s IP. The connection between you and the server is encrypted so that ISPs don’t keep track of your activity online. With double VPN, things get a bit more interesting than that. Your provider will see you connect to one server while you are actually browsing under the IP address of another server. Obviously, double VPN is more effective.

The pros:

· Traffic is encrypted

· The more people use the same server the better

· Double VPN means double anonymity.

The cons:

· Some users find these tools expensive

· Some VPN providers keep record of logistics-related data.

SSH tunnel

Essentially, it’s the same as SOCKS5, except that it additionally performs traffic encryption, which is an important feature. When you use it, the all-seeing providers won’t be able to monitor your online activity because it encrypts your traffic, period.

By the way, SSH tunnel will hardly affect your ping.

The pros:

Encryption, of course.

The cons:

More expensive than SOCKS5

Might be harder to use and cause more software compatibility issues than SOCKS5.

DNS Queries and Their Anonymity was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.