According to Microsoft, Windows 10 is the most secure OS in history. However, there are dozens of security holes in it, including DNS Leaks. Even when you browse the web using a Virtual Private Network, the DNS requests won’t only go through the VPN, but also through the local network interface and your current ISP. This feature is supposed to optimize online performance, but in reality, it creates significant issues.
With it on, your ISP and any third parties “joining in” on the local network will get access to your unique DNS requests. That will allow them to monitor the websites you visit and even track those requests. Also, many Win 10 users claim that this feature slows down the Internet connection. Note: even the best VPN for Windows won’t be able to protect you from any unwanted leaks on Win 10 unless it offers Smart DNS Servers.
What is DNS and DNS Leak?
Now that we’ve learned what a DNS Leak is, let’s see how you can install a VPN on Win 10. First of all, you’ll need to get some info from the VPN provider:
1 – Once you pick a subscription plan and pay for it, request the VPN server name/address.
2 – Next, choose a VPN protocol. There are quite a few to choose from. Generally, stay away from PPTP, as it’s not very secure. OpenVPN (the most popular one) and IKEv2 (the most secure one) should be your top picks.
3 – Use the username-password combo to access one of the available servers.
If you’re required to go with a specific name, ask for it from your provider. If not, then use whatever name you want to. One final thing: sometimes, you might need to enter the proxy settings manually. Those include the port number and IP address (again, your VPN provider will have those).
Windows 10 Smart Multi-Homed Name Resolution Issue
To put it simply, the DNS translates so-called domain names (like Google.com, for example) into IP addresses that consist of numbers. It’s usually the ISP that takes it upon itself to do the translation. However, when you use a VPN, all DNS requests are routed through an encrypted “tunnel” and fed into the VPN service’s DNS servers (instead of those owned by the ISP).
If you’re using Win 7, you have nothing to worry about. Sadly, people who use Win 8 and higher (up to Win 10) have to deal with Microsoft’s trademark SMHNR (Smart Multi-Home Name Resolution) feature. On Win 8, DNS leaks are highly possible; yet, it is very hard for the hackers to get access to the DNS requests.
Security-wise, Windows 10 is the worst choice, as it automatically picks DNS requests that respond quicker than the rest. This is important: even if your VPN comes with DNS Leak Protection, it won’t be able to adequately protect your device and system in Win 10 (that’s not an issue with Win 8). Again, this is a serious matter, and since the release in 2015, people have been complaining about DNS leaks.
How to fix DNS Leaks on Windows?
Luckily for us as users, there are specific steps that we can take to protect ourselves from the hackers. Let’s go ahead and take a look at the available options:
1 – Disabling The SMHNR Feature. It can be done with the help of the LGPE – Local Group Policy Editor (not available in the Home Edition):
- Open the Start menu and paste “Gpedit.msc” in the search bar
- Double-click on “Gpedit.msc” to open the Editor
- In the Computer Configuration menu, go Administrative Templates – Network – DNS Client and hit “Enabled” right next to “Turn off Smart Multi-Home Name Resolution.”
Fact: even after you successfully turn off the feature, whenever the first server fails to respond, the OS will still send requests to every other server available. Here are some working solutions:
2 – Using ValdikSS’s OpenVPN Plugin. It’s compatible with most Win versions and works well with the majority of OpenVPN clients.
3 – Using An Independent (And Trusted) VPN Server. Industry-leading VPN providers like ExpressVPN come packed with Smart DNS servers that eliminate any chance of third parties getting access to your data or monitoring your activity. But, you shouldn’t rely on a VPN and always take matters into your own hands. What you should do is change the TCP/IP settings, and hand-pick trusted DNS servers (by entering their IP addresses).
Google Open DNS is a great alternative for VPN-owned Smart Servers. It is third-party, open, secure, and won’t cost you a penny. Here’s how you can do switch to it in Win 10:
- Go to the Control Panel
- Hit “Network And Internet” and select “Network And Sharing Center.”
- See the “Change Adapter Settings” option on the left? Click on it
- Select “Properties” after you right-click on your current network
- Find IPV4 (Internet Protocol Version 4), and, again, select “Properties” by clicking on it
- Finally, click on ‘Use the following DNS server addresses.”
- To switch to Google Open DNS servers, enter “220.127.116.11.” and “18.104.22.168.” in Preferred DNS Server and Alternate DNS Server. From now on, you can rest assured that your device (or, rather, your network) will be protected 24/7.
As you can see, DNS Leaks in Windows 10 can cause a lot of trouble. Thankfully, with the help of this guide, you can make sure there are absolutely no leaks, and no third party can ever get access to personal data. The instructions in this post might look a bit “intimidating” at first, but all you’ll have to do is follow them closely – that’s it. And, consider using the best VPNs with Smart DNS Servers, as mentioned in the beginning.