Question VPN DNS Filtering

Please provide comments and solutions that are helpful to the author of this topic.

brambedkar59

Level 29
Verified
Top Poster
Well-known
Apr 16, 2017
1,882
Oh, I have run that test as well as the ones listed below. They all came back no leak.
Seems stupid but have you tried clearing browser cache, flushing both browser & system DNS cache and reinstalling Mullvad.
Also might be a good time time to contact Mullvad support lol.
 
  • Like
Reactions: n8chavez

n8chavez

Level 17
Thread author
Well-known
Feb 26, 2021
842
Seems stupid but have you tried clearing browser cache, flushing both browser & system DNS cache and reinstalling Mullvad.
Also might be a good time time to contact Mullvad support lol.

I run browser inside sandboxie. There's never any cache left behind. I've also flushed the DNS, and am awaiting Mullvad support.
 
  • Like
Reactions: brambedkar59
F

ForgottenSeer 103564

I run browser inside sandboxie. There's never any cache left behind. I've also flushed the DNS, and am awaiting Mullvad support.
It is apparent your not using 3rd party dns with your vpn but actually using mullvads dns filter solution, so doubt it is a leak issue. It more than likely means their filter is not that great just like most of them, have yet to see any block 100% of things on the net. Although when one chooses to use a tool as such, they expect it to block most.

I use a vpn on both phone and computer but run standard dns, as i do not surf on my phone and have ublock on the computer. As you noticed, ublock hardened will block most crud, and i do not go to domains of subjects i prefer to not view. If this is to provide a family environment, i would suggest looking into a dns filter subscription of some sort for the network.

Wish i could have been more help on this subject, but as you stated in your OP, you can search high n dry for solutions to this and its bare bones on the answers.
 
  • Like
Reactions: n8chavez

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,040
Both. uBo is hard mode black all 3rd party requests by default. I allow the ones I need.

From what I read on the net uBO in hard mode is not a replacement of DNS filtering otherwise there'll be no DNS filters around

uBO filters at your machine so it's fatser than DNS filtering which occurs at a remote server. And this extends to every browser extension based ad blockers

One good reason to keep uBO is its cosmetic filtering. The other is from a privacy point of view a browser extension might be better: filtering happens at your machine instead of a remote sever.

Anyway it's not a bad idea to keep both as they complement each other since none can filter everything on the net even with your own uBO filters.
 

n8chavez

Level 17
Thread author
Well-known
Feb 26, 2021
842
It is apparent your not using 3rd party dns with your vpn but actually using mullvads dns filter solution, so doubt it is a leak issue. It more than likely means their filter is not that great just like most of them, have yet to see any block 100% of things on the net. Although when one chooses to use a tool as such, they expect it to block most.

I use a vpn on both phone and computer but run standard dns, as i do not surf on my phone and have ublock on the computer. As you noticed, ublock hardened will block most crud, and i do not go to domains of subjects i prefer to not view. If this is to provide a family environment, i would suggest looking into a dns filter subscription of some sort for the network.

Wish i could have been more help on this subject, but as you stated in your OP, you can search high n dry for solutions to this and its bare bones on the answers.

Right. The interesting this is, I've used multiple VPNs with DNS filtering and none of them seem to work. Well, they might work just not well. My guess is, since there's no customization or gui, they are using as few lists as possible hoping nothing breaks. Fine in theory, but this renders the filtering function useless.
 

n8chavez

Level 17
Thread author
Well-known
Feb 26, 2021
842
From what I read on the net uBO in hard mode is not a replacement of DNS filtering otherwise there'll be no DNS filters around

uBO filters at your machine so it's fatser than DNS filtering which occurs at a remote server. And this extends to every browser extension based ad blockers

One good reason to keep uBO is its cosmetic filtering. The other is from a privacy point of view a browser extension might be better: filtering happens at your machine instead of a remote sever.

Anyway it's not a bad idea to keep both as they complement each other since none can filter everything on the net even with your own uBO filters.

DNS filtering was never going to be a replacement for uBo. It can't even do cosmetic filtering. But my issue is whether or not DNS filtering provided by VPS actually works well enough to not use NextDNS, ControlD, or AdGuard Home. Sadly, it does not.
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,040
DNS filtering was never going to be a replacement for uBo. It can't even do cosmetic filtering. But my issue is whether or not DNS filtering provided by VPS actually works well enough to not use NextDNS, ControlD, or AdGuard Home. Sadly, it does not.

So far I use Mullvad VPN with NextDNS. I have stopped using uBO for some time because i have Adguard for desktop in Windows. For my mobile I do not use uBO becuse it's difficult to block sites. Adguard extension is more user friendly

In short, I have stopped using uBO
 

n8chavez

Level 17
Thread author
Well-known
Feb 26, 2021
842
So far I use Mullvad VPN with NextDNS. I have stopped using uBO for some time because i have Adguard for desktop in Windows. For my mobile I do not use uBO becuse it's difficult to block sites. Adguard extension is more user friendly

In short, I have stopped using uBO

I just recently tried AdGuard for Windows. But I'm not going to use it anymore because it significantly reduces my connection speeds. That's a well-know bug that have been around for years but they've never fixed it.

OT, I know. But back on topic, I guess I'll be using ControlD instead of Mullvad's DNS filtering unless Mullvad responds by saying it's a known bug.
 
  • Like
Reactions: brambedkar59

FALLEN

Level 3
Verified
Well-known
Feb 13, 2015
114
But how do you know it's actually filtering anything? There's no webgui, or stats to indicated allows vs blocks. So how do we know how effective it is?

Thoughts?

If you are able to ping well-known ad domains, it means not being blocked. 🤔 I tested it with my VPN provider (not mullvad) with default DNS and adblock DNS.

The results
Untitled.png
 

n8chavez

Level 17
Thread author
Well-known
Feb 26, 2021
842
So, it seems there is no issue with VPN DNS filtering. It does what it is supposed to do. But perhaps there's an issue with Firefox's proxy connection settings. Maybe. When a socks5 proxy is configured, as in the screenshot below, and the option to proxy DNS to the server above is enable filtering within the browser does not work. If that proxy DNS option is not checked everything works like I expect. Why this I don't know. I guess I just assumed the proxy DNS option bound all DNS queries to the proxy server. Either this is not the case, or there is a bug in that feature.

But I am unable to ping addresses I know should be blocked when I'm connected to the VPN's DNS. That tells me the issue is with the browser and not the service.

2023-09-18_15h04_15.png
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top