How to hide your DNS?
Many Internet users want to hide their computer IP for anonymity purposes or avoiding blocks and bans on websites. Usually, owners of the sites well know your or my IP address when we visit them. In theory, this information is confidential, but in practice, nobody prevents hackers and criminals from using it with malicious goals.
What is a DNS server and why should you hide DNS?
DNS (Domain Name System) is a system for retrieving information about a domain. It is often intended for determining (retrieving) the IP address of some resource by its name. DNS transforms the site name that you type (for example google.com) into an IP address that allows the browser to open the page you need. In fact, the site loads the IP address, not the name (URL) of the site which exists only for users’ convenience. It is much more convenient to type “google.com” than “74.125.136.100.” DNS is the mechanism that transforms a human-readable URL into a machine-readable IP.
Many users commit a widespread mistake when they specify their DNS server address in the network settings along with their IP. The computer first addresses the DNS server and only then the site itself. A user can make a mistake by leaving his or her ISP DNS in his settings. If a cyber criminal is able to know the IP, he may easily determine the DNS address as well and thus obtain the user’s location. Therefore, using VPN in order to mask the IP is useless unless the DNS is changed.
Hiding DNS with the help of the VPN client.
The existence of paid VPN services shows that the DNS hiding service is very popular among users. One of the most popular software is Viscosity. Though it is paid, you can use it 30 days for free with limitations. There are both Windows and Mac OS X versions.
Viscosity allows to connect to a VPN service and exchange data with it without revealing your DNS. Installing the program is done in the following way:
First, download the app from here: http://www.sparklabs.com/viscosity/ and install it (it is done by dragging the icon into the “Applications” folder in OS X):
1. Launch the program and open its settings.On the “Connections” tab, click “+” and then “Import Connection”:
2. Select the file that you have obtained from the VPN service after you paid for your account.
3. The connection import is finished, now click “OK.
4. On the “Advanced” tab, check boxes as shown below (note that the box “Receive DNS simultaneously” is unchecked).
5. In the “Settings,” click two times on the name of the file being imported (in OS X, you can do as shown in the screenshot).
Universal DNS.
There are completely free DNS servers, most widespread ones being Google and OpenDNS. They allow you to mask yourself as someone from the US or any other country you wish. These are the steps needed to work with universal DNS in Windows:
1. Open the Settings Panel from the Start menu
2. On the tab “Network connections” or “View network status and tasks” (for Windows 7 and 8), open your current connection (network or Wi-Fi) and click “Properties.”
3. Click twice on the “Internet Protocol Version 4.”
4.Check the box “Use the following DNS server addresses”:
5. In the upper line of each cell, type one by one: 8.8.8.8 (Google’s DNS) or 208.67.222.222 (OpenDNS).
6. In the lower line, type: 8.8.4.4 (Google) or 208.67.220.220 (OpenDNS). You may combine these servers by typing different servers into different lines.
7. Click “OK” and close the window.
To use universal DNS in OS X, do the following:
– Click on the Apple logo in the upper part of the screen.
– Select “System settings.”
– Click on the “Network” icon, then the lock icon.
– Select your current Internet connection (usually Ethernet or Wi-Fi) and click on the “Advanced…” in the bottom-right corner.
– Type all the DNS settings the same way as in Windows.
Changing DNS with the help of “dnsfixsetup” (in Windows)
In Windows, you can do the following to solve the problem:
1. Before you connect to the VPN, set up static IP addresses in your network settings in the case you use DHCP for automatic IP retrieval.
2. After you connect to the VPN, delete the DNS parameters in your network connection settings.
3. After you disconnect from the VPN, change the settings back (i.e. check the boxes in your network connection settings to retrieve IP and DNS automatically).
If you work in Windows, you can use a “dnsfixsetup” program for this purpose. After the installation the program will run three scripts that perform the aforementioned actions automatically:
1. bat – runs upon the connection initialization, but prior to connecting to the VPN (the inner function “pre.vbs” is called). If you have the automatic IP and DNS retrieval in your settings, the program will switch to the manual (static) retrieval.
2. bat – runs upon establishing VPN connection. It calls the “up.vbs” script that removes DNS servers from all active connections (except the TAP32 adapter).
3. bat – runs after disconnecting from the VPN. The “down.vbs” script sets the default settings.
Another manual DNS change method
This solution does not switch the adapter to the static settings when the DHCP is used. In the case when you have not switched to the static IP configuration and your computer updates its IP address upon connecting to the VPN, your DNS settings can be overwritten. It is highly recommended to switch to the static IP configuration.
1. Launch “cmd.exe” by pressing “Win+R” and typing “cmd” into it.
2. Before you connect, enter “netsh interface show interface” into the window that will appear in order to determine the name of the connected network interface. In our case, we use “Local Area Connection.”
3. Connect to the VPN. If you are already connected, proceed to the next step.
4. Clear the DNS resolution cache by typing the command “upconfig /flushdns.”
5. Disable the current DNS settings by the command “netsh interface IPv4 set dnsserver “Local Area Connection” static 0.0.0.0 both.”
6. To check your DNS (whether it has been changed or not), you can open “https://www.dnsleaktest.com/index.html” in your browser. If your country is shown here, repeat all the steps again.
7. After disconnecting from the VPN, re-adjust your adapter according to the previous DNS configuration with the help of the command “netsh interface IPv4 set dnsserver “Local Area Connection” dhcp.“
8. Clear the DNS resolution cache again by the command “ipconfig /flushdns.”
We have changed the DNS server parameters. Now you can be absolutely sure that no one will be able to determine your actual location.
Summary:
1. Restrict the usage of system DNS addresses by VPN clients. If it is impossible, use public DNS addresses firmly tied with the system or special settings.
2. Use Whoer VPN client or Viscosity without these drawbacks.