A virtual private network (VPN) like Perfect Privacy is used to encrypt all Internet traffic and protect the privacy of the user. But be careful: If the VPN connection has a leak, your privacy is in danger. But how can you detect and prevent VPN leaks?
What is a VPN leak?
When using a VPN you appear on the Internet with an IP address of the VPN provider. This means that neither the Internet service provider (ISP) nor website operators can use the IP address to draw conclusions about the user. If you use a VPN to protect your privacy or to bypass geo-blocking, you want to route all your Internet traffic through the VPN – without exception. As soon as data packets accidentally bypass the VPN in their way to the Internet, this is called a “VPN leak”. A VPN leak reveals the real IP address or other metadata of a user despite VPN use, although a functioning VPN is supposed to prevent exactly that.
By visiting our Check-IP page without VPN, you can find out your real IP addresses (IPv4 and IPv6). When using Perfect Privacy VPN, only Perfect Privacy IP addresses should be displayed instead.
What types of VPN leaks are there?
Dropped or interrupted connection
The VPN of a user can “leak” in different ways. The most common leak is caused by a dropped or interrupted VPN connection This happens when the connection to the VPN server is terminated and the Internet traffic is then automatically routed unencrypted through the normal Internet. For this case Perfect Privacy has developed a kill switch with firewall rules to ensure that all access to the Internet is blocked without an existing VPN connection. This leak protection is activated by default when Perfect Privacy is first installed and can be conveniently set to three different security levels in the VPN app under “Firewall”.
In addition to this type of VPN leak, there are more complicated scenarios:
The Domain Name Service (DNS) is responsible for converting domain names into IP addresses. If a user wants to access a website, the computer or smartphone must first send a request to a DNS server, which responds with the corresponding IP address.
A DNS leak occurs when a VPN tunnel is established but the computer bypassed the VPN when sending DNS requests. This is often the case when the router in your home network provides a name server and your operating system uses it – usually configured automatically.
With a DNS leak, the actual data traffic is obscured, but since the DNS queries are sent directly to the Internet, it is still possible to see which websites you are visiting. Thus you should make sure that all DNS queries are routed exclusively through the encrypted VPN tunnel.
With the Perfect Privacy app you can ensure that you always use a secure DNS server after establishing encrypted connection. The VPN app from Perfect Privacy also offers three different security levels, which can be set according to your wishes. On our DNS leak test page you can find out whether your VPN is working properly and also protects against VPN leaks via DNS.
If you are using audio and video chat or browser based P2P file sharing, your browser typically use a technology called WebRTC. All modern browsers such as Chrome or Firefox support this technology by now. Unfortunately, WebRTC has a feature that allows you to find out your public IP address despite VPN access, even if your computer is behind a NAT router (Network Address Translation). A hacker could use a WebRTC attack on any website to get your IP address and bypass your privacy.
If you are using a (mostly cheap) VPN provider that is vulnerable to this vulnerability, you will see two public IP addresses on our WebRTC leak test: The one assigned by your Internet Service Provider (ISP) and the one assigned by the VPN server.
You can protect yourself against a WebRTC leak by setting firewall rules that deny sending WebRTC traffic outside the VPN tunnel. Perfect Privacy’s VPN app automatically sets these firewall rules to protect your privacy in the best possible way. By using the app, you will only see the IP address of the Perfect Privacy VPN server in the WebRTC test.