How to Check and see if your VPN Connection is Secure
VPN’s can be very easy or complex to set up. They may even be so easy that you don’t know if they are running correctly, or even protecting you. Today you are going to be able to test your VPN connection, and see if it’s actually secured. When you turn on a VPN it is very simple, you may just hit connect, it tests the connection, then finally connects. But is it really securing that connection and encrypting it? Is your ISP getting leaked queries? Check and see if your VPN Connection is Secure…
What is the VPN suppose to secure?
A VPN can be quite complex, but I will just be going over a few things your VPN should protect. A VPN consists of an IP address, a DNS, and keeping everything inside their given IP and DNS. This means that when you connect to YouTube.com, the VPN should secure your entire connection, even when using flash. Once connected, you should be assured that flash player queries are not getting leaked a from your real computers IP to identify you. This also applies with Java. When playing games with Java, is your real computer or location identifiable? And on top of keeping these applications secure, the VPN needs to keep all your DNS queries within the VPN’s given DNS. This is where MANY VPN providers fall short. Most VPN providers offer no protection against DNS leaks (except Private Internet Access), and most don’t even mention it. DNS leaks are a huge security flaw. Most if not all of your http:// queries can be leaked to your ISP. The picture below will show you what a DNS leak looks like.
As you can see, a DNS leak can be a huge vulnerability. It doesn’t defeat the purpose of a VPN, but it still tells your ISP what websites you visit. A VPN’s objective is to secure you from your ISP, and keep your traffic hidden. If your service provider is still seeing what websites you visit, it defeats the entire purpose as your ISP is still logging your data.
How can I see if my VPN is working, and securing me?
There are many tools online to check this, but there are not many that do it right. Below I will list some of the best tools to check your VPN configuration with. If you notice any leaks, or that your VPN is not working properly, some solutions will be listed below.
- IP address test – To start, go with a simple IP check. Make sure that the location shown on the map is not your actual home location, and that it’s your VPN providers server.
- Extended IP address test – This test is where it really counts. This checks your Flash, Java, and DNS. Make sure the flash, and java IP’s/DNS’s are not yours leaking and ensure they are the VPN providers. Check the IP’s and put them into a search engine like DuckDuckGo. Many VPN providers point their DNS to Google. Google is located in Mountain View, California. But if the DNS leaks something similar to 127.0.0.1.verizionfios.direct, and you are using Verizion fios, your queries are begin leaked.
- IP test for Bittorrent (old site – Delinked for security reasons) (now dead)- This will test your Bittorrent/P2P IP. Once you hit start, it will download a test .torrent file. Open the .torrent file in your bittorrent client. Once opened, let it connect and download. Once it does, the website should tell you what IP is begin shown to others in a bittorent swarm. It should be showing your VPN’s IP.
- DNS leak check (here is another optional checker)- Probably one of the most important ones aside from the VPN begin connected. Check for possible leaks. Click check, and let it load the IP’s/DNS’s. If any point to your home DNS, or look something like 127.0.0.1.verizionfios, your queries are begin leaked to your ISP. Again, if your don’t notice them, check the IP on DuckDuckGo. If they are right next to your real location, most of the time, queries are begin leaked.
My VPN is leaking, how can I fix this?
If anything is begin leaked, its better to fix it sooner than later. First off, your IP. If your VPN is turned on and your real IP is still begin leaked, check again. Make sure the VPN is turned on, or that the client is installed correctly. If you are using OpenVPN make sure you have the cert. in the right place. Go through the VPN pages FAQ, and make sure you have it on. If its still begin leaked and you are %100 confident its on, contact the support team, or get a refund.
If your Flash or Java is getting leaked, it probably fits in with the DNS leaks. But just for extra security, be sure you are using SSTP/OpenVPN protocol. Its the most secure, and most VPN providers offer it. If not, PPTP, and L2TP protocols are worthless. Even if you are using your VPN on Android, or iOS MAKE SURE they support OpenVPN. There are OpenVPN apps for both. The top 2 providers that offer it are AirVPN, and Private Internet Access.
If your bittorent IP is begin leaked it may have to do with your DNS in part. But if not, make sure you have it set up correctly. Make sure you have your ports set up correctly, and you are using a reliable client. If it continues to leak again, check if the VPN is on. If this persists, it could be a DNS leak, or very poor quality VPN that cannot hold connections (I have had a few that did this in the past).
Lastly, if you have DNS leaks. This is the most common problem, and the fix is simple. Either point your DNS to a free non-logging DNS, or choose what you want to use. I choose to use ones I can personally choose. For one, you can download dnsfixsetup.exe (from DNSLeaktest.com) which will stop DNS leaks for you automatically. But, I choose to use DNSBench which is a manual option. Someone on Reddit recommended:
I prefer using fat pipe providers like level-3 and global crossing since they are not in the metadata business.most will tell you to simply use the default dns offered by your VPN provider at the outlet country you selected.
having the ability to log you is worthless if you are on a shared public ip from your vpn provider, so don’t worry
about that warning message. only worry if your dnsleaktest shows servers with your ISP’s own name on them.
I tested this out, and it worked great! I tested some fast, non-logging DNS’s not run by big corps and they work great. I just have to set my adapter to a new one if I want to change. It is quite simple, and I use this method. If you are using windows, follow my guide HERE. Follow step one, and instead of using “Obtain DNS server address automatically“, put in the DNS that you wanted to use from DNS bench into the use the following address field. Once this is done, wait for your internet to reset itself, and possibly reset the VPN too. Once this is done, go do the tests again. You should not experience any leaks, and should be fully secured. If you continue to find problems talk to the VPN provider.
Overall you need to secure your DNS. To many DNS leaks occur, and your internet provider still blatantly laughs at you. Private Internet Access’s client allows a one click Stop DNS leaks option. If you don’t want to mess around with the settings be sure the test them out at PrivateInternetAccess.com. Check your VPN connection, and make sure you are secured!