Question VPN DNS Filtering

Please provide comments and solutions that are helpful to the author of this topic.

brambedkar59

brambedkar59

Level 32
Verified
Top Poster
Well-known
Apr 16, 2017
2,100
n8chavez said:
Oh, I have run that test as well as the ones listed below. They all came back no leak.
Click to expand...
Seems stupid but have you tried clearing browser cache, flushing both browser & system DNS cache and reinstalling Mullvad.
Also might be a good time time to contact Mullvad support lol.
 
  • Like
Reactions: n8chavez
n8chavez

n8chavez

Level 19
Thread author
Well-known
Feb 26, 2021
949
brambedkar59 said:
Seems stupid but have you tried clearing browser cache, flushing both browser & system DNS cache and reinstalling Mullvad.
Also might be a good time time to contact Mullvad support lol.
Click to expand...

I run browser inside sandboxie. There's never any cache left behind. I've also flushed the DNS, and am awaiting Mullvad support.
 
  • Like
Reactions: brambedkar59
F

ForgottenSeer 103564

n8chavez said:
I run browser inside sandboxie. There's never any cache left behind. I've also flushed the DNS, and am awaiting Mullvad support.
Click to expand...
It is apparent your not using 3rd party dns with your vpn but actually using mullvads dns filter solution, so doubt it is a leak issue. It more than likely means their filter is not that great just like most of them, have yet to see any block 100% of things on the net. Although when one chooses to use a tool as such, they expect it to block most.

I use a vpn on both phone and computer but run standard dns, as i do not surf on my phone and have ublock on the computer. As you noticed, ublock hardened will block most crud, and i do not go to domains of subjects i prefer to not view. If this is to provide a family environment, i would suggest looking into a dns filter subscription of some sort for the network.

Wish i could have been more help on this subject, but as you stated in your OP, you can search high n dry for solutions to this and its bare bones on the answers.
 
  • Like
Reactions: n8chavez
H

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,141
n8chavez said:
Both. uBo is hard mode black all 3rd party requests by default. I allow the ones I need.
Click to expand...

From what I read on the net uBO in hard mode is not a replacement of DNS filtering otherwise there'll be no DNS filters around

uBO filters at your machine so it's fatser than DNS filtering which occurs at a remote server. And this extends to every browser extension based ad blockers

One good reason to keep uBO is its cosmetic filtering. The other is from a privacy point of view a browser extension might be better: filtering happens at your machine instead of a remote sever.

Anyway it's not a bad idea to keep both as they complement each other since none can filter everything on the net even with your own uBO filters.
 
  • Like
Reactions: brambedkar59 and n8chavez
n8chavez

n8chavez

Level 19
Thread author
Well-known
Feb 26, 2021
949
Ultimate Vision said:
It is apparent your not using 3rd party dns with your vpn but actually using mullvads dns filter solution, so doubt it is a leak issue. It more than likely means their filter is not that great just like most of them, have yet to see any block 100% of things on the net. Although when one chooses to use a tool as such, they expect it to block most.

I use a vpn on both phone and computer but run standard dns, as i do not surf on my phone and have ublock on the computer. As you noticed, ublock hardened will block most crud, and i do not go to domains of subjects i prefer to not view. If this is to provide a family environment, i would suggest looking into a dns filter subscription of some sort for the network.

Wish i could have been more help on this subject, but as you stated in your OP, you can search high n dry for solutions to this and its bare bones on the answers.
Click to expand...

Right. The interesting this is, I've used multiple VPNs with DNS filtering and none of them seem to work. Well, they might work just not well. My guess is, since there's no customization or gui, they are using as few lists as possible hoping nothing breaks. Fine in theory, but this renders the filtering function useless.
 
  • Like
Reactions: ForgottenSeer 103564
n8chavez

n8chavez

Level 19
Thread author
Well-known
Feb 26, 2021
949
HarborFront said:
From what I read on the net uBO in hard mode is not a replacement of DNS filtering otherwise there'll be no DNS filters around

uBO filters at your machine so it's fatser than DNS filtering which occurs at a remote server. And this extends to every browser extension based ad blockers

One good reason to keep uBO is its cosmetic filtering. The other is from a privacy point of view a browser extension might be better: filtering happens at your machine instead of a remote sever.

Anyway it's not a bad idea to keep both as they complement each other since none can filter everything on the net even with your own uBO filters.
Click to expand...

DNS filtering was never going to be a replacement for uBo. It can't even do cosmetic filtering. But my issue is whether or not DNS filtering provided by VPS actually works well enough to not use NextDNS, ControlD, or AdGuard Home. Sadly, it does not.
 
H

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,141
n8chavez said:
DNS filtering was never going to be a replacement for uBo. It can't even do cosmetic filtering. But my issue is whether or not DNS filtering provided by VPS actually works well enough to not use NextDNS, ControlD, or AdGuard Home. Sadly, it does not.
Click to expand...

So far I use Mullvad VPN with NextDNS. I have stopped using uBO for some time because i have Adguard for desktop in Windows. For my mobile I do not use uBO becuse it's difficult to block sites. Adguard extension is more user friendly

In short, I have stopped using uBO
 
n8chavez

n8chavez

Level 19
Thread author
Well-known
Feb 26, 2021
949
HarborFront said:
So far I use Mullvad VPN with NextDNS. I have stopped using uBO for some time because i have Adguard for desktop in Windows. For my mobile I do not use uBO becuse it's difficult to block sites. Adguard extension is more user friendly

In short, I have stopped using uBO
Click to expand...

I just recently tried AdGuard for Windows. But I'm not going to use it anymore because it significantly reduces my connection speeds. That's a well-know bug that have been around for years but they've never fixed it.

OT, I know. But back on topic, I guess I'll be using ControlD instead of Mullvad's DNS filtering unless Mullvad responds by saying it's a known bug.
 
  • Like
Reactions: brambedkar59
F

FALLEN

Level 3
Verified
Feb 13, 2015
121
n8chavez said:
But how do you know it's actually filtering anything? There's no webgui, or stats to indicated allows vs blocks. So how do we know how effective it is?

Thoughts?
Click to expand...
mullvad.net

How we’re knocking down ads and tracking

We have added a feature to our iOS app, that removes another; DNS with ad and/or tracker blocking. Just a swipe away. But first, let’s dig deeper into how we’ve set up this feature.
mullvad.net mullvad.net

If you are able to ping well-known ad domains, it means not being blocked. 🤔 I tested it with my VPN provider (not mullvad) with default DNS and adblock DNS.

The results
Untitled.png
 
n8chavez

n8chavez

Level 19
Thread author
Well-known
Feb 26, 2021
949
So, it seems there is no issue with VPN DNS filtering. It does what it is supposed to do. But perhaps there's an issue with Firefox's proxy connection settings. Maybe. When a socks5 proxy is configured, as in the screenshot below, and the option to proxy DNS to the server above is enable filtering within the browser does not work. If that proxy DNS option is not checked everything works like I expect. Why this I don't know. I guess I just assumed the proxy DNS option bound all DNS queries to the proxy server. Either this is not the case, or there is a bug in that feature.

But I am unable to ping addresses I know should be blocked when I'm connected to the VPN's DNS. That tells me the issue is with the browser and not the service.

2023-09-18_15h04_15.png
 

Similar threads

Gandalf_The_Grey
    • +Reputation
    • Wow
    • Like
Security News Android bug can leak DNS traffic with VPN kill switch enabled
Replies
0
Views
1,236
Security News
Gandalf_The_Grey
Gandalf_The_Grey
jetman
    • Like
    • Thanks
Question Is there any independent testing of DNS providers?
Replies
5
Views
1,724
VPN and DNS
rashmi
rashmi
SohanRay
    • Like
Advice Request Using 3rd party DNS with VPN doesn't let me Stream Content
Replies
12
Views
959
VPN and DNS
SohanRay
SohanRay

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top